summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2023-03-08 19:27:59 +0100
committermakefu <github@syntax-fehler.de>2023-03-08 19:27:59 +0100
commitcaa8f83e79f7373bf234874b8614117c3f7a0710 (patch)
tree9167f06d093d44a662536aa4b5e3d32c271ccca0
parent8b4c488bff6b61e2e3ed7c75d96b161a66f5a8c4 (diff)
parent2168f3961298b661fd010add7972a86af77f81de (diff)
Merge remote-tracking branch 'lass/master'
Diffstat
-rw-r--r--kartei/lass/prism.nix3
-rw-r--r--kartei/mic92/default.nix242
-rw-r--r--kartei/palo/default.nix21
-rw-r--r--kartei/palo/retiolum.pub13
-rw-r--r--krebs/1systems/hotdog/config.nix4
-rw-r--r--krebs/1systems/news/config.nix11
-rw-r--r--krebs/2configs/hotdog-host.nix9
-rw-r--r--krebs/2configs/news-host.nix9
-rw-r--r--krebs/2configs/news.nix3
-rw-r--r--krebs/3modules/sync-containers3.nix4
-rw-r--r--krebs/3modules/urlwatch.nix15
-rw-r--r--krebs/5pkgs/haskell/flameshot-once.nix20
-rw-r--r--krebs/5pkgs/haskell/much.nix8
-rw-r--r--krebs/5pkgs/haskell/pager.nix17
-rw-r--r--krebs/5pkgs/simple/flameshot-once/config.nix416
-rw-r--r--krebs/5pkgs/simple/flameshot-once/default.nix161
-rw-r--r--krebs/5pkgs/simple/flameshot-once/flameshot/default.nix16
-rw-r--r--krebs/5pkgs/simple/flameshot-once/flameshot/flameshot-12.history.patch28
-rw-r--r--krebs/5pkgs/simple/flameshot-once/flameshot/flameshot-12.imgur.patch43
-rw-r--r--krebs/5pkgs/simple/flameshot-once/profile.nix235
-rw-r--r--krebs/5pkgs/simple/fzfmenu/default.nix9
-rw-r--r--krebs/5pkgs/simple/htgen-imgur/default.nix2
-rw-r--r--krebs/5pkgs/simple/htgen-imgur/src/htgen-imgur2
-rw-r--r--krebs/5pkgs/simple/nixos-format-error.nix107
-rw-r--r--krebs/5pkgs/simple/pager.nix64
-rw-r--r--krebs/5pkgs/simple/xwaitforwindow.nix15
-rw-r--r--lass/1systems/aergia/config.nix6
-rw-r--r--lass/1systems/aergia/physical.nix73
-rw-r--r--lass/1systems/coaxmetal/config.nix6
-rw-r--r--lass/1systems/green/config.nix1
-rw-r--r--lass/1systems/lasspi/config.nix5
-rw-r--r--lass/1systems/lasspi/physical.nix21
-rw-r--r--lass/1systems/neoprism/config.nix11
-rw-r--r--lass/1systems/orange/config.nix1
-rw-r--r--lass/1systems/prism/config.nix5
-rw-r--r--lass/1systems/radio/config.nix2
-rw-r--r--lass/1systems/yellow/config.nix330
-rw-r--r--lass/2configs/antimicrox/default.nix33
-rw-r--r--lass/2configs/antimicrox/empty.amgp20
-rw-r--r--lass/2configs/antimicrox/mouse.amgp272
-rw-r--r--lass/2configs/baseX.nix4
-rw-r--r--lass/2configs/browsers.nix14
-rw-r--r--lass/2configs/jitsi.nix24
-rw-r--r--lass/2configs/mail.nix6
-rw-r--r--lass/2configs/mumble-reminder.nix6
-rw-r--r--lass/2configs/murmur.nix42
-rw-r--r--lass/2configs/print.nix14
-rw-r--r--lass/2configs/services/coms/default.nix6
-rw-r--r--lass/2configs/services/coms/jitsi.nix43
-rw-r--r--lass/2configs/services/coms/murmur.nix47
-rw-r--r--lass/2configs/services/coms/proxy.nix41
-rw-r--r--lass/2configs/services/flix/container-host.nix40
-rw-r--r--lass/2configs/services/flix/default.nix316
-rw-r--r--lass/2configs/services/flix/proxy.nix12
-rw-r--r--lass/2configs/services/radio/container-host.nix (renamed from lass/2configs/radio/container-host.nix)0
-rw-r--r--lass/2configs/services/radio/controls.html (renamed from lass/2configs/radio/controls.html)0
-rw-r--r--lass/2configs/services/radio/default.nix (renamed from lass/2configs/radio/default.nix)0
-rw-r--r--lass/2configs/services/radio/news.nix (renamed from lass/2configs/radio/news.nix)0
-rw-r--r--lass/2configs/services/radio/proxy.nix17
-rw-r--r--lass/2configs/services/radio/radio.liq (renamed from lass/2configs/radio/radio.liq)0
-rw-r--r--lass/2configs/services/radio/shell.nix (renamed from lass/2configs/radio/shell.nix)0
-rw-r--r--lass/2configs/services/radio/weather.nix (renamed from lass/2configs/radio/weather.nix)0
-rw-r--r--lass/2configs/services/radio/weather_for_ips.py (renamed from lass/2configs/radio/weather_for_ips.py)0
-rw-r--r--lass/2configs/xdg-open.nix26
-rw-r--r--lass/2configs/xmonad.nix6
-rw-r--r--lass/2configs/yellow-host.nix14
-rw-r--r--lass/3modules/browsers.nix94
-rw-r--r--lass/3modules/default.nix2
-rw-r--r--lass/3modules/xjail.nix173
-rw-r--r--lib/default.nix2
-rw-r--r--lib/genid.nix3
-rw-r--r--lib/svg-colors.json149
-rw-r--r--lib/types.nix38
m---------submodules/nix-writers0
-rw-r--r--tv/1systems/bu/config.nix2
-rw-r--r--tv/2configs/default.nix1
-rw-r--r--tv/2configs/gitrepos.nix6
-rw-r--r--tv/2configs/urlwatch.nix26
-rw-r--r--tv/2configs/wiregrill.nix37
-rw-r--r--tv/2configs/xserver/default.nix8
-rw-r--r--tv/5pkgs/haskell/xmonad-tv/default.nix8
-rw-r--r--tv/5pkgs/haskell/xmonad-tv/src/XMonad/Hooks/EwmhDesktops/Extra.hs117
-rw-r--r--tv/5pkgs/haskell/xmonad-tv/src/main.hs42
-rw-r--r--tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal29
-rw-r--r--tv/5pkgs/override/flameshot/default.nix15
-rw-r--r--tv/5pkgs/override/flameshot/flameshot_imgur_0.10.2.patch35
-rw-r--r--tv/5pkgs/simple/flameshot-once-tv.nix48
-rw-r--r--tv/5pkgs/simple/q/default.nix2
88 files changed, 2391 insertions, 1387 deletions
diff --git a/kartei/lass/prism.nix b/kartei/lass/prism.nix
index cfc05b636..d72b167b6 100644
--- a/kartei/lass/prism.nix
+++ b/kartei/lass/prism.nix
@@ -21,7 +21,7 @@ rec {
60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" )
default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB"
cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
- cgit CNAME ${config.krebs.hosts.prism.nets.internet.ip4.addr}
+ cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
pad 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
codi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
go 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
@@ -38,6 +38,7 @@ rec {
mail 60 IN AAAA ${config.krebs.hosts.prism.nets.internet.ip6.addr}
flix 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
testing 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
+ schrott 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
'';
};
nets = rec {
diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix
index 75f5b7fc9..98580100d 100644
--- a/kartei/mic92/default.nix
+++ b/kartei/mic92/default.nix
@@ -51,24 +51,6 @@ in {
};
};
};
- herbert = {
- owner = config.krebs.users.mic92;
- nets = rec {
- retiolum = {
- aliases = [ "herbert.r" ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA7ZINr8YxVwHtcOR+ySpc9UjnJWsFXlOyu3CnrJ8IrY+mPA25UmNZ
- stXd8QbJuxpad9HyPs294uW8UmXttEZzIwAlikVHasM5IQHVltudTTFvv7s3YFWd
- /lgpHbo8zOA2mafx+Sr02Fy/lHjk6BTf8IOzdJIpUHZL/P+FUl9baBwGLmtbEvPh
- fbvtf5QryBjJ9nRnb+wsPVpeFE/LncIMK/bYQsyE01T5QDu/muAaeYPbgm6FqaQH
- OJ4oEHsarWBvU1qzgz/IRz0BHHeTrbbP3AG/glTwL02Z1mtTXSjME7cfk7ZRM5Cj
- jXAqnqu2m1B08Kii+zYp4BPZDmPLT5gq+QIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
rauter = {
owner = config.krebs.users.mic92;
nets = rec {
@@ -161,19 +143,20 @@ in {
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAt/dCDTvJU5jugP+5pk2CNM8X6cOnFonJv2eS253nsmKI97T9FSUa
- QDt417MoqAJNEeZw7o4ve1fmdZmtfKgmXYdDJi2HSJCJoKY6FUgVOKevtzGg4akl
- 4mKTy2z59CxyIbA41MHyLq18W3NLabQ41NpWGBRt9jvHQpZfd+wI8t5IIzdvFrKo
- JSOFRbzEBL5//Hc3N/443cUg4IMyDBTemS7/jaZ2/Mn+PVZAdoIPLEZjFeWewmTF
- Jd8Bsc2thzAREYHYnawhq3PLJSebMJd91pCdkD0NB0i59VKORcQTFady3fzE9+w4
- RSTqAdBTUDuxzU/B8g1dp89/qW+fVPiFuB5Pf7D9t2DgxTDAeSXMiId/4Hwa0B1G
- QCnCedz0Qk2UdId16BTS8DSq8Pd9fawU6qCmPY6ahSiw5ZQ6odMvDISb480cKj41
- pslLjhIItTk3WEs8MwnQCzweNABuCK7GzT7CNaYm3f9pznBlOB+KfoZ6mrlzKkEK
- u+gFJXTFym0ZF0wheXO7FCJ1jp4LFHqKGS3zWQyT7isjLsbcQzpOe8/FdiFlQvlG
- vltL+5JjcahAMHc/ba+pRa5rSy8ebqf68fg4jlkT94Za13bCIHdK5w7eAXR3s/9z
- H2wZmhvajUIZAxQSgFUy+7kKWOIkWqFkGPIdmbdwTaHC88OWshvRv8ECAwEAAQ==
+ MIICCgKCAgEAvanhJvtvqnTGblOF9Dy7Un3vaLAJHGeu9z8YMARFh6ENe+duILp0
+ IDjJMZc7F3J01RbkjkfbzPiXmHN532MBcbKnp0Z5eUld/XmDdNCc3ekTifrYs2em
+ eJKFrx2Vhsx924PZ8cOOf7P+JuqJNQzMiy7ohATjpMLU9If1tjqSyV+/lGjbjckN
+ /e88XtG7Z4Cu5LdbD5Ajb4Rzp9gL0ae4aNw+2nX3wMJLYEjOcmBYuMzBcLYzVnZw
+ YrtgN9RV8md9gdb2B/Fj1PdJGDyjdiuGRE9LnloC3dpMSkmhbNm9DthsThaWMUn1
+ DyrtHrJoyNTO8OvyTfWK7EqKqZcZ+0gaTmtec5VCYWSCpb/CWLmHL3ydTyzNhtRA
+ 9ZFRwPQUdBsYQ/G/xtGrMQf5T/FdqUj3bD5pGlw6vheabBkD8a8Bt7WB52fzWWb0
+ MZZlxyWiHoIim83LI8Qa5WHkJ7jZkV8XdrwsA7hkJpVikJIbWsdzwQVWBVvz5WiF
+ 0z1vi/cb5EYe3MRRshhG5VpTHBJzDRmvkdbKqrWi8dFEzJGkr0NPflmVKYAIBnRI
+ xLemDSacswrvY1x9cdzCsNI92SkYxCvsVI27DCeeF5cfkApkZ0YcnOJm+3joTgpP
+ uF8mQiPsyavyuBg4QWWPwGJosDRbycmHEzGDRLoizSkAQX5c+rvCvVECAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
+ tinc.pubkey_ed25519 = "5ZhQyLQ2RLTkKvFCN38dfmqfjZOnZmm19Vr1eiOVlID";
};
};
aenderpad = {
@@ -239,37 +222,6 @@ in {
tinc.pubkey_ed25519 = "ZQt/OcrDlQZvtJyMEFcS6FKjtumBA9gBWr7VqGdbJBP";
};
};
- martha = {
- owner = config.krebs.users.mic92;
- nets = rec {
- internet = {
- ip4.addr = "129.215.165.53";
- ip6.addr = "2001:630:3c1:164:6d4:c4ff:fe04:4aba";
- aliases = [ "martha.i" ];
- };
- retiolum = {
- via = internet;
- ip4.addr = "10.243.29.179";
- aliases = [ "martha.r" ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEA3lR3Wup2yd9SYs9n9a7lq/jXxlKdwjgp9gPEirLn3/XCFM7NpLIp
- LRm3Wdplv0NWim4zI3AsdGmUBrV3y0Ugj48Td4RpXlOiFjS8NHnvRbamCZF7m/pJ
- 3T/QpQx98+QEKXb3gZ5aDGgcHLRbUYUBuwFOxAKaikuDe2qJxqXqOmA7RXZDkEqe
- FrQE/H1/+8HqJ1vhgZKi3Vu7zLRB1EV8nggWFjQKR8o0AeViLwM3OxFtGyKTaXuK
- WAQrvSdKQDpQwqAPogyeftGesOfW7z0xrelkux10p42YM9epYvZDFRG97/nupw/S
- iYGiTTFDBDTzpyT3zl1uwhmQ3re/nJXf5e4fgnZEcsweU8ysHtDhbimqrm9impVn
- XdKnnuNa9F8VlyHCT2pVC9+WDKDNtA2M8f+8lG8/hoJ7hhp5HhBZ3ncROyQqOg4F
- e6YtaFidi+fYXjQkdUXHv5FCkqFJnoxZdI2vwqU2DumltG/o+qsksI2WSsLsuMVs
- sa4KUq0+5OsmCJnIAKWV2YwbLVf1tJMjPGA0jQECrHPL6SKobRefqav6MPuTbytC
- 4frtEIGbfdKqQ6nNTvTpCrAo+WAm3NE3khTYqGe4LqX/JMoGtWXp/Ex9IdG+sflM
- mESMjuHp9vPY4aZGPtYPP93Cxv3q7gm+EfIGebajISpaG28J+XjiNNsCAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- tinc.pubkey_ed25519 = "emKq1mfkW4/aCoCwmeFU3DtppKs+KsTvd9YGoFkFgdC";
- };
- };
- };
matchbox = {
owner = config.krebs.users.mic92;
nets = {
@@ -294,32 +246,6 @@ in {
};
};
};
- sauron = {
- owner = config.krebs.users.mic92;
- nets = rec {
- internet = {
- ip4.addr = "129.215.165.75";
- ip6.addr = "2001:630:3c1:164:d65d:64ff:feb0:e8a8";
- aliases = [ "sauron.i" ];
- };
- retiolum = {
- via = internet;
- ip4.addr = "10.243.29.194";
- aliases = [ "sauron.r" ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAxmCryT4ZEhPOvdZhWhYZsRS7sz1njSh2ozh6iwXRXhjRjZ9tYZVQ
- GoYc6ADnWCnb9SGpPe1WqwFMblfKofnXCvC4wLQaFsch1GIMPhujosJ4Te84BHi1
- XKqyompotE2F7iWYPE6i6UAdRK2dCapfCbiDBOjMhCnmmhM1oY5Bv/fBtx3/2N7E
- W+iN6LG2t9cKibs8qrLzFtJIfWn8uXU9dkdhX3d9guCdplGOn/NT/Aq3ayvA+/Mf
- 74oJVJgBT5M1rTH2+u+MU+kC+x2UD+jjXEjS55owFWsEM1jI4rGra+dpsDuzdGdG
- 67wl9JlpDBy4Tkf2Bl3CQWZHsWDsR6jCqwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- tinc.pubkey_ed25519 = "Z5+fArxMfP8oLqlHpXadkGc9ROOPHBqugAMD2czmNlJ";
- };
- };
- };
bill = {
owner = config.krebs.users.mic92;
nets = rec {
@@ -435,73 +361,6 @@ in {
};
};
};
- harsha = {
- owner = config.krebs.users.mic92;
- nets = {
- retiolum = {
- ip4.addr = "10.243.29.184";
- aliases = [
- "harsha.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA9VVG+kwSXDmjLuNCT6Mp9xTCj9IdzgjWxkExEH/Jd9kgVNXRa+39
- P8OQuHXi9fC/51363hh7ThggneIxOs2R4fZDyUcWfzv13aik34U0e+tYjhWXig+o
- MClkK4/uhLrsk370MQVevpjYW23S5d+pThOm84xIchvjR9nqzp6E3jzjhyeQwHJg
- dM48y7XT2+7hLvOkkEQ8xLcd35J228wVSilsSYhye1D2+ThRDbjjEkKXnIeOmU5h
- TPNvn+U0lVdwUDYlS+XUhNl3awRdfzTYlPvUhTWv9zwSxS5EQjvgMqC/3/fQod2K
- zyYdPwCwEyrksr9JvJF/t+oCw4hf3V4iOwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
-
- redha = {
- owner = config.krebs.users.mic92;
- nets = {
- retiolum = {
- ip4.addr = "10.243.29.188";
- aliases = [
- "redha.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAx7STxTTPMxXugweHpUGOeLUrrTSCt7j5l+fjNtArIygOGKEiAC5O
- s0G4WHK2IcrNnv7pxS09S5mnXywi51aAL+G2fKzcU3YgLFuoUN4Kk5LohMvBynEE
- a3kZK2/D+LMeFfpK2RWBPjLnulN29ke11Iot42TC6+NIMWiZh/Y2T0mKirUJQGsH
- RV3zRlR7YfIOdR1AZ5S+qrmPF8hLb7O08TTXrHo8NQk5NAVUS89OYcn1pc9hnf/e
- FK5qRrQFMRFB8KGV+n3+cx3XCM2q0ZPTNf06N+Usx6vTKLASa/4GaTcbBx+9Dndm
- mFVWq9JjLa8e65tojzj8PhmgxqaNCf8aKwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- tinc.pubkey_ed25519 = "oRGc9V9G9GFsY1bZIaJamoDEAZU2kphlpxXOMBxI2GN";
- };
- };
- };
-
- grandalf = {
- owner = config.krebs.users.mic92;
- nets = {
- retiolum = {
- ip4.addr = "10.243.29.187";
- aliases = [
- "grandalf.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAn1wLOI8DluJAKvscyImoyG0gjxyVC1/Ky8A63YO7INy0SYBg3wU7
- XPSbix5VJZdADQ382LWg31ORYjnDg40c49gCGLfR6+awgd+Rb0sb4eAz07XENXJC
- qc70oQrrXLi8HIfeckCsJHe514LJOMA3pU+muaMShOiSygoTiTlEH6RRrkC8HROL
- 2/V7Hm2Sg7YS+MY8bI/x61MIagfkQKH2eFyqGG54Y80bIhm5SohMkiANu78GdngI
- jb+EGlT/vq3+oGNFJ7Shy/VsR5GLDoZ5KCsT45DM87lOjGB7m+bOdizZQtWmJtC/
- /btEPWJPAD9lIY2iGtPrmeMWDNTW9c0iCwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- tinc.pubkey_ed25519 = "dzjT09UeUGJCbUFrBo+FtbnXrsxFQnmqmJw7tjpJQJL";
- };
- };
- };
doctor = {
owner = config.krebs.users.mic92;
@@ -989,6 +848,83 @@ in {
};
};
};
+
+ amy = {
+ owner = config.krebs.users.mic92;
+ nets = rec {
+ internet = {
+ # amy.dse.in.tum.de
+ ip4.addr = "131.159.102.20";
+ ip6.addr = "2a09:80c0:102::20";
+ aliases = [ "amy.i" ];
+ };
+ retiolum = {
+ aliases = [ "amy.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEApa/qv4uKxr8lpQQau3dqgNqtXOtnN/u/5VlF2f/oNt+cDUAmAgaq
+ 6ktUv5HT27xCye1lJ2XNaXDF1lSUNgpdhmv7lnqqwDYi3m8HBnBMUlgXuT1mFtFv
+ RybbrvbedKka4+MMXsUmFJj1udOzJSBfRIVO+M4lRvyWUbm2R18mnrz6DK9++EmL
+ JCTOcBZYzjCa7OciBPJfjLrLAZZC9JnRxrvAnF2tMzGZiaCI4uX5ZKUMeMO/pwBD
+ 13MhxdDJeXOl98+nKRBZzft9K0qZmAnfR1a9a0dS6hstUWvl1xDLQP3L+/89sjee
+ PjchaS9qQxdjj6USCEqMJOyetWzN3rabSwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "a4tdZ49nmEgYqhW11FDPhV+Oj2IFsOV2PSjxgJlceeH";
+ };
+ };
+ };
+ rose = {
+ owner = config.krebs.users.mic92;
+ nets = rec {
+ internet = {
+ # clara.dse.in.tum.de
+ ip4.addr = "131.159.102.21";
+ ip6.addr = "2a09:80c0:102::21";
+ aliases = [ "rose.i" ];
+ };
+ retiolum = {
+ aliases = [ "rose.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAtinCwGjGfFTdpU+CnugM4MH6z4XLFlLMIW4Z642iq2arXOrrCq09
+ yRG5UC6CBqORnF2FZhHu+wJQMexLXNILavyG6JXERvCm6S5MaFc2YlHSyBcV4AqE
+ Zrjb1wSvlXGcom8C6/HGElsHqI9ULtiUqEEzES6UgUVcO7QrEy03264KZ0y4M/Ov
+ 5CpXbyg6tRl3CoLJE+eXyLdOGwHo/eN7M+YSaTU6bEYjJGYAltnJDO9DZxtnaZn2
+ qSImJEwRD7YMPvs/zf/kKI6ihaF/oQMWyj/f0Ik/eif7rd3DRBlWFaZYr+JQBRZg
+ jkaQ6EEX94WKHv6RgI25dqh8hpMaoY0OYQIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "GZyz9AVjJlbE34pS2zURwVBZCCzpD0S+VqToLlB5aBI";
+ };
+ };
+ };
+
+ clara = {
+ owner = config.krebs.users.mic92;
+ nets = rec {
+ internet = {
+ # clara.dse.in.tum.de
+ ip4.addr = "131.159.102.22";
+ ip6.addr = "2a09:80c0:102::22";
+ aliases = [ "clara.i" ];
+ };
+ retiolum = {
+ aliases = [ "clara.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAqebCzWDLcSU0uSA54Ublw8JSM5kErwJlOr2QOFVm0/QPWNDDqoV4
+ rquS25NRZ37c4hj3BuINQrItAy7pOVrp0SARXZdyqMz3VoGndDge6p/8KEuRFQZi
+ nmYrnsSuys0HOLfb2xQkOkGKBwyEc1hNGHFcw8XtJJMZSFBchQp1C8o3B3uXZq7j
+ yBdUAh0crLPbL+B/xzZPDdLMigh922ejuPuGhtrTKOIQ1Jhyi5ft/Xif5JJja1Ru
+ i/FUxzy/PBz+h7X3yTv4DOIyuMYMJQZpsUGBj7cwueab6rgxyV8upHLdZQ/2YI7m
+ Q6cFnskLkLGlnR/gXcamgj3Sa7J3HQX9TwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "WjXoFt4TG0SqCewYXyH563MACWxhjDixCv1Dk8mDe9B";
+ };
+ };
+ };
};
users = {
mic92 = {
diff --git a/kartei/palo/default.nix b/kartei/palo/default.nix
index 9d35c3808..6fc9a594f 100644
--- a/kartei/palo/default.nix
+++ b/kartei/palo/default.nix
@@ -17,13 +17,28 @@ let
in
{
hosts = mapAttrs hostDefaults {
- sterni = {
+ sol = {
owner = config.krebs.users.palo;
nets = {
retiolum = {
tinc.port = 720;
- aliases = [ "sterni.r" ];
- tinc.pubkey = builtins.readFile ./retiolum.pub;
+ aliases = [ "sol.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAxrvdMSAcOJXM1TbIIDZ+zPojrcRG3RVMfPC2/0DasRpBFSuS+L60
+ mQEs0l0ptAL6Sbr4+9gfaHkdETfYpeKB4Q4lCPahMq88YfTyB1f3tEOqW3vP22nC
+ Z+Yf+W/sTLWVRoDoS/Eok6wS95R1IQ74vr37YXdbJTD/eeX6sAJkn2I2RV5PD6Bu
+ lHsMuunAj+PyhAgqb2P393h7FN4exL0xM6UbHbgsd9OSp5qKTjZE3jeOyWmounK1
+ 7n+8pyRjI0VE47ontnj/GANwpsxRFFtRGmG/S5KhUBXMv7wZr/vaVETRphAu+KhT
+ NqdclmGkQlB/YBodzJID7C21Zz4b33kcn12TU3nc6AL5u9j3sU2sEu/22fAZBWLV
+ yOZ9l/Qe4aJkIbdL70Gvp9G8m7+M4vkdM+e/nA5cZT0N9ArI2D5ltJRd7VLVzxef
+ Y0t/bS9bVOcNt2Sgd81Ubg0OmF2paHGGboAAMqXhf3afwCMyXcDsP6sgPXOIEu7Q
+ hjuo5rg6Fu8eK9edAAQ2afl52GiFUawzjHbjGANwVyea1JTQ3uR6eBtxGOEaYpkr
+ vbl75CxLwE0YA0L3VwhJTNLMVldTrUi2M76QedjzyePkJHMijHT5+0nqTlsmjcNg
+ uv89Mh9shNKdqulfGjTAFyKjTCuUe/rCprJ5CeZWBaEuQKYkcZuMkJsCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "qCJvjlNz5YNOz5IEiwGaoK3InSVCL76uNl+xVBUa/AP";
};
};
};
diff --git a/kartei/palo/retiolum.pub b/kartei/palo/retiolum.pub
deleted file mode 100644
index 65284d51d..000000000
--- a/kartei/palo/retiolum.pub
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN RSA PUBLIC KEY-----
-MIICCgKCAgEA2ACttoosnRZ99o+OyMrxBdUWPqsT5btzSIQ5dU1XWqGjO4nRchCE
-8tO0b/4jqVgJVTRZVIUJQESZRlSmclsCAjdM8tsGj74CJrm7tBvgbBn2IObSs5+4
-oJWe57VsQaeHPuI2JZuGqv8Z3Esw+B07bQS5VTaC1ISo7vnLG/q5XLCbKHB9JZc/
-ztYbk4bEQHwbulfoPjD9FY3heLnTzqPw9Xr3ixao5gbAXfWNJM+iCluMq+Q2g1BD
-ozSnyYvaGLQ6h4yksDp+xuK8YCqiRj174EkXySI8Jee1CBMuI8ciX/5Q7yzvzscQ
-ZQ/MLVdx3MRW+VeT0ctaRzoA9E09ILqPe+56DjpsKzt4Ne8qeMG5HdpzO9UdNzTu
-MuibsCL7CJy5Ytl38PK+LAXHQr3Os1Z4OHjeTZ38vTAZcOUJZEkl6w9nO1XjcyBL
-rIaG+20Nx0ZU79MlJZFiG7ovlUiDfIEKNygng8v/yoTMaqMYLxQZ/leQwLMNLujo
-sku8+oV4Jvx4SyUjuAS6jgG9CnejLCnHP/yyDGdaMQSzmlzYXacLMfnPZE3r7bj1
-EjA6yQbkPixm7xLCyMm5u2leWtqtbg1oRA6Mw3UyYkNy3hiTU+jTvztEI3SCliDH
-yjGlESH4/edryKjLNjmYP77VFbM9ZSQ+QGlbMGPvjcn6XCdJGdxm3PUCAwEAAQ==
------END RSA PUBLIC KEY-----
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 9849937d5..70307a96b 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -26,4 +26,8 @@
boot.isContainer = true;
networking.useDHCP = false;
+ krebs.sync-containers3.inContainer = {
+ enable = true;
+ pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM20tYHHvwIgrJZzR35ATzH9AlTrM1enNKEQJ7IP6lBh";
+ };
}
diff --git a/krebs/1systems/news/config.nix b/krebs/1systems/news/config.nix
index 620e6249e..b27fc3737 100644
--- a/krebs/1systems/news/config.nix
+++ b/krebs/1systems/news/config.nix
@@ -17,13 +17,8 @@
boot.isContainer = true;
networking.useDHCP = lib.mkForce true;
- krebs.bindfs = {
- "/var/lib/brockman" = {
- source = "/var/state/brockman";
- options = [
- "-m ${toString config.users.users.brockman.uid}:${toString config.users.users.nginx.uid}"
- ];
- clearTarget = true;
- };
+ krebs.sync-containers3.inContainer = {
+ enable = true;
+ pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMBVZomw68WDQy0HsHhNbWK1KpzaR5aRUG1oioE7IgCv";
};
}
diff --git a/krebs/2configs/hotdog-host.nix b/krebs/2configs/hotdog-host.nix
new file mode 100644
index 000000000..95d70376b
--- /dev/null
+++ b/krebs/2configs/hotdog-host.nix
@@ -0,0 +1,9 @@
+{
+ krebs.sync-containers3.containers.hotdog = {
+ sshKey = "${toString <secrets>}/hotdog.sync.key";
+ };
+ containers.hotdog.bindMounts."/var/lib" = {
+ hostPath = "/var/lib/sync-containers3/hotdog/state";
+ isReadOnly = false;
+ };
+}
diff --git a/krebs/2configs/news-host.nix b/krebs/2configs/news-host.nix
index 07674c86e..71793e518 100644
--- a/krebs/2configs/news-host.nix
+++ b/krebs/2configs/news-host.nix
@@ -1,10 +1,5 @@
{
- krebs.sync-containers.containers.news = {
- peers = [
- "shodan"
- "mors"
- "styx"
- ];
- format = "plain";
+ krebs.sync-containers3.containers.news = {
+ sshKey = "${toString <secrets>}/news.sync.key";
};
}
diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix
index d6c6371da..9d9470727 100644
--- a/krebs/2configs/news.nix
+++ b/krebs/2configs/news.nix
@@ -74,7 +74,7 @@
limits.identlen = 100;
history.enabled = false;
};
- systemd.services.brockman.bindsTo = [ "ergo.service" ];
+ systemd.services.brockman.bindsTo = [ "ergochat.service" ];
systemd.services.brockman.serviceConfig.LimitNOFILE = 16384;
systemd.services.brockman.environment.BROCKMAN_LOG_LEVEL = "DEBUG";
krebs.brockman = {
@@ -87,6 +87,7 @@
nick = "brockman";
extraChannels = [ "#all" ];
};
+ statePath = "/var/state/brockman/brockman.json";
bots = {};
};
};
diff --git a/krebs/3modules/sync-containers3.nix b/krebs/3modules/sync-containers3.nix
index 4a00b23ab..ed147b30e 100644
--- a/krebs/3modules/sync-containers3.nix
+++ b/krebs/3modules/sync-containers3.nix
@@ -104,7 +104,9 @@ in {
consul lock sync_${ctr.name} ${pkgs.writers.writeDash "${ctr.name}-sync" ''
set -efux
if /run/wrappers/bin/ping -c 1 ${ctr.name}.r; then
- nice --adjustment=30 rsync -a -e "ssh -i $CREDENTIALS_DIRECTORY/ssh_key" --timeout=30 container_sync@${ctr.name}.r:disk "$HOME"/disk
+ nice --adjustment=30 rsync -a -e "ssh -i $CREDENTIALS_DIRECTORY/ssh_key" --timeout=30 --inplace --sparse container_sync@${ctr.name}.r:disk "$HOME"/disk.rsync
+ touch "$HOME"/incomplete
+ nice --adjustment=30 rsync --inplace "$HOME"/disk.rsync "$HOME"/disk
rm -f "$HOME"/incomplete
fi
''}
diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix
index 2e336de21..113f6e65d 100644
--- a/krebs/3modules/urlwatch.nix
+++ b/krebs/3modules/urlwatch.nix
@@ -71,7 +71,7 @@ let
description = "URL to watch.";
example = [
https://nixos.org/channels/nixos-unstable/git-revision
- { url = http://localhost ; filter = "grep:important.*stuff"; }
+ { url = http://localhost ; filter = [ (grep "important.*stuff") ]; }
];
apply = map (x: getAttr (typeOf x) {
set = x;
@@ -177,12 +177,15 @@ let
echo Date: $(date -R)
echo From: ${shell.escape cfg.from}
echo Subject: $(
- sed -n 's/^\(CHANGED\|ERROR\|NEW\): //p' changes \
- | tr '\n' ' '
+ sed -nr 's/^(CHANGED|ERROR|NEW): //p' changes |
+ sed '1!s/^ //'
)
echo To: ${shell.escape cfg.mailto}
+ echo Mime-Version: 1.0
+ echo Content-Type: text/plain\; charset=UTF-8
+ echo Content-Transfer-Encoding: base64
echo
- cat changes
+ base64 changes
} | /run/wrappers/bin/sendmail -t
fi
''}
@@ -211,7 +214,9 @@ let
};
filter = mkOption {
default = null;
- type = with types; nullOr str; # TODO nullOr subtypes.filter
+ type =
+ with types;
+ nullOr (either str (listOf (pkgs.formats.json {}).type));
};
ignore_cached = mkOption {
default = null;
diff --git a/krebs/5pkgs/haskell/flameshot-once.nix b/krebs/5pkgs/haskell/flameshot-once.nix
deleted file mode 100644
index c8007ce9e..000000000
--- a/krebs/5pkgs/haskell/flameshot-once.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ mkDerivation, async, base, blessings, bytestring, dbus, fetchgit
-, iso8601-time, lib, process, random, text, time, unagi-chan, unix
-}:
-mkDerivation {
- pname = "flameshot-once";
- version = "1.4.0";
- src = fetchgit {
- url = "https://cgit.krebsco.de/flameshot-once";
- sha256 = "13szgsiwn29aixm5xvs1m7128y5km5xss0ry5ii5y068rc2vysw8";
- rev = "4475893c2081b3d9db4b7a54d0ce38d0914a17bf";
- fetchSubmodules = true;
- };
- isLibrary = false;
- isExecutable = true;
- executableHaskellDepends = [
- async base blessings bytestring dbus iso8601-time process random
- text time unagi-chan unix
- ];
- license = lib.licenses.mit;
-}
diff --git a/krebs/5pkgs/haskell/much.nix b/krebs/5pkgs/haskell/much.nix
index 5045465e6..865294daf 100644
--- a/krebs/5pkgs/haskell/much.nix
+++ b/krebs/5pkgs/haskell/much.nix
@@ -7,13 +7,13 @@
, servant-server, split, terminal-size, text, time, transformers
, transformers-compat, unix, vector, wai, warp
}:
-mkDerivation {
+mkDerivation rec {
pname = "much";
- version = "1.3.1";
+ version = "1.3.2";
src = fetchgit {
url = "https://cgit.krebsco.de/much";
- sha256 = "0gwyhqcvg9ywna8fhb9hnx97qh5inglj3l0pcwkgwcvm27mfpcqa";
- rev = "77357335a3a88a4b93f91a46ab939a1a9b192977";
+ hash = "sha256-q65EYO1d3NYVv2NECkGWPb1TyHGdARNi/GX4pgQmljc=";
+ rev = "refs/tags/${version}";
fetchSubmodules = true;
};
isLibrary = true;
diff --git a/krebs/5pkgs/haskell/pager.nix b/krebs/5pkgs/haskell/pager.nix
index 2f4a71f34..36709788c 100644
--- a/krebs/5pkgs/haskell/pager.nix
+++ b/krebs/5pkgs/haskell/pager.nix
@@ -1,21 +1,22 @@
-{ mkDerivation, base, blessings, bytestring, containers
-, data-default, hack, lib, optparse-applicative, probability
-, scanner, speculate, split, terminal-size, text, unix, X11
-, fetchgit
+{ mkDerivation, aeson, base, blessings, bytestring, containers
+, data-default, extra, fetchgit, hack, lib, optparse-applicative
+, probability, scanner, speculate, split, terminal-size, text, unix
+, utf8-string, X11
}:
mkDerivation {
pname = "pager";
version = "1.0.0";
src = fetchgit {
url = "https://cgit.krebsco.de/pager";
- sha256 = "1qlkhqidaa6w02ix9ambfdsm7lfyx30ap481b9ic1ppyfkhqzfp6";
- rev = "fc6105a5e7d1e3a07bf07ea85e7902dd8e9fc849";
+ sha256 = "07wjlhnb27vfhkqq5vhi768mlrcpwl4b2yfk04v3lw047q6pmby0";
+ rev = "dfa3ff346d22d332ffbadd46963f1cc5cb2a4939";
fetchSubmodules = true;
};
- isLibrary = false;
+ isLibrary = true;
isExecutable = true;
+ libraryHaskellDepends = [ base extra utf8-string X11 ];
executableHaskellDepends = [
- base blessings bytestring containers data-default hack
+ aeson base blessings bytestring containers data-default hack
optparse-applicative probability scanner speculate split
terminal-size text unix X11
];
diff --git a/krebs/5pkgs/simple/flameshot-once/config.nix b/krebs/5pkgs/simple/flameshot-once/config.nix
new file mode 100644
index 000000000..24df403aa
--- /dev/null
+++ b/krebs/5pkgs/simple/flameshot-once/config.nix
@@ -0,0 +1,416 @@
+{ config, pkgs, ... }:
+with pkgs.stockholm.lib;
+
+let
+ # Encode integer to C-escaped string of bytes, little endian / LSB 0
+ le = rec {
+ x1 = i: let
+ i0 = mod i 16;
+ i1 = i / 16;
+ in
+ if i == 0 then
+ "\\0"
+ else if i < 16 then
+ "\\x${elemAt hexchars i0}"
+ else
+ "\\x${elemAt hexchars i1}${elemAt hexchars i0}";
+
+ x2 = i: let
+ i0 = mod i 256;
+ i1 = i / 256;
+ in
+ "${x1 i1}${x1 i0}";
+
+ x4 = i: let
+ i0 = mod i 65536;
+ i1 = i / 65536;
+ in
+ "${x2 i1}${x2 i0}";
+ };
+
+ toQList = t: xs:
+ assert t == "int";
+ "QList<${t}>${le.x4 0}${le.x1 (length xs)}${concatMapStrings le.x4 xs}";
+in
+
+{
+ options = {
+ imgur = mkOption {
+ default = {};
+ type = types.submodule {
+ options = {
+ enable = mkEnableOption "imgur";
+ createUrl = mkOption {
+ example = "http://p.r/image";
+ type = types.str;
+ };
+ deleteUrl = mkOption {
+ example = "http://p.r/image/delete/%1";
+ type = types.str;
+ };
+ xdg-open = mkOption {
+ default = {};
+ type = types.submodule {
+ options = {
+ enable = mkEnableOption "imgur.xdg-open" // {
+ default = true;
+ };
+ browser = mkOption {
+ default = "${pkgs.coreutils}/bin/false";
+ type = types.str;
+ };
+ createPrefix = mkOption {
+ default = config.imgur.createUrl;
+ type = types.str;
+ };
+ deletePrefix = mkOption {
+ default = removeSuffix "/%1" config.imgur.deleteUrl;
+ type = types.str;
+ };
+ };
+ };
+ };
+ };
+ };
+ };
+ package = mkOption {
+ type = types.package;
+ default = import ./flameshot { inherit pkgs; };
+ };
+ settings = {
+ # Options without a description are not documented in flameshot's README.
+ # Compare with:
+ # nix-shell -p flameshot-once.dev --run get-recognizedGeneralOptions
+ General = mapAttrs (_: recursiveUpdate { default = null; }) {
+ allowMultipleGuiInstances = mkOption {
+ description = ''
+ Allow multiple instances of `flameshot gui` to run at the same time
+ '';
+ type = with types; nullOr bool;
+ };
+ antialiasingPinZoom = mkOption {
+ description = ''
+ Anti-aliasing image when zoom the pinned image
+ '';
+ type = with types; nullOr bool;
+ };
+ autoCloseIdleDaemon = mkOption {
+ description = ''
+ Automatically close daemon when it's not needed
+ '';
+ type = with types; nullOr bool;
+ };
+ buttons = let
+ buttonTypes = {
+ # Generated with:
+ # nix-shell -p flameshot-once.dev --run get-buttonTypes
+ TYPE_PENCIL = 0;
+ TYPE_DRAWER = 1;
+ TYPE_ARROW = 2;
+ TYPE_SELECTION = 3;
+ TYPE_RECTANGLE = 4;
+ TYPE_CIRCLE = 5;
+ TYPE_MARKER = 6;
+ TYPE_SELECTIONINDICATOR = 7;
+ TYPE_MOVESELECTION = 8;
+ TYPE_UNDO = 9;
+ TYPE_COPY = 10;
+ TYPE_SAVE = 11;
+ TYPE_EXIT = 12;
+ TYPE_IMAGEUPLOADER = 13;
+ TYPE_OPEN_APP = 14;
+ TYPE_PIXELATE = 15;
+ TYPE_REDO = 16;
+ TYPE_PIN = 17;
+ TYPE_TEXT = 18;
+ TYPE_CIRCLECOUNT = 19;
+ TYPE_SIZEINCREASE = 20;
+ TYPE_SIZEDECREASE = 21;
+ TYPE_INVERT = 22;
+ TYPE_ACCEPT = 23;
+ };
+ iterableButtonTypes = [
+ # Generated with:
+ # nix-shell -p flameshot-once.dev --run get-iterableButtonTypes
+ "TYPE_ACCEPT"
+ "TYPE_ARROW"
+ "TYPE_CIRCLE"
+ "TYPE_CIRCLECOUNT"
+ "TYPE_COPY"
+ "TYPE_DRAWER"
+ "TYPE_EXIT"
+ "TYPE_IMAGEUPLOADER"
+ "TYPE_MARKER"
+ "TYPE_MOVESELECTION"
+ "TYPE_OPEN_APP"
+ "TYPE_PENCIL"
+ "TYPE_PIN"
+ "TYPE_PIXELATE"
+ "TYPE_RECTANGLE"
+ "TYPE_REDO"
+ "TYPE_SAVE"
+ "TYPE_SELECTION"
+ "TYPE_SIZEDECREASE"
+ "TYPE_SIZEINCREASE"
+ "TYPE_TEXT"
+ "TYPE_UNDO"
+ ];
+ in mkOption {
+ apply = names:
+ if names != null then let
+ values = map (name: buttonTypes.${name}) names;
+ in
+ ''@Variant(\0\0\0\x7f\0\0\0\v${toQList "int" values})''
+ else
+ null;
+ description = ''
+ Configure which buttons to show after drawing a selection
+ '';
+ type = with types; nullOr (listOf (enum iterableButtonTypes));
+ };
+ checkForUpdates = mkOption {
+ type = with types; nullOr bool;
+ };
+ contrastOpacity = mkOption {
+ description = ''
+ Opacity of area outside selection
+ '';
+ type = with types; nullOr (boundedInt 0 255);
+ };
+ contrastUiColor = mkOption {
+ description = ''
+ Contrast UI color
+ '';
+ type = with types; nullOr flameshot.color;
+ };
+ copyAndCloseAfterUpload = mkOption {
+ type = with types; nullOr bool;
+ };
+ copyOnDoubleClick = mkOption {
+ type = with types; nullOr bool;
+ };
+ copyPathAfterSave = mkOption {
+ description = ''
+ Copy path to image after save
+ '';
+ type = with types; nullOr bool;
+ };
+ copyURLAfterUpload = mkOption {
+ description = ''
+ On successful upload, close the dialog and copy URL to clipboard
+ '';
+ type = with types; nullOr bool;
+ };
+ disabledTrayIcon = mkOption {
+ description = ''
+ Whether the tray icon is disabled
+ '';
+ type = with types; nullOr bool;
+ };
+ drawColor = mkOption {
+ description = ''
+ Last used color
+ '';
+ type = with types; nullOr flameshot.color;
+ };
+ drawFontSize = mkOption {
+ type = with types; nullOr positive;
+ };
+ drawThickness = mkOption {
+ description = ''
+ Last used tool thickness
+ '';
+ type = with types; nullOr positive;
+ };
+ filenamePattern = mkOption {
+ description = ''
+ Filename pattern using C++ strftime formatting
+ '';
+ type =
+ # This is types.filename extended by [%:][%:+]*
+ with types;
+ nullOr (addCheck str (test "[%:0-9A-Za-z._][%:+0-9A-Za-z._-]*"));
+ };
+ fontFamily = mkOption {
+ type = with types; nullOr str;
+ };
+ historyConfirmationToDelete = mkOption {
+ type = with types; nullOr bool;
+ };
+ ignoreUpdateToVersion = mkOption {
+ description = ''
+ Ignore updates to versions less than this value
+ '';
+ type = with types; nullOr str;
+ };
+ keepOpenAppLauncher = mkOption {
+ description = ''
+ Keep the App Launcher open after selecting an app
+ '';
+ type = with types; nullOr bool;
+ };
+ predefinedColorPaletteLarge = mkOption {
+ description = ''
+ Use larger color palette as the default one
+ '';
+ type = with types; nullOr bool;
+ };
+ saveAfterCopy = mkOption {
+ description = ''
+ Save image after copy
+ '';
+ type = with types; nullOr bool;
+ };
+ saveAsFileExtension = mkOption {
+ description = ''
+ Default file extension for screenshots
+ '';
+ type = with types; nullOr (addCheck filename (hasPrefix "."));
+ };
+ safeLastRegion = mkOption {
+ type = with types; nullOr bool;
+ };
+ savePath = mkOption {
+ description = ''
+ Image Save Path
+ '';
+ type = with types; nullOr absolute-pathname;
+ };
+ savePathFixed = mkOption {
+ description = ''
+ Whether the savePath is a fixed path
+ '';
+ type = with types; nullOr bool;
+ };
+ showDesktopNotification = mkOption {
+ description = ''
+ Show desktop notifications
+ '';
+ type = with types; nullOr bool;
+ };
+ showHelp = mkOption {
+ description = ''
+ Show the help screen on startup
+ '';
+ type = with types; nullOr bool;
+ };
+ showMagnifier = mkOption {
+ type = with types; nullOr bool;
+ };
+ showSelectionGeometry = mkOption {
+ type = with types; nullOr (boundedInt 0 5);
+ };
+ showSelectionGeometryHideTime = mkOption {
+ type = with types; nullOr uint;
+ };
+ showSidePanelButton = mkOption {
+ description = ''
+ Show the side panel button
+ '';
+ type = with types; nullOr bool;
+ };
+ showStartupLaunchMessage = mkOption {
+ type = with types; nullOr bool;
+ };
+ squareMagnifier = mkOption {
+ type = with types; nullOr bool;
+ };
+ startupLaunch = mkOption {
+ description = ''
+ Launch at startup
+ '';
+ type = with types; nullOr bool;
+ };
+ uiColor = mkOption {
+ description = ''
+ Main UI color
+ '';
+ type = with types; nullOr flameshot.color;
+ };
+ undoLimit = mkOption {
+ type = with types; nullOr (boundedInt 0 999);
+ };
+ uploadClientSecret = mkOption {
+ type = with types; nullOr str;
+ };
+ uploadHistoryMax = mkOption {
+ type = with types; nullOr uint;
+ };
+ uploadWithoutConfirmation = mkOption {
+ description = ''
+ Upload to imgur without confirmation
+ '';
+ type = with types; nullOr bool;
+ };
+ useJpgForClipboard = mkOption {
+ description = ''
+ Use JPG format instead of PNG
+ '';
+ type = with types; nullOr bool;
+ };
+ userColors = mkOption {
+ apply = value:
+ if value != null then
+ concatStringsSep ", " value
+ else
+ null;
+ description = ''
+ List of colors for color picker
+ The colors are arranged counter-clockwise with the first being set
+ to the right of the cursor. "picker" adds a custom color picker.
+ '';
+ type =
+ with types;
+ nullOr (listOf (either flameshot.color (enum ["picker"])));
+ };
+ };
+ Shortcuts = genAttrs [
+ # Generated with:
+ # nix-shell -p flameshot-once.dev --run get-Shortcuts
+ "TYPE_ACCEPT"
+ "TYPE_ARROW"
+ "TYPE_CIRCLE"
+ "TYPE_CIRCLECOUNT"
+ "TYPE_COMMIT_CURRENT_TOOL"
+ "TYPE_COPY"
+ "TYPE_DELETE_CURRENT_TOOL"
+ "TYPE_DRAWER"
+ "TYPE_EXIT"
+ "TYPE_IMAGEUPLOADER"
+ "TYPE_INVERT"
+ "TYPE_MARKER"
+ "TYPE_MOVESELECTION"
+ "TYPE_MOVE_DOWN"
+ "TYPE_MOVE_LEFT"
+ "TYPE_MOVE_RIGHT"
+ "TYPE_MOVE_UP"
+ "TYPE_OPEN_APP"
+ "TYPE_PENCIL"
+ "TYPE_PIN"
+ "TYPE_PIXELATE"
+ "TYPE_RECTANGLE"
+ "TYPE_REDO"
+ "TYPE_RESIZE_DOWN"
+ "TYPE_RESIZE_LEFT"
+ "TYPE_RESIZE_RIGHT"
+ "TYPE_RESIZE_UP"
+ "TYPE_SAVE"
+ "TYPE_SELECTION"
+ "TYPE_SELECTIONINDICATOR"
+ "TYPE_SELECT_ALL"
+ "TYPE_SIZEDECREASE"
+ "TYPE_SIZEINCREASE"
+ "TYPE_SYM_RESIZE_DOWN"
+ "TYPE_SYM_RESIZE_LEFT"
+ "TYPE_SYM_RESIZE_RIGHT"
+ "TYPE_SYM_RESIZE_UP"
+ "TYPE_TEXT"
+ "TYPE_TOGGLE_PANEL"
+ "TYPE_UNDO"
+ ] (name: mkOption {
+ default = null;
+ type = with types; nullOr str;
+ });
+ };
+ };
+}
diff --git a/krebs/5pkgs/simple/flameshot-once/default.nix b/krebs/5pkgs/simple/flameshot-once/default.nix
index 0524c2cfa..3626409f3 100644
--- a/krebs/5pkgs/simple/flameshot-once/default.nix
+++ b/krebs/5pkgs/simple/flameshot-once/default.nix
@@ -1,28 +1,149 @@
-{ pkgs, stockholm, ... }@args:
-with stockholm.lib;
+{ name ? "flameshot-once", pkgs, ... }@args:
+with pkgs.stockholm.lib;
let
# config cannot be declared in the input attribute set because that would
# cause callPackage to inject the wrong config. Instead, get it from ...
# via args.
config = args.config or {};
-in
- pkgs.symlinkJoin {
- name = "flameshot-once-wrapper";
- paths = [
- (pkgs.writeDashBin "flameshot-once" ''
- export PATH=${makeBinPath [
- pkgs.flameshot
- pkgs.qt5.qtbase
- pkgs.xclip
- pkgs.xwaitforwindow
- ]}
- ${optionalString (config != null) /* sh */ ''
- . ${import ./profile.nix { inherit config pkgs; }}
- ''}
- exec ${pkgs.haskellPackages.flameshot-once}/bin/flameshot-once "$@"
- '')
- pkgs.haskellPackages.flameshot-once
+ cfg = evalModulesConfig (singleton {
+ _file = toString ./default.nix;
+ _module.args.pkgs = pkgs;
+ imports = [
+ config
+ ./config.nix
];
- }
+ });
+in
+
+pkgs.symlinkJoin {
+ inherit name;
+ paths = [
+ (pkgs.write "flameshot-once" {
+ "/bin/flameshot-once" = {
+ executable = true;
+ text = /* sh */ ''
+ #! ${pkgs.dash}/bin/dash
+ export PATH=${makeBinPath [
+ pkgs.qt5.qtbase
+ ]}:''${PATH+:$PATH}
+ ${optionalString (config != null) /* sh */ ''
+ export XDG_CONFIG_HOME=${placeholder "out"}/etc
+ ${optionalString cfg.imgur.enable /* sh */ ''
+ export IMGUR_CREATE_URL=${shell.escape cfg.imgur.createUrl}
+ export IMGUR_DELETE_URL=${shell.escape cfg.imgur.deleteUrl}
+ ${optionalString cfg.imgur.xdg-open.enable /* sh */ ''
+ export PATH=${placeholder "out"}/lib/imgur/bin''${PATH+:$PATH}
+ ''}
+ ''}
+ ''}
+ ${cfg.package}/bin/flameshot &
+ exec ${cfg.package}/bin/flameshot gui
+ '';
+ };
+ "/etc/flameshot/flameshot.ini".text =
+ lib.generators.toINI {} (stripAttr cfg.settings);
+ ${if cfg.imgur.enable then "/lib/imgur/bin/xdg-open" else null} = {
+ executable = true;
+ text = /* sh */ ''
+ #! ${pkgs.dash}/bin/dash
+ set -efu
+ uri=$1
+ prefix=$(${pkgs.coreutils}/bin/dirname "$uri")
+ case $prefix in
+ (${shell.escape cfg.imgur.xdg-open.createPrefix})
+ echo "opening image in browser: $uri" >&2
+ exec ${config.imgur.xdg-open.browser} "$uri"
+ ;;
+ (${shell.escape cfg.imgur.xdg-open.deletePrefix})
+ echo "deleting image: $uri" >&2
+ exec ${pkgs.curl}/bin/curl -fsS -X DELETE "$uri"
+ ;;
+ (*)
+ echo "don't know how to open URI: $uri" >&2
+ exit 1
+ esac
+ '';
+ };
+ })
+ ];
+}
+// {
+ dev = pkgs.write "flameshot-once-tools" {
+ "/bin/get-buttonTypes" = {
+ executable = true;
+ text = /* sh */ ''
+ #! ${pkgs.dash}/bin/dash
+ indent=$(${placeholder "out"}/bin/indent-of buttonTypes)
+ src=${cfg.package.src}/src/tools/capturetool.h
+ ${pkgs.coreutils}/bin/cat "$src" |
+ ${pkgs.gnused}/bin/sed -nr '
+ s/^\s*(TYPE_\S+)\s*=\s*([0-9]+),/\1 = \2;/p
+ ' |
+ ${placeholder "out"}/bin/prefix " $indent"
+ '';
+ };
+ "/bin/get-iterableButtonTypes" = {
+ executable = true;
+ text = /* sh */ ''
+ #! ${pkgs.dash}/bin/dash
+ indent=$(${placeholder "out"}/bin/indent-of iterableButtonTypes)
+ src=${cfg.package.src}/src/widgets/capture/capturetoolbutton.cpp
+ ${pkgs.coreutils}/bin/cat "$src" |
+ ${pkgs.gnused}/bin/sed -n '/\<iterableButtonTypes = {/,/^}/p' |
+ ${pkgs.gcc}/bin/cpp |
+ ${pkgs.coreutils}/bin/tr , \\n |
+ ${pkgs.gnused}/bin/sed -rn 's/^ *CaptureTool::(TYPE_[A-Z_]+).*/"\1"/p' |
+ ${pkgs.coreutils}/bin/sort |
+ ${placeholder "out"}/bin/prefix " $indent"
+ '';
+ };
+ "/bin/get-recognizedGeneralOptions" = {
+ executable = true;
+ text = /* sh */ ''
+ #! ${pkgs.dash}/bin/dash
+ src=${cfg.package.src}/src/utils/confighandler.cpp
+ ${pkgs.coreutils}/bin/cat "$src" |
+ ${pkgs.gnused}/bin/sed -n '/\<recognizedGeneralOptions = {/,/^};/p' |
+ ${pkgs.gcc}/bin/cpp |
+ ${pkgs.gnugrep}/bin/grep -F OPTION |
+ ${pkgs.coreutils}/bin/sort
+ '';
+ };
+ "/bin/get-Shortcuts" = {
+ executable = true;
+ text = /* sh */ ''
+ #! ${pkgs.dash}/bin/dash
+ indent=$(${placeholder "out"}/bin/indent-of Shortcuts)
+ src=${cfg.package.src}/src/utils/confighandler.cpp
+ ${pkgs.coreutils}/bin/cat "$src" |
+ ${pkgs.gnused}/bin/sed -n '/recognizedShortcuts = {/,/^};/p ' |
+ ${pkgs.gcc}/bin/cpp |
+ ${pkgs.gnused}/bin/sed -nr 's/^\s*SHORTCUT\("(TYPE_[^"]+).*/"\1"/p' |
+ ${pkgs.coreutils}/bin/sort |
+ ${placeholder "out"}/bin/prefix " $indent"
+ '';
+ };
+ "/bin/indent-of" = {
+ executable = true;
+ text = /* sh */ ''
+ #! ${pkgs.dash}/bin/dash
+ # usage: indent-of NAME NIX_FILE
+ exec ${pkgs.gawk}/bin/awk -v name="$1" '
+ $1 == name && $2 == "=" {
+ sub("[^ ].*", "")
+ print
+ }
+ ' ${./config.nix}
+ '';
+ };
+ "/bin/prefix" = {
+ executable = true;
+ text = /* sh */ ''
+ #! ${pkgs.dash}/bin/dash
+ ${pkgs.gawk}/bin/awk -v prefix="$1" '{ print prefix $0 }'
+ '';
+ };
+ };
+}
diff --git a/krebs/5pkgs/simple/flameshot-once/flameshot/default.nix b/krebs/5pkgs/simple/flameshot-once/flameshot/default.nix
new file mode 100644
index 000000000..f60acef08
--- /dev/null
+++ b/krebs/5pkgs/simple/flameshot-once/flameshot/default.nix
@@ -0,0 +1,16 @@
+{ pkgs }:
+
+pkgs.flameshot.overrideAttrs (old: rec {
+ name = "flameshot-${version}";
+ version = "12.1.0-pre";
+ src = pkgs.fetchFromGitHub {
+ owner = "flameshot-org";
+ repo = "flameshot";
+ rev = "f7e41f4d708e50eeaec892408069da25a28e04a2";
+ hash = "sha256-fZquXY0xSaN1hJgCh16MocIlvxHe1c2Nt+fGF2NIOVw=";
+ };
+ patches = old.patches or [] ++ [
+ ./flameshot-12.imgur.patch
+ ./flameshot-12.history.patch
+ ];
+})
diff --git a/krebs/5pkgs/simple/flameshot-once/flameshot/flameshot-12.history.patch b/krebs/5pkgs/simple/flameshot-once/flameshot/flameshot-12.history.patch
new file mode 100644
index 000000000..66f28a661
--- /dev/null
+++ b/krebs/5pkgs/simple/flameshot-once/flameshot/flameshot-12.history.patch
@@ -0,0 +1,28 @@
+diff --git a/src/utils/history.cpp b/src/utils/history.cpp
+index f3ee09d0..7c85c34b 100644
+--- a/src/utils/history.cpp
++++ b/src/utils/history.cpp
+@@ -76,9 +76,9 @@ const HistoryFileName& History::unpackFileName(const QString& fileNamePacked)
+ int nPathIndex = fileNamePacked.lastIndexOf("/");
+ QStringList unpackedFileName;
+ if (nPathIndex == -1) {
+- unpackedFileName = fileNamePacked.split("-");
++ unpackedFileName = fileNamePacked.split("|");
+ } else {
+- unpackedFileName = fileNamePacked.mid(nPathIndex + 1).split("-");
++ unpackedFileName = fileNamePacked.mid(nPathIndex + 1).split("|");
+ }
+
+ switch (unpackedFileName.length()) {
+@@ -109,9 +109,9 @@ const QString& History::packFileName(const QString& storageType,
+ if (storageType.length() > 0) {
+ if (deleteToken.length() > 0) {
+ m_packedFileName =
+- storageType + "-" + deleteToken + "-" + m_packedFileName;
++ storageType + "|" + deleteToken + "|" + m_packedFileName;
+ } else {
+- m_packedFileName = storageType + "-" + m_packedFileName;
++ m_packedFileName = storageType + "|" + m_packedFileName;
+ }
+ }
+ return m_packedFileName;
diff --git a/krebs/5pkgs/simple/flameshot-once/flameshot/flameshot-12.imgur.patch b/krebs/5pkgs/simple/flameshot-once/flameshot/flameshot-12.imgur.patch
new file mode 100644
index 000000000..b6c3f497a
--- /dev/null
+++ b/krebs/5pkgs/simple/flameshot-once/flameshot/flameshot-12.imgur.patch
@@ -0,0 +1,43 @@
+diff --git a/src/tools/imgupload/storages/imgur/imguruploader.cpp b/src/tools/imgupload/storages/imgur/imguruploader.cpp
+index d6748b5a..5bb8d7de 100644
+--- a/src/tools/imgupload/storages/imgur/imguruploader.cpp
++++ b/src/tools/imgupload/storages/imgur/imguruploader.cpp
+@@ -16,6 +16,7 @@
+ #include <QNetworkRequest>
+ #include <QShortcut>
+ #include <QUrlQuery>
++#include <stdlib.h>
+
+ ImgurUploader::ImgurUploader(const QPixmap& capture, QWidget* parent)
+ : ImgUploaderBase(capture, parent)
+@@ -70,7 +71,13 @@ void ImgurUploader::upload()
+ QString description = FileNameHandler().parsedPattern();
+ urlQuery.addQueryItem(QStringLiteral("description"), description);
+
+- QUrl url(QStringLiteral("https://api.imgur.com/3/image"));
++ const char *IMGUR_CREATE_URL = secure_getenv("IMGUR_CREATE_URL");
++ QString createUrlPattern =
++ IMGUR_CREATE_URL != NULL
++ ? QString::fromUtf8(IMGUR_CREATE_URL)
++ : QStringLiteral("https://api.imgur.com/3/image")
++ ;
++ QUrl url(createUrlPattern);
+ url.setQuery(urlQuery);
+ QNetworkRequest request(url);
+ request.setHeader(QNetworkRequest::ContentTypeHeader,
+@@ -87,8 +94,14 @@ void ImgurUploader::deleteImage(const QString& fileName,
+ const QString& deleteToken)
+ {
+ Q_UNUSED(fileName)
++ const char *IMGUR_DELETE_URL = secure_getenv("IMGUR_DELETE_URL");
++ QString deleteImageURLPattern =
++ IMGUR_DELETE_URL != NULL
++ ? QString::fromUtf8(IMGUR_DELETE_URL)
++ : QStringLiteral("https://imgur.com/delete/%1")
++ ;
+ bool successful = QDesktopServices::openUrl(
+- QUrl(QStringLiteral("https://imgur.com/delete/%1").arg(deleteToken)));
++ QUrl(deleteImageURLPattern.arg(deleteToken)));
+ if (!successful) {
+ notification()->showMessage(tr("Unable to open the URL."));
+ }
diff --git a/krebs/5pkgs/simple/flameshot-once/profile.nix b/krebs/5pkgs/simple/flameshot-once/profile.nix
deleted file mode 100644
index 269f13a66..000000000
--- a/krebs/5pkgs/simple/flameshot-once/profile.nix
+++ /dev/null
@@ -1,235 +0,0 @@
-{ config, pkgs }:
-with pkgs.stockholm.lib;
-with generators;
-let
-
- # Refs https://github.com/lupoDharkael/flameshot/blob/master/src/widgets/capture/capturebutton.h
- ButtonType = {
- PENCIL = 0;
- DRAWER = 1;
- ARROW = 2;
- SELECTION = 3;
- RECTANGLE = 4;
- CIRCLE = 5;
- MARKER = 6;
- SELECTIONINDICATOR = 7;
- MOVESELECTION = 8;
- UNDO = 9;
- COPY = 10;
- SAVE = 11;
- EXIT = 12;
- IMAGEUPLOADER = 13;
- OPEN_APP = 14;
- BLUR = 15;
- REDO = 16;
- PIN = 17;
- TEXT = 18;
- CIRCLECOUNT = 19;
- };
-
- cfg = eval.config;
-
- eval = evalModules {
- modules = singleton {
- _file = toString ./profile.nix;
- imports = singleton config;
- options = {
- buttons = mkOption {
- apply = map (name: ButtonType.${name});
- default = [
- "PENCIL"
- "DRAWER"
- "ARROW"
- "SELECTION"
- "RECTANGLE"
- "CIRCLE"
- "MARKER"
- "SELECTIONINDICATOR"
- "MOVESELECTION"
- "UNDO"
- "SAVE"
- "EXIT"
- "BLUR"
- "CIRCLECOUNT"
- ]
- ++ optional cfg.imgur.enable "IMAGEUPLOADER"
- ;
- type = types.listOf (types.enum (attrNames ButtonType));
- };
- copyAndCloseAfterUpload = mkOption {
- default = false;
- type = types.bool;
- };
- disabledTrayIcon = mkOption {
- default = true;
- type = types.bool;
- };
- drawColor = mkOption {
- default = "#ff0000";
- type =
- types.addCheck types.str (test "#[0-9A-Fa-f]{6}");
- };
- drawThickness = mkOption {
- default = 8;
- type = types.positive;
- };
- filenamePattern = mkOption {
- default = "%FT%T%z_flameshot";
- type =
- # This is types.filename extended by [%:][%:+]*
- types.addCheck types.str (test "[%:0-9A-Za-z._][%:+0-9A-Za-z._-]*");
- };
- imgur = mkOption {
- default = {};
- type = types.submodule {
- options = {
- enable = mkEnableOption "imgur";
- createUrl = mkOption {
- example = "http://p.r/image";
- type = types.str;
- };
- deleteUrl = mkOption {
- example = "http://p.r/image/delete/%1";
- type = types.str;
- };
- xdg-open = mkOption {
- default = {};
- type = types.submodule {
- options = {
- enable = mkEnableOption "imgur.xdg-open" // {
- default = true;
- };
- browser = mkOption {
- default = "${pkgs.coreutils}/bin/false";
- type = types.str;
- };
- createPrefix = mkOption {
- default = cfg.imgur.createUrl;
- type = types.str;
- };
- deletePrefix = mkOption {
- default = removeSuffix "/%1" cfg.imgur.deleteUrl;
- type = types.str;
- };
- };
- };
- };
- };
- };
- };
- savePath = mkOption {
- default = "/tmp";
- type = types.absolute-pathname;
- };
- showDesktopNotification = mkOption {
- default = false;
- type = types.bool;
- };
- showHelp = mkOption {
- default = false;
- type = types.bool;
- };
- showSidePanelButton = mkOption {
- default = false;
- type = types.bool;
- };
- showStartupLaunchMessage = mkOption {
- default = false;
- type = types.bool;
- };
- timeout = mkOption {
- default = 200;
- description = ''
- Maximum time in milliseconds allowed for the flameshot daemon to
- react.
- '';
- type = types.positive;
- };
- };
- };
- };
-
- hexchars = stringToCharacters "0123456789abcdef";
-
- # Encode integer to C-escaped string of bytes, little endian / LSB 0
- le = rec {
- x1 = i: let
- i0 = mod i 16;
- i1 = i / 16;
- in
- "\\x${elemAt hexchars i1}${elemAt hexchars i0}";
-
- x2 = i: let
- i0 = mod i 256;
- i1 = i / 256;
- in
- "${x1 i0}${x1 i1}";
-
- x4 = i: let
- i0 = mod i 65536;
- i1 = i / 65536;
- in
- "${x2 i0}${x2 i1}";
- };
-
- toQList = t: xs:
- assert t == "int";
- "QList<${t}>${le.x4 0}${le.x4 (length xs)}${concatMapStrings le.x4 xs}";
-
- XDG_CONFIG_HOME = pkgs.write "flameshot-config" {
- "/flameshot/flameshot.ini".text =
- toINI {} {
- General = {
- buttons = ''@Variant(\0\0\0\x7f\0\0\0\v${toQList "int" cfg.buttons})'';
- disabledTrayIcon = cfg.disabledTrayIcon;
- checkForUpdates = false;
- copyAndCloseAfterUpload = cfg.copyAndCloseAfterUpload;
- drawColor = cfg.drawColor;
- drawThickness = cfg.drawThickness;
- filenamePattern = cfg.filenamePattern;
- savePath = cfg.savePath;
- showDesktopNotification = cfg.showDesktopNotification;
- showHelp = cfg.showHelp;
- showSidePanelButton = cfg.showSidePanelButton;
- showStartupLaunchMessage = cfg.showStartupLaunchMessage;
- startupLaunch = false;
- };
- Shortcuts = {
- TYPE_COPY = "Return";
- };
- };
- };
-
-in
-
- pkgs.writeDash "flameshot.profile" ''
- export FLAMESHOT_CAPTURE_PATH=${cfg.savePath}
- export FLAMESHOT_ONCE_TIMEOUT=${toString cfg.timeout}
- export XDG_CONFIG_HOME=${XDG_CONFIG_HOME}
- ${optionalString cfg.imgur.enable /* sh */ ''
- export IMGUR_CREATE_URL=${shell.escape cfg.imgur.createUrl}
- export IMGUR_DELETE_URL=${shell.escape cfg.imgur.deleteUrl}
- ${optionalString cfg.imgur.xdg-open.enable /* sh */ ''
- PATH=$PATH:${makeBinPath [
- (pkgs.writeDashBin "xdg-open" ''
- set -efu
- uri=$1
- prefix=$(${pkgs.coreutils}/bin/dirname "$uri")
- case $prefix in
- (${shell.escape cfg.imgur.xdg-open.createPrefix})
- echo "opening image in browser: $uri" >&2
- exec ${config.imgur.xdg-open.browser} "$uri"
- ;;
- (${shell.escape cfg.imgur.xdg-open.deletePrefix})
- echo "deleting image: $uri" >&2
- exec ${pkgs.curl}/bin/curl -fsS -X DELETE "$uri"
- ;;
- (*)
- echo "don't know how to open URI: $uri" >&2
- exit 1
- esac
- '')
- ]}
- ''}
- ''}
- ''
diff --git a/krebs/5pkgs/simple/fzfmenu/default.nix b/krebs/5pkgs/simple/fzfmenu/default.nix
index 4527ad90b..fe5d5e27a 100644
--- a/krebs/5pkgs/simple/fzfmenu/default.nix
+++ b/krebs/5pkgs/simple/fzfmenu/default.nix
@@ -48,10 +48,11 @@ pkgs.writeDashBin "fzfmenu" ''
exec 4>&1
export FZFMENU_INPUT_FD=3
export FZFMENU_OUTPUT_FD=4
- exec ${pkgs.rxvt-unicode}/bin/urxvt \
- -name ${cfg.appName} \
- -title ${shell.escape cfg.windowTitle} \
- -e "$0" "$@"
+ exec ${pkgs.alacritty}/bin/alacritty \
+ --config-file /var/theme/config/alacritty.yaml \
+ --class ${cfg.appName} \
+ --title ${shell.escape cfg.windowTitle} \
+ --command "$0" "$@"
else
exec 0<&''${FZFMENU_INPUT_FD-0}
exec 1>&''${FZFMENU_OUTPUT_FD-1}
diff --git a/krebs/5pkgs/simple/htgen-imgur/default.nix b/krebs/5pkgs/simple/htgen-imgur/default.nix
index e6b60be49..379150a85 100644
--- a/krebs/5pkgs/simple/htgen-imgur/default.nix
+++ b/krebs/5pkgs/simple/htgen-imgur/default.nix
@@ -1,7 +1,7 @@
{ attr, coreutils, exiv2, findutils, gnugrep, jq, nix, stockholm, util-linux, stdenv }:
stdenv.mkDerivation rec {
pname = "htgen-imgur";
- version = "1.0.0";
+ version = "1.2.0";
src = ./src;
diff --git a/krebs/5pkgs/simple/htgen-imgur/src/htgen-imgur b/krebs/5pkgs/simple/htgen-imgur/src/htgen-imgur
index af092d007..696d1c00d 100644
--- a/krebs/5pkgs/simple/htgen-imgur/src/htgen-imgur
+++ b/krebs/5pkgs/simple/htgen-imgur/src/htgen-imgur
@@ -99,7 +99,7 @@ case "$Method $path" in
if item=$(find_item $base32short); then
- deletehash=$(uuidgen)
+ deletehash=$(uuidgen | tr -d -)
info=$(
exiv2 print "$item" |
diff --git a/krebs/5pkgs/simple/nixos-format-error.nix b/krebs/5pkgs/simple/nixos-format-error.nix
new file mode 100644
index 000000000..a28f7245f
--- /dev/null
+++ b/krebs/5pkgs/simple/nixos-format-error.nix
@@ -0,0 +1,107 @@
+{ pkgs }:
+
+pkgs.writeGawkBin "nixos-format-error" ''
+ # usage: nixos-rebuild ... 2>&1 | nixos-format-error
+
+ function out() {
+ print
+ next
+ }
+
+ BEGIN {
+ IDLE = 0
+ ACTIVE = 1
+ PASSIVE = 2
+ ERROR = 3
+
+ start_state = IDLE
+
+ state = start_state
+ }
+
+ END {
+ if (trace_count)
+ for (i = trace_count - 1; i >= 0; i--)
+ print trace[i]
+ }
+
+ state == PASSIVE {
+ out()
+ }
+
+ state == IDLE {
+ if ($0 ~ /^building the system configuration\.\.\. ?$/) {
+ state = ACTIVE
+ }
+ out()
+ }
+
+ state == ACTIVE {
+ if ($1 ~ /(\[[0-9;]+m)?error:(\[[0-9;]m)?/) {
+ state = ERROR
+ sub(/^/,"\x1b[31;1m"); sub(/$/,"\x1b[m")
+ trace[trace_count++] = $0
+
+ "stty -F /dev/tty size" |& getline
+ COLUMNS = gensub(/.* ([0-9]+)$/, "\\1", "1")
+
+ next
+ }
+ if ($0 ~ /^these [0-9]+ derivations will be built:/) {
+ state = PASSIVE
+ }
+ if ($0 == "activating the configuration...") {
+ state = PASSIVE
+ }
+ out()
+ }
+
+ state == ERROR {
+ sub(/ $/, "")
+ gsub(/\[[0-9;]*m/, "")
+
+ if ($0 ~ /^\s*at /) {
+ location = gensub(/^\s*at (.*):$/,"\\1","1")
+ content = ""
+ lnumcol = gensub(/^.*:([0-9]+:[0-9]+)$/,"\\1","1",location)
+ lnum = gensub(/:.*/,"","1",lnumcol)
+ col = gensub(/.*:/,"","1",lnumcol)
+ next
+ }
+
+ if ($1 == lnum "|") {
+ content = gensub(/^\s*[0-9]+\|(.*)/,"\\1","1")
+
+ location = sprintf("%50s", location)
+
+ preview_size = COLUMNS - length(location " ")
+
+ prefix = gensub(/^\s*/,"","1",substr(content, 1, col))
+ infix = gensub(/^([0-9a-zA-Z]+|.).*$/, "\\1", "1", substr(content, col + 1))
+ suffix = substr(content, col + length(infix) + 1)
+
+ if (length(prefix infix suffix) > preview_size) {
+ n = (preview_size - length(infix)) / 2 - length(" ")
+ prefix = substr(prefix, length(prefix) - n + 1)
+ if (prefix != "") { prefix = "…" prefix }
+ suffix = substr(suffix, 1, n)
+ if (suffix != "") { suffix = suffix "…" }
+ }
+
+ preview = \
+ "\x1b[38;5;244m" prefix "\x1b[m" \
+ "\x1b[38;5;230m" infix "\x1b[m" \
+ "\x1b[38;5;244m" suffix "\x1b[m"
+
+ trace[trace_count++] = location " " preview
+ next
+ }
+
+ if ($0 == "") next
+ if ($0 ~ /^\s*… (from|while)/) next
+ if ($0 ~ /^\s*([0-9]*)\|/) next
+
+ trace[trace_count++] = $0
+ next
+ }
+''
diff --git a/krebs/5pkgs/simple/pager.nix b/krebs/5pkgs/simple/pager.nix
index ed740490d..952b5ee1e 100644
--- a/krebs/5pkgs/simple/pager.nix
+++ b/krebs/5pkgs/simple/pager.nix
@@ -1,36 +1,40 @@
{ pkgs }:
-pkgs.writeDashBin "pager" ''
- # usage: pager {view,shift,shiftview}
- #
- # Environment variables
- #
- # PAGER_NAME (default: Pager)
- # The environment variables specifies the application name under which
- # resources are to be obtained. PAGER_NAME should not contain “.” or “*”
- # characters.
- #
- set -efu
+pkgs.symlinkJoin {
+ name = "pager-wrapper";
+ paths = [
+ (pkgs.writeDashBin "pager" ''
+ # usage: pager {view,shift,shiftview}
+ #
+ # Environment variables
+ #
+ # PAGER_NAME (default: Pager)
+ # The environment variables specifies the application name under
+ # which resources are to be obtained. PAGER_NAME should not contain
+ # “.” or “*” characters.
+ #
+ set -efu
- pidfile=$XDG_RUNTIME_DIR/pager.lock
- name=''${PAGER_NAME-Pager}
+ pidfile=$XDG_RUNTIME_DIR/pager.lock
+ name=''${PAGER_NAME-Pager}
- if test -e "$pidfile" &&
- ${pkgs.procps}/bin/pgrep --pidfile="$pidfile" >/dev/null
- then
- ${pkgs.procps}/bin/pkill --pidfile="$pidfile"
- ${pkgs.coreutils}/bin/rm "$pidfile"
- exit
- fi
+ if test -e "$pidfile" &&
+ ${pkgs.procps}/bin/pgrep --pidfile="$pidfile" >/dev/null
+ then
+ ${pkgs.procps}/bin/pkill --pidfile="$pidfile"
+ ${pkgs.coreutils}/bin/rm "$pidfile"
+ exit
+ fi
- echo $$ > "$pidfile"
+ echo $$ > "$pidfile"
- exec ${pkgs.xterm}/bin/xterm \
- -name "$name" \
- -ti vt340 \
- -xrm 'Pager*geometry: 32x10' \
- -xrm 'Pager*internalBorder: 2' \
- -xrm 'Pager*background: #050505' \
- -xrm 'Pager*foreground: #d0d7d0' \
- -e ${pkgs.haskellPackages.pager}/bin/pager "$@"
-''
+ exec ${pkgs.xterm}/bin/xterm \
+ -name "$name" \
+ -ti vt340 \
+ -xrm '*geometry: 32x10' \
+ -xrm '*internalBorder: 2' \
+ -e ${pkgs.haskellPackages.pager}/bin/pager "$@"
+ '')
+ pkgs.haskellPackages.pager
+ ];
+}
diff --git a/krebs/5pkgs/simple/xwaitforwindow.nix b/krebs/5pkgs/simple/xwaitforwindow.nix
deleted file mode 100644
index 41ce65022..000000000
--- a/krebs/5pkgs/simple/xwaitforwindow.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ writeDashBin, xdotool, xorg }:
-writeDashBin "xwaitforwindow" ''
- # usage: xwaitforwindow ARGS
- # see xdotool search for possible ARGS
- # example: xwaitforwindow -name WINDOWNAME
- set -efu
-
- if id=$(${xdotool}/bin/xdotool search "$@"); then
- printf 'waiting for window %#x\n' "$id" >&2
- exec ${xorg.xprop}/bin/xprop -spy -id "$id" >/dev/null
- else
- printf 'no window found with xdotool search %s\n' "$*" >&2
- exit 1
- fi
-''
diff --git a/lass/1systems/aergia/config.nix b/lass/1systems/aergia/config.nix
index ed5bbcf12..6992db4a5 100644
--- a/lass/1systems/aergia/config.nix
+++ b/lass/1systems/aergia/config.nix
@@ -26,6 +26,7 @@
<stockholm/lass/2configs/dunst.nix>
<stockholm/lass/2configs/print.nix>
<stockholm/lass/2configs/br.nix>
+ <stockholm/lass/2configs/c-base.nix>
];
system.stateVersion = "22.11";
@@ -47,11 +48,6 @@
};
hardware.pulseaudio.package = pkgs.pulseaudioFull;
- lass.browser.config = {
- fy = { browser = "chromium"; groups = [ "audio" "video" ]; hidden = true; };
- qt = { browser = "qutebrowser"; groups = [ "audio" "video" ]; hidden = true; };
- };
-
nix.trustedUsers = [ "root" "lass" ];
# nix.extraOptions = ''
diff --git a/lass/1systems/aergia/physical.nix b/lass/1systems/aergia/physical.nix
index de5f7540e..023639083 100644
--- a/lass/1systems/aergia/physical.nix
+++ b/lass/1systems/aergia/physical.nix
@@ -3,6 +3,7 @@
imports = [
./config.nix
(modulesPath + "/installer/scan/not-detected.nix")
+ <stockholm/lass/2configs/antimicrox>
];
disko.devices = import ./disk.nix;
@@ -20,15 +21,41 @@
boot.kernelParams = [
# Enable energy savings during sleep
"mem_sleep_default=deep"
- "initcall_blacklist=acpi_cpufreq_init"
+
+ # use less power with pstate
+ "amd_pstate=passive"
# for ryzenadj -i
"iomem=relaxed"
+
+ # suspend
+ "resume_offset=178345675"
];
- # Enables the amd cpu scaling https://www.kernel.org/doc/html/latest/admin-guide/pm/amd-pstate.html
- # On recent AMD CPUs this can be more energy efficient.
- boot.kernelModules = [ "amd-pstate" "kvm-amd" ];
+ boot.kernelModules = [
+ # Enables the amd cpu scaling https://www.kernel.org/doc/html/latest/admin-guide/pm/amd-pstate.html
+ # On recent AMD CPUs this can be more energy efficient.
+ "amd-pstate"
+ "kvm-amd"
+
+ # needed for zenstates
+ "msr"
+
+ # zenpower
+ "zenpower"
+ ];
+
+ boot.extraModulePackages = [
+ (config.boot.kernelPackages.zenpower.overrideAttrs (old: {
+ src = pkgs.fetchFromGitea {
+ domain = "git.exozy.me";
+ owner = "a";
+ repo = "zenpower3";
+ rev = "c176fdb0d5bcba6ba2aba99ea36812e40f47751f";
+ hash = "sha256-d2WH8Zv7F0phZmEKcDiaak9On+Mo9bAFhMulT/N5FWI=";
+ };
+ }))
+ ];
# hardware.cpu.amd.updateMicrocode = true;
@@ -36,7 +63,16 @@
"amdgpu"
];
- boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
+ boot.initrd.availableKernelModules = [
+ "nvme"
+ "thunderbolt"
+ "xhci_pci"
+ "usbhid"
+ ];
+
+ boot.initrd.kernelModules = [
+ "amdgpu"
+ ];
environment.systemPackages = [
pkgs.vulkan-tools
@@ -54,7 +90,13 @@
hardware.video.hidpi.enable = lib.mkDefault true;
# corectrl
- programs.corectrl.enable = true;
+ programs.corectrl = {
+ enable = true;
+ gpuOverclock = {
+ enable = true;
+ ppfeaturemask = "0xffffffff";
+ };
+ };
users.users.mainUser.extraGroups = [ "corectrl" ];
# use newer ryzenadj
@@ -72,7 +114,7 @@
# keyboard quirks
services.xserver.displayManager.sessionCommands = ''
- xmodmap -e 'keycode 96 = F12 Insert F12 F12' # rebind shift + F12 to shift + insert
+ ${pkgs.xorg.xmodmap}/bin/xmodmap -e 'keycode 96 = F12 Insert F12 F12' # rebind shift + F12 to shift + insert
'';
services.udev.extraHwdb = /* sh */ ''
# disable back buttons
@@ -82,5 +124,20 @@
'';
# ignore power key
- services.logind.extraConfig = "HandlePowerKey=ignore";
+
+ # update cpu microcode
+ hardware.cpu.amd.updateMicrocode = true;
+
+ # suspend to disk
+ swapDevices = [{
+ device = "/swapfile";
+ }];
+ boot.resumeDevice = "/dev/mapper/aergia1";
+ services.logind.lidSwitch = "suspend-then-hibernate";
+ services.logind.extraConfig = ''
+ HandlePowerKey=hibernate
+ '';
+
+ # firefox touchscreen support
+ environment.sessionVariables.MOZ_USE_XINPUT2 = "1";
}
diff --git a/lass/1systems/coaxmetal/config.nix b/lass/1systems/coaxmetal/config.nix
index 2c88b68cc..1df56f591 100644
--- a/lass/1systems/coaxmetal/config.nix
+++ b/lass/1systems/coaxmetal/config.nix
@@ -54,12 +54,6 @@
};
hardware.pulseaudio.package = pkgs.pulseaudioFull;
- lass.browser.config = {
- dc = { browser = "chromium"; groups = [ "audio" "video" ]; hidden = true; };
- ff = { browser = "firefox"; groups = [ "audio" "video" ]; hidden = true; };
- fy = { browser = "chromium"; groups = [ "audio" "video" ]; hidden = true; };
- };
-
nix.trustedUsers = [ "root" "lass" ];
services.tor = {
diff --git a/lass/1systems/green/config.nix b/lass/1systems/green/config.nix
index 077f7b3fa..c232be9bd 100644
--- a/lass/1systems/green/config.nix
+++ b/lass/1systems/green/config.nix
@@ -35,6 +35,7 @@ with import <stockholm/lib>;
systemd.tmpfiles.rules = [
"d /home/lass/.local/share 0700 lass users -"
"d /home/lass/.local 0700 lass users -"
+ "d /home/lass/.config 0700 lass users -"
"d /var/state/lass_mail 0700 lass users -"
"L+ /home/lass/Maildir - - - - ../../var/state/lass_mail"
diff --git a/lass/1systems/lasspi/config.nix b/lass/1systems/lasspi/config.nix
index 9f823dfc8..d2207627d 100644
--- a/lass/1systems/lasspi/config.nix
+++ b/lass/1systems/lasspi/config.nix
@@ -1,4 +1,3 @@
-with import <stockholm/lib>;
{ config, lib, pkgs, ... }:
let
in
@@ -18,9 +17,9 @@ in
};
environment.systemPackages = with pkgs; [
vim
- rxvt_unicode.terminfo
+ rxvt-unicode-unwrapped.terminfo
];
services.openssh.enable = true;
- system.stateVersion = "21.05";
+ system.stateVersion = "22.05";
}
diff --git a/lass/1systems/lasspi/physical.nix b/lass/1systems/lasspi/physical.nix
index 868bafad5..07efb5ca5 100644
--- a/lass/1systems/lasspi/physical.nix
+++ b/lass/1systems/lasspi/physical.nix
@@ -1,15 +1,14 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, modulesPath, ... }:
{
- # This configuration worked on 09-03-2021 nixos-unstable @ commit 102eb68ceec
- # The image used https://hydra.nixos.org/build/134720986
imports = [
+ (modulesPath + "/installer/scan/not-detected.nix")
./config.nix
];
boot = {
# kernelPackages = pkgs.linuxPackages_rpi4;
tmpOnTmpfs = true;
- initrd.availableKernelModules = [ "usbhid" "usb_storage" ];
+ initrd.availableKernelModules = [ "usbhid" "usb_storage" "xhci_pci" ];
# ttyAMA0 is the serial console broken out to the GPIO
kernelParams = [
"8250.nr_uarts=1"
@@ -20,19 +19,23 @@
];
};
- boot.loader.raspberryPi = {
- enable = true;
- version = 4;
- };
+ # boot.loader.raspberryPi = {
+ # enable = true;
+ # version = 4;
+ # # uboot.enable = true;
+ # };
boot.loader.grub.enable = false;
+ boot.loader.generic-extlinux-compatible.enable = true;
# Required for the Wireless firmware
hardware.enableRedistributableFirmware = true;
+ networking.interfaces.eth0.useDHCP = true;
+
# Assuming this is installed on top of the disk image.
fileSystems = {
"/" = {
- device = "/dev/disk/by-label/NIXOS_SD";
+ device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4";
options = [ "noatime" ];
};
diff --git a/lass/1systems/neoprism/config.nix b/lass/1systems/neoprism/config.nix
index 7f6be782e..cc08070af 100644
--- a/lass/1systems/neoprism/config.nix
+++ b/lass/1systems/neoprism/config.nix
@@ -7,12 +7,19 @@
# sync-containers
<stockholm/lass/2configs/consul.nix>
- <stockholm/lass/2configs/yellow-host.nix>
- <stockholm/lass/2configs/radio/container-host.nix>
+ <stockholm/lass/2configs/services/flix/container-host.nix>
+ <stockholm/lass/2configs/services/radio/container-host.nix>
<stockholm/lass/2configs/ubik-host.nix>
+ <stockholm/lass/2configs/orange-host.nix>
+ <stockholm/krebs/2configs/hotdog-host.nix>
# other containers
<stockholm/lass/2configs/riot.nix>
+
+ # proxying of services
+ <stockholm/lass/2configs/services/radio/proxy.nix>
+ <stockholm/lass/2configs/services/flix/proxy.nix>
+ <stockholm/lass/2configs/services/coms/proxy.nix>
];
krebs.build.host = config.krebs.hosts.neoprism;
diff --git a/lass/1systems/orange/config.nix b/lass/1systems/orange/config.nix
index 3bc20878e..5e975dba8 100644
--- a/lass/1systems/orange/config.nix
+++ b/lass/1systems/orange/config.nix
@@ -5,6 +5,7 @@ with import <stockholm/lib>;
<stockholm/lass>
<stockholm/lass/2configs>
<stockholm/lass/2configs/retiolum.nix>
+ <stockholm/lass/2configs/mumble-reminder.nix>
];
krebs.build.host = config.krebs.hosts.orange;
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index bcc8c1a08..2e82fae6f 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -134,10 +134,9 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/reaktor-coders.nix>
<stockholm/lass/2configs/ciko.nix>
<stockholm/lass/2configs/container-networking.nix>
- <stockholm/lass/2configs/jitsi.nix>
+ <stockholm/lass/2configs/services/coms/jitsi.nix>
<stockholm/lass/2configs/fysiirc.nix>
<stockholm/lass/2configs/bgt-bot>
- <stockholm/lass/2configs/mumble-reminder.nix>
<stockholm/krebs/2configs/mastodon-proxy.nix>
{
services.tor = {
@@ -281,7 +280,7 @@ with import <stockholm/lib>;
{ predicate = "-p udp --dport 60000:61000"; target = "ACCEPT"; }
];
}
- <stockholm/lass/2configs/murmur.nix>
+ <stockholm/lass/2configs/services/coms/murmur.nix>
<stockholm/lass/2configs/docker.nix>
{
systemd.services."container@yellow".reloadIfChanged = mkForce false;
diff --git a/lass/1systems/radio/config.nix b/lass/1systems/radio/config.nix
index 5e34335d3..00e9bd3fe 100644
--- a/lass/1systems/radio/config.nix
+++ b/lass/1systems/radio/config.nix
@@ -7,7 +7,7 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/syncthing.nix>
- <stockholm/lass/2configs/radio>
+ <stockholm/lass/2configs/services/radio>
];
krebs.build.host = config.krebs.hosts.radio;
diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix
index ff8189e24..fb28fb029 100644
--- a/lass/1systems/yellow/config.nix
+++ b/lass/1systems/yellow/config.nix
@@ -5,6 +5,7 @@ in {
<stockholm/lass>
<stockholm/lass/2configs>
<stockholm/lass/2configs/retiolum.nix>
+ <stockholm/lass/2configs/services/flix>
];
krebs.build.host = config.krebs.hosts.yellow;
@@ -14,281 +15,8 @@ in {
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN737BAP36KiZO97mPKTIUGJUcr97ps8zjfFag6cUiYL";
};
- users.groups.download.members = [ "transmission" ];
-
networking.useHostResolvConf = false;
networking.useNetworkd = true;
- services.transmission = {
- enable = true;
- home = "/var/state/transmission";
- group = "download";
- downloadDirPermissions = "775";
- settings = {
- download-dir = "/var/download/transmission";
- incomplete-dir-enabled = false;
- rpc-bind-address = "::";
- message-level = 1;
- umask = 18;
- rpc-whitelist-enabled = false;
- rpc-host-whitelist-enabled = false;
- };
- };
-
- security.acme.defaults.email = "spam@krebsco.de";
- security.acme.acceptTerms = true;
- security.acme.certs."yellow.r".server = config.krebs.ssl.acmeURL;
- security.acme.certs."jelly.r".server = config.krebs.ssl.acmeURL;
- security.acme.certs."radar.r".server = config.krebs.ssl.acmeURL;
- security.acme.certs."sonar.r".server = config.krebs.ssl.acmeURL;
- security.acme.certs."transmission.r".server = config.krebs.ssl.acmeURL;
- services.nginx = {
- enable = true;
- package = pkgs.nginx.override {
- modules = with pkgs.nginxModules; [
- fancyindex
- ];
- };
- virtualHosts."yellow.r" = {
- default = true;
- enableACME = true;
- addSSL = true;
- locations."/" = {
- root = "/var/download";
- extraConfig = ''
- fancyindex on;
- fancyindex_footer "/fancy.html";
- include ${pkgs.nginx}/conf/mime.types;
- include ${pkgs.writeText "extrMime" ''
- types {
- video/webm mkv;
- }
- ''};
- create_full_put_path on;
- '';
- };
- locations."/chatty" = {
- proxyPass = "http://localhost:3000";
- extraConfig = ''
- rewrite /chatty/(.*) /$1 break;
- proxy_set_header Host $host;
- '';
- };
- locations."= /fancy.html".extraConfig = ''
- alias ${pkgs.writeText "nginx_footer" ''
- <div id="mydiv">
- <!-- Include a header DIV with the same name as the draggable DIV, followed by "header" -->
- <div id="mydivheader">Click here to move</div>
- <iframe src="/chatty/index.html"></iframe>
- </div>
- <style>
- #mydiv {
- position: absolute;
- z-index: 9;
- background-color: #f1f1f1;
- border: 1px solid #d3d3d3;
- text-align: center;
- }
-
- #mydivheader {
- padding: 10px;
- cursor: move;
- z-index: 10;
- background-color: #2196F3;
- color: #fff;
- }
- </style>
- <script>
- // Make the DIV element draggable:
- dragElement(document.getElementById("mydiv"));
-
- function dragElement(elmnt) {
- var pos1 = 0, pos2 = 0, pos3 = 0, pos4 = 0;
- if (document.getElementById(elmnt.id + "header")) {
- // if present, the header is where you move the DIV from:
- document.getElementById(elmnt.id + "header").onmousedown = dragMouseDown;
- } else {
- // otherwise, move the DIV from anywhere inside the DIV:
- elmnt.onmousedown = dragMouseDown;
- }
-
- function dragMouseDown(e) {
- e = e || window.event;
- e.preventDefault();
- // get the mouse cursor position at startup:
- pos3 = e.clientX;
- pos4 = e.clientY;
- document.onmouseup = closeDragElement;
- // call a function whenever the cursor moves:
- document.onmousemove = elementDrag;
- }
-
- function elementDrag(e) {
- e = e || window.event;
- e.preventDefault();
- // calculate the new cursor position:
- pos1 = pos3 - e.clientX;
- pos2 = pos4 - e.clientY;
- pos3 = e.clientX;
- pos4 = e.clientY;
- // set the element's new position:
- elmnt.style.top = (elmnt.offsetTop - pos2) + "px";
- elmnt.style.left = (elmnt.offsetLeft - pos1) + "px";
- }
-
- function closeDragElement() {
- // stop moving when mouse button is released:
- document.onmouseup = null;
- document.onmousemove = null;
- }
- }
- </script>
- ''};
- '';
- };
- virtualHosts."jelly.r" = {
- enableACME = true;
- addSSL = true;
- locations."/".extraConfig = ''
- proxy_pass http://localhost:8096/;
- proxy_set_header Accept-Encoding "";
- '';
- };
- virtualHosts."transmission.r" = {
- enableACME = true;
- addSSL = true;
- locations."/".extraConfig = ''
- proxy_pass http://localhost:9091/;
- proxy_set_header Accept-Encoding "";
- '';
- };
- virtualHosts."radar.r" = {
- enableACME = true;
- addSSL = true;
- locations."/" = {
- proxyWebsockets = true;
- proxyPass = "http://localhost:7878";
- };
- };
- virtualHosts."sonar.r" = {
- enableACME = true;
- addSSL = true;
- locations."/" = {
- proxyWebsockets = true;
- proxyPass = "http://localhost:8989";
- };
- };
- };
-
- services.samba = {
- enable = true;
- enableNmbd = false;
- extraConfig = ''
- workgroup = WORKGROUP
- server string = ${config.networking.hostName}
- # only allow retiolum addresses
- hosts allow = 42::/16 10.243.0.0/16 10.244.0.0/16
-
- # Use sendfile() for performance gain
- use sendfile = true
-
- # No NetBIOS is needed
- disable netbios = true
-
- # Only mangle non-valid NTFS names, don't care about DOS support
- mangled names = illegal
-
- # Performance optimizations
- socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
-
- # Disable all printing
- load printers = false
- disable spoolss = true
- printcap name = /dev/null
-
- map to guest = Bad User
- max log size = 50
- dns proxy = no
- security = user
-
- [global]
- syslog only = yes
- '';
- shares.public = {
- comment = "Warez";
- path = "/var/download";
- public = "yes";
- "only guest" = "yes";
- "create mask" = "0644";
- "directory mask" = "2777";
- writable = "no";
- printable = "no";
- };
- };
-
- systemd.services.bruellwuerfel =
- let
- bruellwuerfelSrc = pkgs.fetchFromGitHub {
- owner = "krebs";
- repo = "bruellwuerfel";
- rev = "dc73adf69249fb63a4b024f1f3fbc9e541b27015";
- sha256 = "078jp1gbavdp8lnwa09xa5m6bbbd05fi4x5ldkkgin5z04hwlhmd";
- };
- in {
- wantedBy = [ "multi-user.target" ];
- environment = {
- IRC_CHANNEL = "#flix";
- IRC_NICK = "bruelli";
- IRC_SERVER = "irc.r";
- IRC_HISTORY_FILE = "/tmp/bruelli.history";
- };
- serviceConfig = {
- ExecStart = "${pkgs.deno}/bin/deno run -A ${bruellwuerfelSrc}/src/index.ts";
- };
- };
-
- krebs.iptables = {
- enable = true;
- tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 80"; target = "ACCEPT"; } # nginx web dir
- { predicate = "-p tcp --dport 443"; target = "ACCEPT"; } # nginx web dir
- { predicate = "-p tcp --dport 9091"; target = "ACCEPT"; } # transmission-web
- { predicate = "-p tcp --dport 51413"; target = "ACCEPT"; } # transmission-traffic
- { predicate = "-p udp --dport 51413"; target = "ACCEPT"; } # transmission-traffic
- { predicate = "-p tcp --dport 8096"; target = "ACCEPT"; } # jellyfin
- { predicate = "-p tcp --dport 9696"; target = "ACCEPT"; } # prowlarr
- { predicate = "-p tcp --dport 8989"; target = "ACCEPT"; } # sonarr
- { predicate = "-p tcp --dport 7878"; target = "ACCEPT"; } # radarr
- { predicate = "-p tcp --dport 6767"; target = "ACCEPT"; } # bazarr
-
- # smbd
- { predicate = "-i retiolum -p tcp --dport 445"; target = "ACCEPT"; }
- { predicate = "-i retiolum -p tcp --dport 111"; target = "ACCEPT"; }
- { predicate = "-i retiolum -p udp --dport 111"; target = "ACCEPT"; }
- { predicate = "-i retiolum -p tcp --dport 2049"; target = "ACCEPT"; }
- { predicate = "-i retiolum -p udp --dport 2049"; target = "ACCEPT"; }
- { predicate = "-i retiolum -p tcp --dport 4000:4002"; target = "ACCEPT"; }
- { predicate = "-i retiolum -p udp --dport 4000:4002"; target = "ACCEPT"; }
- { predicate = "-i wiregrill -p tcp --dport 445"; target = "ACCEPT"; }
- { predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; }
- { predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; }
- { predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; }
- { predicate = "-i wiregrill -p udp --dport 2049"; target = "ACCEPT"; }
- { predicate = "-i wiregrill -p tcp --dport 4000:4002"; target = "ACCEPT"; }
- { predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; }
- ];
- tables.filter.OUTPUT = {
- policy = "DROP";
- rules = [
- { predicate = "-o lo"; target = "ACCEPT"; }
- { v6 = false; predicate = "-d ${vpnIp}/32"; target = "ACCEPT"; }
- { predicate = "-o tun0"; target = "ACCEPT"; }
- { predicate = "-o retiolum"; target = "ACCEPT"; }
- { v6 = false; predicate = "-d 1.1.1.1/32"; target = "ACCEPT"; }
- { v6 = false; predicate = "-d 1.0.0.1/32"; target = "ACCEPT"; }
- { v6 = false; predicate = "-o eth0 -d 10.233.2.0/24"; target = "ACCEPT"; }
- ];
- };
- };
services.openvpn.servers.nordvpn.config = ''
client
@@ -375,49 +103,19 @@ in {
</tls-auth>
'';
- systemd.services.flix-index = {
- wantedBy = [ "multi-user.target" ];
- path = [
- pkgs.coreutils
- pkgs.findutils
- pkgs.inotify-tools
- ];
- serviceConfig = {
- Restart = "always";
- ExecStart = pkgs.writers.writeDash "flix-index" ''
- set -efu
-
- DIR=/var/download
- cd "$DIR"
- while inotifywait -rq -e create -e move -e delete "$DIR"; do
- find . -type f > "$DIR"/index.tmp
- mv "$DIR"/index.tmp "$DIR"/index
- done
- '';
- };
- };
-
- services.jellyfin = {
- enable = true;
- group = "download";
- };
-
- services.radarr = {
- enable = true;
- group = "download";
- };
-
- services.sonarr = {
- enable = true;
- group = "download";
- };
-
- services.prowlarr = {
- enable = true;
- };
-
- services.bazarr = {
+ krebs.iptables = {
enable = true;
- group = "download";
+ tables.filter.OUTPUT = {
+ policy = "DROP";
+ rules = [
+ { predicate = "-o lo"; target = "ACCEPT"; }
+ { v6 = false; predicate = "-d ${vpnIp}/32"; target = "ACCEPT"; }
+ { predicate = "-o tun0"; target = "ACCEPT"; }
+ { predicate = "-o retiolum"; target = "ACCEPT"; }
+ { v6 = false; predicate = "-d 1.1.1.1/32"; target = "ACCEPT"; }
+ { v6 = false; predicate = "-d 1.0.0.1/32"; target = "ACCEPT"; }
+ { v6 = false; predicate = "-o eth0 -d 10.233.2.0/24"; target = "ACCEPT"; }
+ ];
+ };
};
}
diff --git a/lass/2configs/antimicrox/default.nix b/lass/2configs/antimicrox/default.nix
new file mode 100644
index 000000000..16f546ce6
--- /dev/null
+++ b/lass/2configs/antimicrox/default.nix
@@ -0,0 +1,33 @@
+{ config, lib, pkgs, ... }:
+{
+ systemd.services.antimicrox = {
+ wantedBy = [ "multi-user.target" ];
+ environment = {
+ DISPLAY = ":0";
+ };
+ serviceConfig = {
+ User = config.users.users.mainUser.name;
+ ExecStartPre = lib.singleton (pkgs.writeDash "init_state" "echo 0 > /tmp/gamepad.state");
+ ExecStart = "${pkgs.antimicrox}/bin/antimicrox --no-tray --hidden --profile ${./mouse.amgp}";
+ };
+ };
+
+ environment.systemPackages = [
+ (pkgs.writers.writeDashBin "gamepad_mouse_disable" ''
+ echo 1 > /tmp/gamepad.state
+ ${pkgs.antimicrox}/bin/antimicrox --profile ${./empty.amgp}
+ '')
+ (pkgs.writers.writeDashBin "gamepad_mouse_enable" ''
+ echo 0 > /tmp/gamepad.state
+ ${pkgs.antimicrox}/bin/antimicrox --profile ${./mouse.amgp}
+ '')
+ (pkgs.writers.writeDashBin "gamepad_mouse_toggle" ''
+ state=$(${pkgs.coreutils}/bin/cat /tmp/gamepad.state)
+ if [ "$state" = 1 ]; then
+ /run/current-system/sw/bin/gamepad_mouse_enable
+ else
+ /run/current-system/sw/bin/gamepad_mouse_disable
+ fi
+ '')
+ ];
+}
diff --git a/lass/2configs/antimicrox/empty.amgp b/lass/2configs/antimicrox/empty.amgp
new file mode 100644
index 000000000..0257bfe71
--- /dev/null
+++ b/lass/2configs/antimicrox/empty.amgp
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<gamecontroller configversion="19" appversion="3.3.2">
+ <!--The SDL name for a joystick is included for informational purposes only.-->
+ <sdlname>XInput Controller</sdlname>
+ <!--The Unique ID for a joystick is included for informational purposes only.-->
+ <uniqueID>030000005e0400008e020000010100001118654</uniqueID>
+ <stickAxisAssociation index="2" xAxis="3" yAxis="4"/>
+ <stickAxisAssociation index="1" xAxis="1" yAxis="2"/>
+ <vdpadButtonAssociations index="1">
+ <vdpadButtonAssociation axis="0" button="12" direction="1"/>
+ <vdpadButtonAssociation axis="0" button="13" direction="4"/>
+ <vdpadButtonAssociation axis="0" button="14" direction="8"/>
+ <vdpadButtonAssociation axis="0" button="15" direction="2"/>
+ </vdpadButtonAssociations>
+ <names>
+ <controlstickname index="2">R Stick</controlstickname>
+ <controlstickname index="1">L Stick</controlstickname>
+ </names>
+ <sets/>
+</gamecontroller>
diff --git a/lass/2configs/antimicrox/mouse.amgp b/lass/2configs/antimicrox/mouse.amgp
new file mode 100644
index 000000000..313e598de
--- /dev/null
+++ b/lass/2configs/antimicrox/mouse.amgp
@@ -0,0 +1,272 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<gamecontroller configversion="19" appversion="3.3.2">
+ <!--The SDL name for a joystick is included for informational purposes only.-->
+ <sdlname>XInput Controller</sdlname>
+ <!--The Unique ID for a joystick is included for informational purposes only.-->
+ <uniqueID>030000005e0400008e020000010100001118654</uniqueID>
+ <stickAxisAssociation index="2" xAxis="3" yAxis="4"/>
+ <stickAxisAssociation index="1" xAxis="1" yAxis="2"/>
+ <vdpadButtonAssociations index="1">
+ <vdpadButtonAssociation axis="0" button="12" direction="1"/>
+ <vdpadButtonAssociation axis="0" button="13" direction="4"/>
+ <vdpadButtonAssociation axis="0" button="14" direction="8"/>
+ <vdpadButtonAssociation axis="0" button="15" direction="2"/>
+ </vdpadButtonAssociations>
+ <names>
+ <controlstickname index="2">Stick 2</controlstickname>
+ <controlstickname index="1">Stick 1</controlstickname>
+ </names>
+ <sets>
+ <set index="1">
+ <stick index="2">
+ <deadZone>1</deadZone>
+ <maxZone>29501</maxZone>
+ <modifierZone>1412</modifierZone>
+ <diagonalRange>90</diagonalRange>
+ <stickbutton index="7">
+ <mousespeedx>74</mousespeedx>
+ <mousespeedy>74</mousespeedy>
+ <accelerationmultiplier>4</accelerationmultiplier>
+ <startaccelmultiplier>20</startaccelmultiplier>
+ <minaccelthreshold>3</minaccelthreshold>
+ <extraaccelerationcurve>easeoutquad</extraaccelerationcurve>
+ <slots>
+ <slot>
+ <code>3</code>
+ <mode>mousemovement</mode>
+ </slot>
+ </slots>
+ </stickbutton>
+ <stickbutton index="6">
+ <mousespeedx>74</mousespeedx>
+ <mousespeedy>74</mousespeedy>
+ </stickbutton>
+ <stickbutton index="5">
+ <mousespeedx>74</mousespeedx>
+ <mousespeedy>74</mousespeedy>
+ <accelerationmultiplier>4</accelerationmultiplier>
+ <startaccelmultiplier>20</startaccelmultiplier>
+ <minaccelthreshold>3</minaccelthreshold>
+ <extraaccelerationcurve>easeoutquad</extraaccelerationcurve>
+ <slots>
+ <slot>
+ <code>2</code>
+ <mode>mousemovement</mode>
+ </slot>
+ </slots>
+ </stickbutton>
+ <stickbutton index="4">
+ <mousespeedx>74</mousespeedx>
+ <mousespeedy>74</mousespeedy>
+ </stickbutton>
+ <stickbutton index="3">
+ <mousespeedx>74</mousespeedx>
+ <mousespeedy>74</mousespeedy>
+ <accelerationmultiplier>4</accelerationmultiplier>
+ <startaccelmultiplier>20</startaccelmultiplier>
+ <minaccelthreshold>3</minaccelthreshold>
+ <extraaccelerationcurve>easeoutquad</extraaccelerationcurve>
+ <slots>
+ <slot>
+ <code>4</code>
+ <mode>mousemovement</mode>
+ </slot>
+ </slots>
+ </stickbutton>
+ <stickbutton index="2">
+ <mousespeedx>74</mousespeedx>
+ <mousespeedy>74</mousespeedy>
+ </stickbutton>
+ <stickbutton index="1">
+ <mousespeedx>74</mousespeedx>
+ <mousespeedy>74</mousespeedy>
+ <accelerationmultiplier>4</accelerationmultiplier>
+ <startaccelmultiplier>20</startaccelmultiplier>
+ <minaccelthreshold>3</minaccelthreshold>
+ <extraaccelerationcurve>easeoutquad</extraaccelerationcurve>
+ <slots>
+ <slot>
+ <code>1</code>
+ <mode>mousemovement</mode>
+ </slot>
+ </slots>
+ </stickbutton>
+ <stickbutton index="8">
+ <mousespeedx>74</mousespeedx>
+ <mousespeedy>74</mousespeedy>
+ </stickbutton>
+ </stick>
+ <stick index="1">
+ <deadZone>2578</deadZone>
+ <maxZone>30799</maxZone>
+ <stickbutton index="7">
+ <mouseacceleration>linear</mouseacceleration>
+ <slots>
+ <slot>
+ <code>6</code>
+ <mode>mousebutton</mode>
+ </slot>
+ </slots>
+ </stickbutton>
+ <stickbutton index="6">
+ <mouseacceleration>linear</mouseacceleration>
+ </stickbutton>
+ <stickbutton index="5">
+ <mouseacceleration>linear</mouseacceleration>
+ <slots>
+ <slot>
+ <code>5</code>
+ <mode>mousebutton</mode>
+ </slot>
+ </slots>
+ </stickbutton>
+ <stickbutton index="4">
+ <mouseacceleration>linear</mouseacceleration>
+ </stickbutton>
+ <stickbutton index="3">
+ <mouseacceleration>linear</mouseacceleration>
+ <slots>
+ <slot>
+ <code>7</code>
+ <mode>mousebutton</mode>
+ </slot>
+ </slots>
+ </stickbutton>
+ <stickbutton index="2">
+ <mouseacceleration>linear</mouseacceleration>
+ </stickbutton>
+ <stickbutton index="1">
+ <mouseacceleration>linear</mouseacceleration>
+ <slots>
+ <slot>
+ <code>4</code>
+ <mode>mousebutton</mode>
+ </slot>
+ </slots>
+ </stickbutton>
+ <stickbutton index="8">
+ <mouseacceleration>linear</mouseacceleration>
+ </stickbutton>
+ </stick>
+ <dpad index="1">
+ <dpadbutton index="6">
+ <wheelspeedx>2</wheelspeedx>
+ <wheelspeedy>10</wheelspeedy>
+ </dpadbutton>
+ <dpadbutton index="4">
+ <wheelspeedx>2</wheelspeedx>
+ <wheelspeedy>10</wheelspeedy>
+ <slots>
+ <slot>
+ <code>0x1000017</code>
+ <mode>keyboard</mode>
+ </slot>
+ </slots>
+ </dpadbutton>
+ <dpadbutton index="3">
+ <wheelspeedx>2</wheelspeedx>
+ <wheelspeedy>10</wheelspeedy>
+ </dpadbutton>
+ <dpadbutton index="2">
+ <wheelspeedx>2</wheelspeedx>
+ <wheelspeedy>10</wheelspeedy>
+ <slots>
+ <slot>
+ <code>0x1000011</code>
+ <mode>keyboard</mode>
+ </slot>
+ </slots>
+ </dpadbutton>
+ <dpadbutton index="1">
+ <wheelspeedx>10</wheelspeedx>
+ <wheelspeedy>10</wheelspeedy>
+ <slots>
+ <slot>
+ <code>0x1000016</code>
+ <mode>keyboard</mode>
+ </slot>
+ </slots>
+ </dpadbutton>
+ <dpadbutton index="12">
+ <wheelspeedx>2</wheelspeedx>
+ <wheelspeedy>10</wheelspeedy>
+ </dpadbutton>
+ <dpadbutton index="9">
+ <wheelspeedx>2</wheelspeedx>
+ <wheelspeedy>10</wheelspeedy>
+ </dpadbutton>
+ <dpadbutton index="8">
+ <wheelspeedx>2</wheelspeedx>
+ <wheelspeedy>10</wheelspeedy>
+ <slots>
+ <slot>
+ <code>0x1000010</code>
+ <mode>keyboard</mode>
+ </slot>
+ </slots>
+ </dpadbutton>
+ </dpad>
+ <trigger index="6">
+ <deadZone>2000</deadZone>
+ <throttle>positivehalf</throttle>
+ <triggerbutton index="1">
+ <mousespeedx>100</mousespeedx>
+ <mousespeedy>100</mousespeedy>
+ </triggerbutton>
+ <triggerbutton index="2">
+ <mousespeedx>100</mousespeedx>
+ <mousespeedy>100</mousespeedy>
+ <slots>
+ <slot>
+ <code>250</code>
+ <mode>mousespeedmod</mode>
+ </slot>
+ </slots>
+ </triggerbutton>
+ </trigger>
+ <trigger index="5">
+ <throttle>positivehalf</throttle>
+ </trigger>
+ <button index="11">
+ <slots>
+ <slot>
+ <code>1</code>
+ <mode>mousebutton</mode>
+ </slot>
+ </slots>
+ </button>
+ <button index="5">
+ <slots>
+ <slot>
+ <code>1</code>
+ <mode>mousebutton</mode>
+ </slot>
+ </slots>
+ </button>
+ <button index="3">
+ <slots>
+ <slot>
+ <code>2</code>
+ <mode>mousebutton</mode>
+ </slot>
+ </slots>
+ </button>
+ <button index="2">
+ <slots>
+ <slot>
+ <code>3</code>
+ <mode>mousebutton</mode>
+ </slot>
+ </slots>
+ </button>
+ <button index="1">
+ <slots>
+ <slot>
+ <code>1</code>
+ <mode>mousebutton</mode>
+ </slot>
+ </slots>
+ </button>
+ </set>
+ </sets>
+</gamecontroller>
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index efd6c8a24..79777429a 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -91,11 +91,11 @@ in {
xorg.xhost
xsel
zathura
- flameshot-once
+ flameshot
(pkgs.writeDashBin "screenshot" ''
set -efu
- ${pkgs.flameshot-once}/bin/flameshot-once
+ ${pkgs.flameshot}/bin/flameshot gui
${pkgs.klem}/bin/klem
'')
];
diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix
index 00a5d2db0..ea6fb644b 100644
--- a/lass/2configs/browsers.nix
+++ b/lass/2configs/browsers.nix
@@ -1,12 +1,8 @@
{ config, lib, pkgs, ... }:
{
- lass.browser.config = {
- cr = { groups = [ "audio" "video" ]; precedence = 9; };
- };
- programs.chromium = {
- enable = true;
- extensions = [
- "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin
- ];
- };
+ programs.firefox.nativeMessagingHosts.tridactyl = true;
+ environment.variables.BROWSER = "${pkgs.firefox}/bin/firefox";
+ environment.systemPackages = [
+ pkgs.firefox
+ ];
}
diff --git a/lass/2configs/jitsi.nix b/lass/2configs/jitsi.nix
deleted file mode 100644
index fa41f6634..000000000
--- a/lass/2configs/jitsi.nix
+++ /dev/null
@@ -1,24 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
-
- services.jitsi-meet = {
- enable = true;
- hostName = "jitsi.lassul.us";
- config = {
- enableWelcomePage = true;
- requireDisplayName = true;
- analytics.disabled = true;
- };
- interfaceConfig = {
- SHOW_JITSI_WATERMARK = false;
- SHOW_WATERMARK_FOR_GUESTS = false;
- DISABLE_PRESENCE_STATUS = true;
- GENERATE_ROOMNAMES_ON_WELCOME_PAGE = false;
- };
- };
-
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 4443"; target = "ACCEPT"; }
- { predicate = "-p udp --dport 10000"; target = "ACCEPT"; }
- ];
-}
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index f5b2e22b7..0adef8f8c 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -93,8 +93,6 @@ let
tag-new-mails = pkgs.writeDashBin "nm-tag-init" ''
${pkgs.notmuch}/bin/notmuch new
${lib.concatMapStringsSep "\n" (i: ''
- '') (lib.mapAttrsToList lib.nameValuePair mailboxes)}
- ${lib.concatMapStringsSep "\n" (i: ''
mkdir -p "$HOME/Maildir/.${i.name}/cur"
for mail in $(${pkgs.notmuch}/bin/notmuch search --output=files 'tag:inbox and (${lib.concatMapStringsSep " or " (f: "${f}") i.value})'); do
if test -e "$mail"; then
@@ -186,7 +184,9 @@ let
"<enter-command>unset wait_key<enter> \
<shell-escape>${pkgs.writeDash "muchsync" ''
set -efu
- ${pkgs.muchsync}/bin/muchsync -F lass@green.r
+ until ${pkgs.muchsync}/bin/muchsync -F lass@green.r; do
+ sleep 1
+ done
''}<enter> \
'run muchsync to green.r'
diff --git a/lass/2configs/mumble-reminder.nix b/lass/2configs/mumble-reminder.nix
index fe75a96a6..c4cc60dc5 100644
--- a/lass/2configs/mumble-reminder.nix
+++ b/lass/2configs/mumble-reminder.nix
@@ -23,7 +23,7 @@
Kois
Faulaffen
Schraubenziegen
- Nachtigalle
+ Nachtigallen
Okapis
Stachelschweine
Kurzschwanzkängurus
@@ -49,7 +49,7 @@
pattern = "^nerv nicht$";
activate = "match";
command = {
- filename = pkgs.writeDash "add_remind" ''
+ filename = pkgs.writeDash "del_remind" ''
${pkgs.gnused}/bin/sed -i "/$_from/d" /var/lib/reaktor2-mumble-reminder/users
echo "okok, Ich werde $_from nich mehr errinern"
'';
@@ -80,7 +80,7 @@ in {
};
systemd.services.mumble-reminder-nixos = {
description = "weekly reminder for nixos mumble";
- startAt = "Thu *-*-* 19:00:00 Europe/Berlin";
+ startAt = "Thu *-*-* 17:00:00 Europe/Berlin";
serviceConfig = {
ExecStart = pkgs.writers.writeDash "mumble_reminder" ''
animals='
diff --git a/lass/2configs/murmur.nix b/lass/2configs/murmur.nix
deleted file mode 100644
index 42670dfbb..000000000
--- a/lass/2configs/murmur.nix
+++ /dev/null
@@ -1,42 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
- services.murmur = {
- enable = true;
- allowHtml = false;
- bandwidth = 10000000;
- registerName = "lassul.us";
- autobanTime = 30;
- sslCert = "/var/lib/acme/lassul.us/cert.pem";
- sslKey = "/var/lib/acme/lassul.us/key.pem";
- };
- users.groups.lasscert.members = [
- "murmur"
- ];
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
- { predicate = "-p udp --dport 64738"; target = "ACCEPT";}
- ];
-
- systemd.services.docker-mumble-web.serviceConfig = {
- StandardOutput = lib.mkForce "journal";
- StandardError = lib.mkForce "journal";
- };
- virtualisation.oci-containers.containers.mumble-web = {
- image = "rankenstein/mumble-web:0.5";
- environment = {
- MUMBLE_SERVER = "lassul.us:64738";
- };
- ports = [
- "64739:8080"
- ];
- };
-
- services.nginx.virtualHosts."mumble.lassul.us" = {
- enableACME = true;
- forceSSL = true;
- locations."/" = {
- proxyPass = "http://localhost:64739";
- proxyWebsockets = true;
- };
- };
-}
diff --git a/lass/2configs/print.nix b/lass/2configs/print.nix
index c2b3e8377..5769f9b15 100644
--- a/lass/2configs/print.nix
+++ b/lass/2configs/print.nix
@@ -6,5 +6,19 @@
pkgs.foomatic-filters
pkgs.gutenprint
];
+ browsing = true;
+ browsedConf = ''
+ BrowseDNSSDSubTypes _cups,_print
+ BrowseLocalProtocols all
+ BrowseRemoteProtocols all
+ CreateIPPPrinterQueues All
+
+ BrowseProtocols all
+ '';
+ };
+ services.avahi = {
+ enable = true;
+ openFirewall = true;
+ nssmdns = true;
};
}
diff --git a/lass/2configs/services/coms/default.nix b/lass/2configs/services/coms/default.nix
new file mode 100644
index 000000000..4bc5f744b
--- /dev/null
+++ b/lass/2configs/services/coms/default.nix
@@ -0,0 +1,6 @@
+{
+ imports = [
+ ./jitsi.nix
+ ./murmur.nix
+ ];
+}
diff --git a/lass/2configs/services/coms/jitsi.nix b/lass/2configs/services/coms/jitsi.nix
new file mode 100644
index 000000000..bbcb36166
--- /dev/null
+++ b/lass/2configs/services/coms/jitsi.nix
@@ -0,0 +1,43 @@
+{ config, lib, pkgs, ... }:
+{
+
+ services.jitsi-meet = {
+ enable = true;
+ hostName = "jitsi.lassul.us";
+ config = {
+ enableWelcomePage = true;
+ requireDisplayName = true;
+ analytics.disabled = true;
+ startAudioOnly = true;
+ channelLastN = 4;
+ stunServers = [
+ # - https://www.kuketz-blog.de/jitsi-meet-server-einstellungen-fuer-einen-datenschutzfreundlichen-betrieb/
+ { urls = "turn:turn.matrix.org:3478?transport=udp"; }
+ { urls = "turn:turn.matrix.org:3478?transport=tcp"; }
+ # - services.coturn:
+ #{ urls = "turn:turn.${domainName}:3479?transport=udp"; }
+ #{ urls = "turn:turn.${domainName}:3479?transport=tcp"; }
+ ];
+ constraints.video.height = {
+ ideal = 720;
+ max = 1080;
+ min = 240;
+ };
+ };
+ interfaceConfig = {
+ SHOW_JITSI_WATERMARK = false;
+ SHOW_WATERMARK_FOR_GUESTS = false;
+ DISABLE_PRESENCE_STATUS = true;
+ GENERATE_ROOMNAMES_ON_WELCOME_PAGE = false;
+ };
+ };
+
+ services.jitsi-videobridge.config = {
+ org.jitsi.videobridge.TRUST_BWE = false;
+ };
+
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p tcp --dport 4443"; target = "ACCEPT"; }
+ { predicate = "-p udp --dport 10000"; target = "ACCEPT"; }
+ ];
+}
diff --git a/lass/2configs/services/coms/murmur.nix b/lass/2configs/services/coms/murmur.nix
new file mode 100644
index 000000000..40c53da36
--- /dev/null
+++ b/lass/2configs/services/coms/murmur.nix
@@ -0,0 +1,47 @@
+{ config, lib, pkgs, ... }:
+{
+ services.murmur = {
+ enable = true;
+ # allowHtml = false;
+ bandwidth = 10000000;
+ registerName = "lassul.us";
+ autobanTime = 30;
+ sslCert = "/var/lib/acme/lassul.us/cert.pem";
+ sslKey = "/var/lib/acme/lassul.us/key.pem";
+ extraConfig = ''
+ opusthreshold=0
+ # rememberchannelduration=10000
+ '';
+ };
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
+ { predicate = "-p udp --dport 64738"; target = "ACCEPT";}
+ ];
+
+ # services.botamusique = {
+ # enable = true;
+ # settings = {
+ # server.host = "lassul.us";
+ # bot.auto_check_updates = false;
+ # bot.max_track_duration = 360;
+ # webinterface.enabled = true;
+ # };
+ # };
+
+ services.nginx.virtualHosts."lassul.us" = {
+ enableACME = true;
+ };
+ security.acme.certs."lassul.us" = {
+ group = "lasscert";
+ };
+ users.groups.lasscert.members = [
+ "nginx"
+ "murmur"
+ ];
+
+ # services.nginx.virtualHosts."bota.r" = {
+ # locations."/" = {
+ # proxyPass = "http://localhost:8181";
+ # };
+ # };
+}
diff --git a/lass/2configs/services/coms/proxy.nix b/lass/2configs/services/coms/proxy.nix
new file mode 100644
index 000000000..57e132151
--- /dev/null
+++ b/lass/2configs/services/coms/proxy.nix
@@ -0,0 +1,41 @@
+{ config, lib, pkgs, ... }:
+let
+ tcpports = [
+ 4443 # jitsi
+ 64738 # murmur
+ ];
+ udpports = [
+ 10000 # jitsi
+ 64738 # murmur
+ ];
+ target = "orange.r";
+in
+{
+ networking.firewall.allowedTCPPorts = tcpports;
+ networking.firewall.allowedUDPPorts = udpports;
+ services.nginx.streamConfig = ''
+ ${lib.concatMapStringsSep "\n" (port: ''
+ server {
+ listen ${toString port};
+ proxy_pass ${target}:${toString port};
+ }
+ '') tcpports}
+ ${lib.concatMapStringsSep "\n" (port: ''
+ server {
+ listen ${toString port} udp;
+ proxy_pass ${target}:${toString port};
+ }
+ '') udpports}
+ '';
+
+ services.nginx.virtualHosts."jitsi.lassul.us" = {
+ enableACME = true;
+ acmeFallbackHost = "${target}";
+ addSSL = true;
+ locations."/" = {
+ recommendedProxySettings = true;
+ proxyWebsockets = true;
+ proxyPass = "http://${target}";
+ };
+ };
+}
diff --git a/lass/2configs/services/flix/container-host.nix b/lass/2configs/services/flix/container-host.nix
new file mode 100644
index 000000000..1c5b81128
--- /dev/null
+++ b/lass/2configs/services/flix/container-host.nix
@@ -0,0 +1,40 @@
+{ config, pkgs, ... }:
+{
+ krebs.sync-containers3.containers.yellow = {
+ sshKey = "${toString <secrets>}/yellow.sync.key";
+ };
+ containers.yellow.bindMounts."/var/lib" = {
+ hostPath = "/var/lib/sync-containers3/yellow/state";
+ isReadOnly = false;
+ };
+ containers.yellow.bindMounts."/var/download" = {
+ hostPath = "/var/download";
+ isReadOnly = false;
+ };
+ # krebs.iptables.tables.filter.FORWARD.rules = [
+ # { predicate = "-d ${config.krebs.hosts.yellow.nets.retiolum.ip4.addr} -p tcp --dport 8000 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; v6 = false; }
+ # { predicate = "-d ${config.krebs.hosts.yellow.nets.retiolum.ip6.addr} -p tcp --dport 8000 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; v4 = false; }
+ # ];
+ # krebs.iptables.tables.nat.PREROUTING.rules = [
+ # { predicate = "-p tcp --dport 2"; target = "DNAT --to-destination ${config.krebs.hosts.radio.nets.retiolum.ip4.addr}:8000"; v6 = false; }
+ # { predicate = "-p tcp --dport 2"; target = "DNAT --to-destination ${config.krebs.hosts.radio.nets.retiolum.ip6.addr}:8000"; v4 = false; }
+ # ];
+ networking.firewall.allowedTCPPorts = [ 8096 8920 ];
+ networking.firewall.allowedUDPPorts = [ 1900 7359 ];
+ containers.yellow.forwardPorts = [
+ { hostPort = 8096; containerPort = 8096; protocol = "tcp"; }
+ { hostPort = 8920; containerPort = 8920; protocol = "tcp"; }
+ { hostPort = 1900; containerPort = 1900; protocol = "udp"; }
+ { hostPort = 7359; containerPort = 7359; protocol = "udp"; }
+ ];
+
+ services.nginx.virtualHosts."flix.lassul.us" = {
+ # forceSSL = true;
+ # enableACME = true;
+ locations."/" = {
+ proxyPass = "http://yellow.r:8096";
+ proxyWebsockets = true;
+ recommendedProxySettings = true;
+ };
+ };
+}
diff --git a/lass/2configs/services/flix/default.nix b/lass/2configs/services/flix/default.nix
new file mode 100644
index 000000000..e6be394ce
--- /dev/null
+++ b/lass/2configs/services/flix/default.nix
@@ -0,0 +1,316 @@
+{ config, lib, pkgs, ... }:
+{
+ users.groups.download.members = [ "transmission" ];
+ services.transmission = {
+ enable = true;
+ home = "/var/state/transmission";
+ group = "download";
+ downloadDirPermissions = "775";
+ settings = {
+ download-dir = "/var/download/transmission";
+ incomplete-dir-enabled = false;
+ rpc-bind-address = "::";
+ message-level = 1;
+ umask = 18;
+ rpc-whitelist-enabled = false;
+ rpc-host-whitelist-enabled = false;
+ };
+ };
+
+ security.acme.defaults.email = "spam@krebsco.de";
+ security.acme.acceptTerms = true;
+ security.acme.certs."yellow.r".server = config.krebs.ssl.acmeURL;
+ security.acme.certs."jelly.r".server = config.krebs.ssl.acmeURL;
+ security.acme.certs."radar.r".server = config.krebs.ssl.acmeURL;
+ security.acme.certs."sonar.r".server = config.krebs.ssl.acmeURL;
+ security.acme.certs."transmission.r".server = config.krebs.ssl.acmeURL;
+ services.nginx = {
+ enable = true;
+ package = pkgs.nginx.override {
+ modules = with pkgs.nginxModules; [
+ fancyindex
+ ];
+ };
+ virtualHosts."yellow.r" = {
+ default = true;
+ enableACME = true;
+ addSSL = true;
+ locations."/" = {
+ root = "/var/download";
+ extraConfig = ''
+ fancyindex on;
+ fancyindex_footer "/fancy.html";
+ include ${pkgs.nginx}/conf/mime.types;
+ include ${pkgs.writeText "extrMime" ''
+ types {
+ video/webm mkv;
+ }
+ ''};
+ create_full_put_path on;
+ '';
+ };
+ locations."/chatty" = {
+ proxyPass = "http://localhost:3000";
+ extraConfig = ''
+ rewrite /chatty/(.*) /$1 break;
+ proxy_set_header Host $host;
+ '';
+ };
+ locations."= /fancy.html".extraConfig = ''
+ alias ${pkgs.writeText "nginx_footer" ''
+ <div id="mydiv">
+ <!-- Include a header DIV with the same name as the draggable DIV, followed by "header" -->
+ <div id="mydivheader">Click here to move</div>
+ <iframe src="/chatty/index.html"></iframe>
+ </div>
+ <style>
+ #mydiv {
+ position: absolute;
+ z-index: 9;
+ background-color: #f1f1f1;
+ border: 1px solid #d3d3d3;
+ text-align: center;
+ }
+
+ #mydivheader {
+ padding: 10px;
+ cursor: move;
+ z-index: 10;
+ background-color: #2196F3;
+ color: #fff;
+ }
+ </style>
+ <script>
+ // Make the DIV element draggable:
+ dragElement(document.getElementById("mydiv"));
+
+ function dragElement(elmnt) {
+ var pos1 = 0, pos2 = 0, pos3 = 0, pos4 = 0;
+ if (document.getElementById(elmnt.id + "header")) {
+ // if present, the header is where you move the DIV from:
+ document.getElementById(elmnt.id + "header").onmousedown = dragMouseDown;
+ } else {
+ // otherwise, move the DIV from anywhere inside the DIV:
+ elmnt.onmousedown = dragMouseDown;
+ }
+
+ function dragMouseDown(e) {
+ e = e || window.event;
+ e.preventDefault();
+ // get the mouse cursor position at startup:
+ pos3 = e.clientX;
+ pos4 = e.clientY;
+ document.onmouseup = closeDragElement;
+ // call a function whenever the cursor moves:
+ document.onmousemove = elementDrag;
+ }
+
+ function elementDrag(e) {
+ e = e || window.event;
+ e.preventDefault();
+ // calculate the new cursor position:
+ pos1 = pos3 - e.clientX;
+ pos2 = pos4 - e.clientY;
+ pos3 = e.clientX;
+ pos4 = e.clientY;
+ // set the element's new position:
+ elmnt.style.top = (elmnt.offsetTop - pos2) + "px";
+ elmnt.style.left = (elmnt.offsetLeft - pos1) + "px";
+ }
+
+ function closeDragElement() {
+ // stop moving when mouse button is released:
+ document.onmouseup = null;
+ document.onmousemove = null;
+ }
+ }
+ </script>
+ ''};
+ '';
+ };
+ virtualHosts."jelly.r" = {
+ enableACME = true;
+ addSSL = true;
+ locations."/".extraConfig = ''
+ proxy_pass http://localhost:8096/;
+ proxy_set_header Accept-Encoding "";
+ '';
+ };
+ virtualHosts."transmission.r" = {
+ enableACME = true;
+ addSSL = true;
+ locations."/" = {
+ proxyWebsockets = true;
+ proxyPass = "http://localhost:9091";
+ };
+ };
+ virtualHosts."radar.r" = {
+ enableACME = true;
+ addSSL = true;
+ locations."/" = {
+ proxyWebsockets = true;
+ proxyPass = "http://localhost:7878";
+ };
+ };
+ virtualHosts."sonar.r" = {
+ enableACME = true;
+ addSSL = true;
+ locations."/" = {
+ proxyWebsockets = true;
+ proxyPass = "http://localhost:8989";
+ };
+ };
+ };
+
+ services.samba = {
+ enable = true;
+ enableNmbd = false;
+ extraConfig = ''
+ workgroup = WORKGROUP
+ server string = ${config.networking.hostName}
+ # only allow retiolum addresses
+ hosts allow = 42::/16 10.243.0.0/16 10.244.0.0/16
+
+ # Use sendfile() for performance gain
+ use sendfile = true
+
+ # No NetBIOS is needed
+ disable netbios = true
+
+ # Only mangle non-valid NTFS names, don't care about DOS support
+ mangled names = illegal
+
+ # Performance optimizations
+ socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
+
+ # Disable all printing
+ load printers = false
+ disable spoolss = true
+ printcap name = /dev/null
+
+ map to guest = Bad User
+ max log size = 50
+ dns proxy = no
+ security = user
+
+ [global]
+ syslog only = yes
+ '';
+ shares.public = {
+ comment = "Warez";
+ path = "/var/download";
+ public = "yes";
+ "only guest" = "yes";
+ "create mask" = "0644";
+ "directory mask" = "2777";
+ writable = "no";
+ printable = "no";
+ };
+ };
+
+ systemd.services.bruellwuerfel =
+ let
+ bruellwuerfelSrc = pkgs.fetchFromGitHub {
+ owner = "krebs";
+ repo = "bruellwuerfel";
+ rev = "dc73adf69249fb63a4b024f1f3fbc9e541b27015";
+ sha256 = "078jp1gbavdp8lnwa09xa5m6bbbd05fi4x5ldkkgin5z04hwlhmd";
+ };
+ in {
+ wantedBy = [ "multi-user.target" ];
+ environment = {
+ IRC_CHANNEL = "#flix";
+ IRC_NICK = "bruelli";
+ IRC_SERVER = "irc.r";
+ IRC_HISTORY_FILE = "/tmp/bruelli.history";
+ };
+ serviceConfig = {
+ ExecStart = "${pkgs.deno}/bin/deno run -A ${bruellwuerfelSrc}/src/index.ts";
+ };
+ };
+
+ krebs.iptables = {
+ enable = true;
+ tables.filter.INPUT.rules = [
+ { predicate = "-p tcp --dport 80"; target = "ACCEPT"; } # nginx web dir
+ { predicate = "-p tcp --dport 443"; target = "ACCEPT"; } # nginx web dir
+ { predicate = "-p tcp --dport 9091"; target = "ACCEPT"; } # transmission-web
+ { predicate = "-p tcp --dport 51413"; target = "ACCEPT"; } # transmission-traffic
+ { predicate = "-p udp --dport 51413"; target = "ACCEPT"; } # transmission-traffic
+ { predicate = "-p tcp --dport 8096"; target = "ACCEPT"; } # jellyfin
+ { predicate = "-p tcp --dport 8920"; target = "ACCEPT"; } # jellyfin
+ { predicate = "-p udp --dport 1900"; target = "ACCEPT"; } # jellyfin
+ { predicate = "-p udp --dport 7359"; target = "ACCEPT"; } # jellyfin
+ { predicate = "-p tcp --dport 9696"; target = "ACCEPT"; } # prowlarr
+ { predicate = "-p tcp --dport 8989"; target = "ACCEPT"; } # sonarr
+ { predicate = "-p tcp --dport 7878"; target = "ACCEPT"; } # radarr
+ { predicate = "-p tcp --dport 6767"; target = "ACCEPT"; } # bazarr
+
+ # smbd
+ { predicate = "-i retiolum -p tcp --dport 445"; target = "ACCEPT"; }
+ { predicate = "-i retiolum -p tcp --dport 111"; target = "ACCEPT"; }
+ { predicate = "-i retiolum -p udp --dport 111"; target = "ACCEPT"; }
+ { predicate = "-i retiolum -p tcp --dport 2049"; target = "ACCEPT"; }
+ { predicate = "-i retiolum -p udp --dport 2049"; target = "ACCEPT"; }
+ { predicate = "-i retiolum -p tcp --dport 4000:4002"; target = "ACCEPT"; }
+ { predicate = "-i retiolum -p udp --dport 4000:4002"; target = "ACCEPT"; }
+ { predicate = "-i wiregrill -p tcp --dport 445"; target = "ACCEPT"; }
+ { predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; }
+ { predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; }
+ { predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; }
+ { predicate = "-i wiregrill -p udp --dport 2049"; target = "ACCEPT"; }
+ { predicate = "-i wiregrill -p tcp --dport 4000:4002"; target = "ACCEPT"; }
+ { predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; }
+ ];
+ };
+
+ systemd.services.flix-index = {
+ wantedBy = [ "multi-user.target" ];
+ path = [
+ pkgs.coreutils
+ pkgs.findutils
+ pkgs.inotify-tools
+ ];
+ serviceConfig = {
+ Restart = "always";
+ ExecStart = pkgs.writers.writeDash "flix-index" ''
+ set -efu
+
+ DIR=/var/download
+ cd "$DIR"
+ while inotifywait -rq -e create -e move -e delete "$DIR"; do
+ find . -type f > "$DIR"/index.tmp
+ mv "$DIR"/index.tmp "$DIR"/index
+ done
+ '';
+ };
+ };
+
+ services.jellyfin = {
+ enable = true;
+ group = "download";
+ };
+
+ # movies
+ services.radarr = {
+ enable = true;
+ group = "download";
+ };
+
+ # shows
+ services.sonarr = {
+ enable = true;
+ group = "download";
+ };
+
+ # indexers
+ services.prowlarr = {
+ enable = true;
+ };
+
+ # subtitles
+ services.bazarr = {
+ enable = true;
+ group = "download";
+ };
+}
diff --git a/lass/2configs/services/flix/proxy.nix b/lass/2configs/services/flix/proxy.nix
new file mode 100644
index 000000000..c16c6def3
--- /dev/null
+++ b/lass/2configs/services/flix/proxy.nix
@@ -0,0 +1,12 @@
+{ config, pkgs, ... }:
+{
+ services.nginx.virtualHosts."flix.lassul.us" = {
+ forceSSL = true;
+ enableACME = true;
+ locations."/" = {
+ proxyPass = "http://yellow.r:8096";
+ proxyWebsockets = true;
+ recommendedProxySettings = true;
+ };
+ };
+}
diff --git a/lass/2configs/radio/container-host.nix b/lass/2configs/services/radio/container-host.nix
index de0ea9afe..de0ea9afe 100644
--- a/lass/2configs/radio/container-host.nix
+++ b/lass/2configs/services/radio/container-host.nix
diff --git a/lass/2configs/radio/controls.html b/lass/2configs/services/radio/controls.html
index 858dc3656..858dc3656 100644
--- a/lass/2configs/radio/controls.html
+++ b/lass/2configs/services/radio/controls.html
diff --git a/lass/2configs/radio/default.nix b/lass/2configs/services/radio/default.nix
index a511196fd..a511196fd 100644
--- a/lass/2configs/radio/default.nix
+++ b/lass/2configs/services/radio/default.nix
diff --git a/lass/2configs/radio/news.nix b/lass/2configs/services/radio/news.nix
index 0dc711e6c..0dc711e6c 100644
--- a/lass/2configs/radio/news.nix
+++ b/lass/2configs/services/radio/news.nix
diff --git a/lass/2configs/services/radio/proxy.nix b/lass/2configs/services/radio/proxy.nix
new file mode 100644
index 000000000..49f8ade79
--- /dev/null
+++ b/lass/2configs/services/radio/proxy.nix
@@ -0,0 +1,17 @@
+{ config, pkgs, ... }:
+{
+ services.nginx.virtualHosts."radio.lassul.us" = {
+ enableACME = true;
+ addSSL = true;
+ locations."/" = {
+ # recommendedProxySettings = true;
+ proxyWebsockets = true;
+ proxyPass = "http://radio.r";
+ extraConfig = ''
+ proxy_set_header Host radio.r;
+ # get source ip for weather reports
+ proxy_set_header user-agent "$http_user_agent; client-ip=$remote_addr";
+ '';
+ };
+ };
+}
diff --git a/lass/2configs/radio/radio.liq b/lass/2configs/services/radio/radio.liq
index 1366287a7..1366287a7 100644
--- a/lass/2configs/radio/radio.liq
+++ b/lass/2configs/services/radio/radio.liq
diff --git a/lass/2configs/radio/shell.nix b/lass/2configs/services/radio/shell.nix
index 9d00e3b06..9d00e3b06 100644
--- a/lass/2configs/radio/shell.nix
+++ b/lass/2configs/services/radio/shell.nix
diff --git a/lass/2configs/radio/weather.nix b/lass/2configs/services/radio/weather.nix
index dca8a7843..dca8a7843 100644
--- a/lass/2configs/radio/weather.nix
+++ b/lass/2configs/services/radio/weather.nix
diff --git a/lass/2configs/radio/weather_for_ips.py b/lass/2configs/services/radio/weather_for_ips.py
index 62206a985..62206a985 100644
--- a/lass/2configs/radio/weather_for_ips.py
+++ b/lass/2configs/services/radio/weather_for_ips.py
diff --git a/lass/2configs/xdg-open.nix b/lass/2configs/xdg-open.nix
index 88ea7ba59..02c551a2b 100644
--- a/lass/2configs/xdg-open.nix
+++ b/lass/2configs/xdg-open.nix
@@ -1,12 +1,13 @@
{ config, pkgs, lib, ... }: with import <stockholm/lib>; let
xdg-open-wrapper = pkgs.writeDashBin "xdg-open" ''
- /run/wrappers/bin/sudo -u lass ${xdg-open} "$@"
+ exec ${xdg-open}/bin/xdg-open "$@" >> /tmp/xdg-debug.log 2>&1
'';
- xdg-open = pkgs.writeBash "xdg-open" ''
- set -e
+ xdg-open = pkgs.writeBashBin "xdg-open" ''
+ set -xe
FILE="$1"
+ PATH=/run/current-system/sw/bin
mime=
case "$FILE" in
@@ -35,15 +36,13 @@
case "$mime" in
special/mailaddress)
- urxvtc --execute vim "$FILE" ;;
- ${optionalString (hasAttr "browser" config.lass) ''
+ alacritty --execute vim "$FILE" ;;
text/html)
- ${config.lass.browser.select}/bin/browser-select "$FILE" ;;
+ firefox "$FILE" ;;
text/xml)
- ${config.lass.browser.select}/bin/browser-select "$FILE" ;;
- ''}
+ firefox "$FILE" ;;
text/*)
- urxvtc --execute vim "$FILE" ;;
+ alacritty --execute vim "$FILE" ;;
image/*)
sxiv "$FILE" ;;
application/x-bittorrent)
@@ -51,17 +50,18 @@
application/pdf)
zathura "$FILE" ;;
inode/directory)
- sudo -u lass -i urxvtc --execute mc "$FILE" ;;
+ alacritty --execute mc "$FILE" ;;
*)
# open dmenu and ask for program to open with
- $(dmenu_path | dmenu) "$FILE";;
+ runner=$(print -rC1 -- ''${(ko)commands} | dmenu)
+ exec $runner "$FILE";;
esac
'';
in {
environment.systemPackages = [ xdg-open-wrapper ];
security.sudo.extraConfig = ''
- cr ALL=(lass) NOPASSWD: ${xdg-open} *
- ff ALL=(lass) NOPASSWD: ${xdg-open} *
+ cr ALL=(lass) NOPASSWD: ${xdg-open}/bin/xdg-open *
+ ff ALL=(lass) NOPASSWD: ${xdg-open}/bin/xdg-open *
'';
}
diff --git a/lass/2configs/xmonad.nix b/lass/2configs/xmonad.nix
index b506e026d..1789725d1 100644
--- a/lass/2configs/xmonad.nix
+++ b/lass/2configs/xmonad.nix
@@ -159,14 +159,14 @@ myKeyMap =
${pkgs.clipmenu}/bin/clipmenu
''}")
- , ("M4-<F2>", windows copyToAll)
-
- , ("M4-<F4>", spawn "${pkgs.nm-dmenu}/bin/nm-dmenu")
, ("M4-<Insert>", spawn "${pkgs.writeDash "paste" ''
${pkgs.coreutils}/bin/sleep 0.4
${pkgs.xclip}/bin/xclip -o | ${pkgs.xdotool}/bin/xdotool type -f -
''}")
+ , ("M4-<F1>", spawn "/run/current-system/sw/bin/gamepad_mouse_toggle")
+ , ("M4-<F2>", windows copyToAll)
+ , ("M4-<F4>", spawn "${pkgs.nm-dmenu}/bin/nm-dmenu")
, ("M4-<F5>", spawn "${pkgs.acpilight}/bin/xbacklight -set 1")
, ("M4-<F6>", spawn "${pkgs.acpilight}/bin/xbacklight -set 10")
, ("M4-<F7>", spawn "${pkgs.acpilight}/bin/xbacklight -set 33")
diff --git a/lass/2configs/yellow-host.nix b/lass/2configs/yellow-host.nix
deleted file mode 100644
index 36027cb5d..000000000
--- a/lass/2configs/yellow-host.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{ config, pkgs, ... }:
-{
- krebs.sync-containers3.containers.yellow = {
- sshKey = "${toString <secrets>}/yellow.sync.key";
- };
- containers.yellow.bindMounts."/var/lib" = {
- hostPath = "/var/lib/sync-containers3/yellow/state";
- isReadOnly = false;
- };
- containers.yellow.bindMounts."/var/download" = {
- hostPath = "/var/download";
- isReadOnly = false;
- };
-}
diff --git a/lass/3modules/browsers.nix b/lass/3modules/browsers.nix
deleted file mode 100644
index 4171abdb6..000000000
--- a/lass/3modules/browsers.nix
+++ /dev/null
@@ -1,94 +0,0 @@
-{ config, lib, pkgs, ... }:
-with import <stockholm/lib>;
-let
-
- cfg = config.lass.browser;
-
- browserScripts = {
- brave = "${pkgs.brave}/bin/brave";
- chrome = "${pkgs.google-chrome}/bin/chrome";
- chromium = "${pkgs.ungoogled-chromium}/bin/chromium";
- firefox = "${pkgs.firefox.override {
- extraNativeMessagingHosts = [ pkgs.tridactyl-native ];
- }}/bin/firefox";
- qutebrowser = "${pkgs.qutebrowser}/bin/qutebrowser";
- };
-
- browser-select = let
- sortedPaths = sort (a: b: a.value.precedence > b.value.precedence)
- (filter (x: ! x.value.hidden)
- (mapAttrsToList (name: value: { inherit name value; })
- cfg.config));
- in if (lib.length sortedPaths) > 1 then
- pkgs.writeScriptBin "browser-select" ''
- BROWSER=$(echo -e "${concatStringsSep "\\n" (map (getAttr "name") sortedPaths)}" | ${pkgs.dmenu}/bin/dmenu)
- case $BROWSER in
- ${concatMapStringsSep "\n" (n: ''
- ${n.name})
- export BIN=${config.lass.xjail-bins.${n.name}}/bin/${n.name}
- ;;
- '') (sortedPaths)}
- esac
- $BIN "$@"
- ''
- else
- let
- name = (lib.head sortedPaths).name;
- in pkgs.writeScriptBin "browser-select" ''
- ${config.lass.xjail-bins.${name}}/bin/${name} "$@"
- ''
- ;
-
-in {
- options.lass.browser = {
- select = mkOption {
- type = types.path;
- };
- config = mkOption {
- type = types.attrsOf (types.submodule ({ config, ... }: {
- options = {
- name = mkOption {
- type = types.str;
- default = config._module.args.name;
- };
- hidden = mkOption {
- type = types.bool;
- default = false;
- };
- precedence = mkOption {
- type = types.int;
- default = 0;
- };
- user = mkOption {
- type = types.str;
- default = config._module.args.name;
- };
- browser = mkOption {
- type = types.enum (attrNames browserScripts);
- default = "brave";
- };
- groups = mkOption {
- type = types.listOf types.str;
- default = [];
- };
- };
- }));
- default = {};
- };
- };
-
- config = (mkIf (cfg.config != {}) {
- lass.xjail = mapAttrs' (name: browser:
- nameValuePair name {
- script = browserScripts.${browser.browser};
- groups = browser.groups;
- }
- ) cfg.config;
- environment.systemPackages = (map (browser:
- config.lass.xjail-bins.${browser.name}
- ) (attrValues cfg.config)) ++ [
- browser-select
- ];
- lass.browser.select = browser-select;
- });
-}
diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix
index 3a0b1306c..0e1a794ca 100644
--- a/lass/3modules/default.nix
+++ b/lass/3modules/default.nix
@@ -12,8 +12,6 @@ _:
./pyload.nix
./screenlock.nix
./usershadow.nix
- ./xjail.nix
./autowifi.nix
- ./browsers.nix
];
}
diff --git a/lass/3modules/xjail.nix b/lass/3modules/xjail.nix
deleted file mode 100644
index 08a28b8e3..000000000
--- a/lass/3modules/xjail.nix
+++ /dev/null
@@ -1,173 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-with import <stockholm/lib>;
-{
- options.lass.xjail = mkOption {
- type = types.attrsOf (types.submodule ({ config, ...}: {
- options = {
- name = mkOption {
- type = types.str;
- default = config._module.args.name;
- };
- user = mkOption {
- type = types.str;
- default = config.name;
- };
- groups = mkOption {
- type = types.listOf types.str;
- default = [];
- };
- from = mkOption {
- type = types.str;
- default = "lass";
- };
- display = mkOption {
- type = types.str;
- default = toString (genid_uint31 config._module.args.name);
- };
- dpi = mkOption {
- type = types.int;
- default = 90;
- };
- extraXephyrArgs = mkOption {
- type = types.str;
- default = "";
- };
- extraVglrunArgs = mkOption {
- type = types.str;
- default = "";
- };
- script = mkOption {
- type = types.path;
- default = pkgs.writeScript "echo_lol" "echo lol";
- };
- wm = mkOption {
- #TODO find type
- type = types.str;
- defaultText = "‹script›";
- default = "${pkgs.writeHaskellPackage "xephyrify-xmonad" {
- executables.xmonad = {
- extra-depends = [
- "containers"
- "unix"
- "xmonad"
- ];
- text = /* haskell */ ''
- module Main where
- import XMonad
- import Data.Monoid
- import System.Posix.Process (executeFile)
- import qualified Data.Map as Map
-
- main :: IO ()
- main = do
- xmonad def
- { workspaces = [ "1" ]
- , layoutHook = myLayoutHook
- , keys = myKeys
- , normalBorderColor = "#000000"
- , focusedBorderColor = "#000000"
- , handleEventHook = myEventHook
- }
-
- myEventHook :: Event -> X All
-
- myEventHook (ConfigureEvent { ev_event_type = 22 }) = do
- spawn "${pkgs.xorg.xrandr}/bin/xrandr >/dev/null 2>&1"
- return (All True)
-
- myEventHook _ = do
- return (All True)
-
- myLayoutHook = Full
- myKeys _ = Map.fromList []
- '';
- };
- }}/bin/xmonad";
- };
- };
- }));
- default = {};
- };
-
- options.lass.xjail-bins = mkOption {
- type = types.attrsOf types.path;
- };
-
- # implementation
- config = let
- scripts = mapAttrs' (name: cfg:
- let
- newOrExisting = pkgs.writeDash "${cfg.name}-existing" ''
- DISPLAY=:${cfg.display} ${pkgs.xorg.xrandr}/bin/xrandr
- if test $? -eq 0; then
- echo using existing xephyr
- ${sudo_} "$@"
- else
- echo starting new xephyr
- ${xephyr_} "$@"
- fi
- '';
- xephyr_ = pkgs.writeDash "${cfg.name}-xephyr" ''
- ${pkgs.xorg.xorgserver}/bin/Xephyr -br -ac -reset -terminate -resizeable -nolisten local -dpi ${toString cfg.dpi} ${cfg.extraXephyrArgs} :${cfg.display} &
- XEPHYR_PID=$!
- DISPLAY=:${cfg.display} ${cfg.wm} &
- WM_PID=$!
- ${sudo_} "$@"
- ${pkgs.coreutils}/bin/kill $WM_PID
- ${pkgs.coreutils}/bin/kill $XEPHYR_PID
- '';
- # TODO fix xephyr which doesn't honor resizes anymore
- sudo_ = pkgs.writeDash "${cfg.name}-sudo" ''
- #/var/run/wrappers/bin/sudo -u ${cfg.name} -i env DISPLAY=:${cfg.display} ${cfg.script} "$@"
- ${pkgs.systemd}/bin/machinectl shell -E DISPLAY=:0 --uid=${cfg.name} .host ${cfg.script} "$@"
- '';
- in nameValuePair name {
- existing = newOrExisting;
- xephyr = xephyr_;
- sudo = sudo_;
- }
- ) config.lass.xjail;
- in {
-
- users.users = mapAttrs' (_: cfg:
- nameValuePair cfg.name {
- uid = genid_uint31 cfg.name;
- home = "/home/${cfg.name}";
- useDefaultShell = true;
- createHome = true;
- extraGroups = cfg.groups;
- isNormalUser = true;
- }
- ) config.lass.xjail;
-
- users.groups = mapAttrs' (_: cfg:
- nameValuePair cfg.name {
- members = [
- cfg.name
- cfg.from
- ];
- }
- ) config.lass.xjail;
-
- security.polkit.extraConfig = (concatStringsSep "\n" (mapAttrsToList (_: cfg: ''
- polkit.addRule(function(action, subject) {
- if (
- subject.user == "${cfg.from}" &&
- action.id == "org.freedesktop.machine1.host-shell" &&
- action.lookup("user") == "${cfg.user}" &&
- action.lookup("program") == "${cfg.script}" &&
- true
- ) {
- return polkit.Result.YES;
- }
- });
- '') config.lass.xjail));
-
- lass.xjail-bins = mapAttrs' (name: cfg:
- nameValuePair name (pkgs.writeScriptBin cfg.name ''
- ${scripts.${name}.sudo} "$@"
- '')
- ) config.lass.xjail;
- };
-}
diff --git a/lib/default.nix b/lib/default.nix
index 280f04299..187514a30 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -45,6 +45,8 @@ let
genid_uint31 = x: ((lib.genid_uint32 x) + 16777216) / 2;
genid_uint32 = import ./genid.nix { inherit lib; };
+ hexchars = stringToCharacters "0123456789abcdef";
+
lpad = n: c: s:
if lib.stringLength s < n
then lib.lpad n c (c + s)
diff --git a/lib/genid.nix b/lib/genid.nix
index 0aed1d351..bfa4a9a03 100644
--- a/lib/genid.nix
+++ b/lib/genid.nix
@@ -32,6 +32,5 @@ let out = genid;
hexint = x: hexvals.${toLower x};
# :: attrset char uint4
- hexvals = listToAttrs (imap (i: c: { name = c; value = i - 1; })
- (stringToCharacters "0123456789abcdef"));
+ hexvals = listToAttrs (imap (i: c: { name = c; value = i - 1; }) hexchars);
in out
diff --git a/lib/svg-colors.json b/lib/svg-colors.json
new file mode 100644
index 000000000..834bf14f4
--- /dev/null
+++ b/lib/svg-colors.json
@@ -0,0 +1,149 @@
+[
+ "aliceblue",
+ "antiquewhite",
+ "aqua",
+ "aquamarine",
+ "azure",
+ "beige",
+ "bisque",
+ "black",
+ "blanchedalmond",
+ "blue",
+ "blueviolet",
+ "brown",
+ "burlywood",
+ "cadetblue",
+ "chartreuse",
+ "chocolate",
+ "coral",
+ "cornflowerblue",
+ "cornsilk",
+ "crimson",
+ "cyan",
+ "darkblue",
+ "darkcyan",
+ "darkgoldenrod",
+ "darkgray",
+ "darkgreen",
+ "darkgrey",
+ "darkkhaki",
+ "darkmagenta",
+ "darkolivegreen",
+ "darkorange",
+ "darkorchid",
+ "darkred",
+ "darksalmon",
+ "darkseagreen",
+ "darkslateblue",
+ "darkslategray",
+ "darkslategrey",
+ "darkturquoise",
+ "darkviolet",
+ "deeppink",
+ "deepskyblue",
+ "dimgray",
+ "dimgrey",
+ "dodgerblue",
+ "firebrick",
+ "floralwhite",
+ "forestgreen",
+ "fuchsia",
+ "gainsboro",
+ "ghostwhite",
+ "gold",
+ "goldenrod",
+ "gray",
+ "green",
+ "greenyellow",
+ "grey",
+ "honeydew",
+ "hotpink",
+ "indianred",
+ "indigo",
+ "ivory",
+ "khaki",
+ "lavender",
+ "lavenderblush",
+ "lawngreen",
+ "lemonchiffon",
+ "lightblue",
+ "lightcoral",
+ "lightcyan",
+ "lightgoldenrodyellow",
+ "lightgray",
+ "lightgreen",
+ "lightgrey",
+ "lightpink",
+ "lightsalmon",
+ "lightseagreen",
+ "lightskyblue",
+ "lightslategray",
+ "lightslategrey",
+ "lightsteelblue",
+ "lightyellow",
+ "lime",
+ "limegreen",
+ "linen",
+ "magenta",
+ "maroon",
+ "mediumaquamarine",
+ "mediumblue",
+ "mediumorchid",
+ "mediumpurple",
+ "mediumseagreen",
+ "mediumslateblue",
+ "mediumspringgreen",
+ "mediumturquoise",
+ "mediumvioletred",
+ "midnightblue",
+ "mintcream",
+ "mistyrose",
+ "moccasin",
+ "navajowhite",
+ "navy",
+ "oldlace",
+ "olive",
+ "olivedrab",
+ "orange",
+ "orangered",
+ "orchid",
+ "palegoldenrod",
+ "palegreen",
+ "paleturquoise",
+ "palevioletred",
+ "papayawhip",
+ "peachpuff",
+ "peru",
+ "pink",
+ "plum",
+ "powderblue",
+ "purple",
+ "red",
+ "rosybrown",
+ "royalblue",
+ "saddlebrown",
+ "salmon",
+ "sandybrown",
+ "seagreen",
+ "seashell",
+ "sienna",
+ "silver",
+ "skyblue",
+ "slateblue",
+ "slategray",
+ "slategrey",
+ "snow",
+ "springgreen",
+ "steelblue",
+ "tan",
+ "teal",
+ "thistle",
+ "tomato",
+ "turquoise",
+ "violet",
+ "wheat",
+ "white",
+ "whitesmoke",
+ "yellow",
+ "yellowgreen"
+]
diff --git a/lib/types.nix b/lib/types.nix
index 32b4541ae..5f01ccb52 100644
--- a/lib/types.nix
+++ b/lib/types.nix
@@ -3,11 +3,11 @@
let
inherit (lib)
all any attrNames concatMapStringsSep concatStringsSep const filter flip
- genid_uint31 hasSuffix head isInt isString length mergeOneOption mkOption
- mkOptionType optional optionalAttrs optionals range splitString
+ genid_uint31 hasSuffix head importJSON isInt isString length mergeOneOption
+ mkOption mkOptionType optional optionalAttrs optionals range splitString
stringLength substring test testString typeOf;
inherit (lib.types)
- attrsOf bool either enum int lines listOf nullOr path str submodule;
+ addCheck attrsOf bool either enum int lines listOf nullOr path str submodule;
in
rec {
@@ -287,15 +287,27 @@ rec {
};
});
+ boundedInt = min: max: mkOptionType {
+ name = "bounded integer";
+ check = x: isInt x && min <= x && x <= max;
+ merge = mergeOneOption;
+ };
+
+ lowerBoundedInt = min: mkOptionType {
+ name = "lower bounded integer";
+ check = x: isInt x && min <= x;
+ merge = mergeOneOption;
+ };
+
positive = mkOptionType {
+ inherit (lowerBoundedInt 1) check;
name = "positive integer";
- check = x: isInt x && x > 0;
merge = mergeOneOption;
};
uint = mkOptionType {
+ inherit (lowerBoundedInt 0) check;
name = "unsigned integer";
- check = x: isInt x && x >= 0;
merge = mergeOneOption;
};
@@ -583,6 +595,9 @@ rec {
};
};
+ flameshot.color =
+ either (addCheck str (test "#[0-9A-Fa-f]{6}")) svg.color-keyword;
+
file-mode = mkOptionType {
name = "file mode";
check = test "[0-7]{4}";
@@ -601,6 +616,19 @@ rec {
merge = mergeOneOption;
};
+ # SVG 1.1, 4.4 Recognized color keyword names
+ #
+ # svg-colors.json has been generated with:
+ # curl -sS https://www.w3.org/TR/SVG11/types.html#ColorKeywords |
+ # fq -d html '[
+ # grep_by(.["@class"]=="color-keywords") |
+ # grep_by(.["@class"]=="prop-value"and.["#text"]!="").["#text"]
+ # ] | sort'
+ #
+ svg.color-keyword = enum (importJSON ./svg-colors.json) // {
+ name = "SVG 1.1 recognized color keyword";
+ };
+
systemd.unit-name = mkOptionType {
name = "systemd unit name";
check = x:
diff --git a/submodules/nix-writers b/submodules/nix-writers
-Subproject 0c8de150426476b5287cf2787bbd85263691a80
+Subproject 66a1f6833464bbb121b6d94247ad769f277351f
diff --git a/tv/1systems/bu/config.nix b/tv/1systems/bu/config.nix
index c7f7da24d..a3959cd84 100644
--- a/tv/1systems/bu/config.nix
+++ b/tv/1systems/bu/config.nix
@@ -13,8 +13,6 @@ with import ./lib;
krebs.build.host = config.krebs.hosts.bu;
- networking.hostId = lib.mkDefault "00000000";
-
networking.wireless.enable = true;
networking.useDHCP = false;
networking.interfaces.enp0s25.useDHCP = true;
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index d1384845a..53b11c620 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -6,6 +6,7 @@ with import ./lib;
krebs.build.user = config.krebs.users.tv;
+ networking.hostId = mkDefault (hashToLength 8 config.networking.hostName);
networking.hostName = config.krebs.build.host.name;
imports = [
diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index d8e7755fe..eb87f26d1 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -74,9 +74,6 @@ with import ./lib;
disko = {
cgit.desc = "declarative partitioning and formatting tool";
};
- flameshot-once = {
- cgit.desc = "flameshot runner that automatically starts/stops the daemon";
- };
fswm = {
cgit.desc = "simple full screen window manager";
};
@@ -139,6 +136,9 @@ with import ./lib;
cgserver = {};
crude-mail-setup = {};
dot-xmonad = {};
+ flameshot-once = {
+ cgit.desc = "flameshot runner that automatically starts/stops the daemon";
+ };
hirc = {};
hstool = {
cgit.desc = "Haskell Development Environment ^_^";
diff --git a/tv/2configs/urlwatch.nix b/tv/2configs/urlwatch.nix
index 7ba364ff3..f5260ee05 100644
--- a/tv/2configs/urlwatch.nix
+++ b/tv/2configs/urlwatch.nix
@@ -2,12 +2,16 @@ with import ./lib;
{ config, pkgs, ... }: let
exec = filename: args: url: {
inherit url;
- filter = "system:${
- concatMapStringsSep " " shell.escape ([filename] ++ toList args)
- }";
+ filter = singleton {
+ system =
+ concatMapStringsSep " " shell.escape ([filename] ++ toList args);
+ };
};
json = json' ["."];
json' = exec "${pkgs.jq}/bin/jq";
+ urigrep' = exec (pkgs.writeDash "urigrep" ''
+ ${pkgs.urix}/bin/urix | ${pkgs.gnugrep}/bin/grep -E "$1"
+ '');
xml = xml' ["--format" "-"];
xml' = exec "${pkgs.libxml2}/bin/xmllint";
in {
@@ -68,22 +72,30 @@ in {
https://raw.githubusercontent.com/NixOS/nixpkgs/master/nixos/modules/services/x11/xserver.nix
https://www.rabbitmq.com/changelog.html
+
+ (urigrep' ["software-resources"] https://semiconductor.samsung.com/consumer-storage/support/tools/)
];
hooksFile = toFile "hooks.py" ''
import subprocess
import urlwatch
- class CaseFilter(urlwatch.filters.FilterBase):
+ class SystemFilter(urlwatch.filters.FilterBase):
"""Filter for piping data through an external process"""
__kind__ = 'system'
+ __supported_subfilters__ = {
+ 'command': 'shell command line to tranform data',
+ }
+
+ __default_subfilter__ = 'command'
+
def filter(self, data, subfilter=None):
- if subfilter is None:
- raise ValueError('The system filter needs a command')
+ if 'command' not in subfilter:
+ raise ValueError('{} filter needs a command'.format(self.__kind__))
proc = subprocess.Popen(
- subfilter,
+ subfilter['command'],
shell=True,
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
diff --git a/tv/2configs/wiregrill.nix b/tv/2configs/wiregrill.nix
new file mode 100644
index 000000000..edf65e979
--- /dev/null
+++ b/tv/2configs/wiregrill.nix
@@ -0,0 +1,37 @@
+with import ./lib;
+{ config, pkgs, ... }: let
+ cfg = {
+ enable = cfg.net != null;
+ net = config.krebs.build.host.nets.wiregrill or null;
+ };
+ toCidrNotation = ip: "${ip.addr}/${toString ip.prefixLength}";
+in
+ mkIf cfg.enable {
+ networking.wireguard.interfaces.wiregrill = {
+ ips =
+ optional (cfg.net.ip4 != null) cfg.net.ip4.addr ++
+ optional (cfg.net.ip6 != null) cfg.net.ip6.addr;
+ listenPort = 51820;
+ privateKeyFile = (toString <secrets>) + "/wiregrill.key";
+ allowedIPsAsRoutes = true;
+ peers = mapAttrsToList
+ (_: host: {
+ allowedIPs = host.nets.wiregrill.wireguard.subnets;
+ endpoint =
+ mkIf (host.nets.wiregrill.via != null) (host.nets.wiregrill.via.ip4.addr + ":${toString host.nets.wiregrill.wireguard.port}");
+ persistentKeepalive = mkIf (host.nets.wiregrill.via != null) 61;
+ publicKey =
+ replaceStrings ["\n"] [""] host.nets.wiregrill.wireguard.pubkey;
+ })
+ (filterAttrs (_: h: hasAttr "wiregrill" h.nets) config.krebs.hosts);
+ };
+ systemd.network.networks.wiregrill = {
+ matchConfig.Name = "wiregrill";
+ address =
+ optional (cfg.net.ip4 != null) (toCidrNotation cfg.net.ip4) ++
+ optional (cfg.net.ip6 != null) (toCidrNotation cfg.net.ip6);
+ };
+ tv.iptables.extra.filter.INPUT = [
+ "-p udp --dport ${toString cfg.net.wireguard.port} -j ACCEPT"
+ ];
+ }
diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix
index f534b557e..f10ccb10e 100644
--- a/tv/2configs/xserver/default.nix
+++ b/tv/2configs/xserver/default.nix
@@ -120,13 +120,7 @@ in {
};
path = [
config.tv.slock.package
- (pkgs.flameshot-once.override {
- config.imgur.enable = true;
- config.imgur.createUrl = "http://ni.r/image";
- config.imgur.deleteUrl = "http://ni.r/image/delete/%1";
- config.imgur.xdg-open.browser = "/etc/profiles/per-user/tv/bin/cr";
- config.timeout = 200;
- })
+ pkgs.flameshot-once-tv
pkgs.pulseaudio.out
pkgs.rxvt_unicode
pkgs.xcalib
diff --git a/tv/5pkgs/haskell/xmonad-tv/default.nix b/tv/5pkgs/haskell/xmonad-tv/default.nix
index be3eca982..f42f97c2a 100644
--- a/tv/5pkgs/haskell/xmonad-tv/default.nix
+++ b/tv/5pkgs/haskell/xmonad-tv/default.nix
@@ -1,6 +1,5 @@
{ mkDerivation, aeson, base, bytestring, containers, directory
-, extra, filepath, lib, systemd, template-haskell, th-env
-, transformers, unix, X11, xmonad, xmonad-contrib
+, extra, filepath, lib, pager, unix, X11, xmonad, xmonad-contrib
}:
mkDerivation {
pname = "xmonad-tv";
@@ -9,8 +8,9 @@ mkDerivation {
isLibrary = false;
isExecutable = true;
executableHaskellDepends = [
- aeson base bytestring containers directory extra filepath systemd
- template-haskell th-env transformers unix X11 xmonad xmonad-contrib
+ aeson base bytestring containers directory extra filepath pager
+ unix X11 xmonad xmonad-contrib
];
license = lib.licenses.mit;
+ mainProgram = "xmonad";
}
diff --git a/tv/5pkgs/haskell/xmonad-tv/src/XMonad/Hooks/EwmhDesktops/Extra.hs b/tv/5pkgs/haskell/xmonad-tv/src/XMonad/Hooks/EwmhDesktops/Extra.hs
new file mode 100644
index 000000000..bf8431446
--- /dev/null
+++ b/tv/5pkgs/haskell/xmonad-tv/src/XMonad/Hooks/EwmhDesktops/Extra.hs
@@ -0,0 +1,117 @@
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE MultiWayIf #-}
+{-# LANGUAGE NamedFieldPuns #-}
+
+module XMonad.Hooks.EwmhDesktops.Extra where
+
+import Control.Monad (when)
+import Data.Maybe (fromMaybe)
+import Data.Monoid (All)
+import Data.Tuple.Extra (both)
+import Graphics.X11.EWMH (getDesktopNames, setDesktopNames)
+import Graphics.X11.EWMH.Atom (_NET_DESKTOP_NAMES)
+import Graphics.X11.Xlib.Display.Extra (withDefaultDisplay)
+import XMonad hiding (workspaces)
+import XMonad.Actions.DynamicWorkspaces (addHiddenWorkspace, removeEmptyWorkspaceByTag)
+import XMonad.StackSet (mapWorkspace, tag, workspaces)
+import XMonad.Util.WorkspaceCompare (getSortByIndex)
+import qualified Data.Map.Strict as Map
+import qualified Data.Set as Set
+import qualified XMonad
+
+
+ewmhExtra :: XConfig a -> IO (XConfig a)
+ewmhExtra c = do
+ -- XMonad.Hooks.EwmhDesktops.setDesktopViewport uses _NET_DESKTOP_VIEWPORT
+ -- only if it exists. This seems to be a harmless issue, but by creating
+ -- the atom here, we suppress the error message:
+ --
+ -- xmonad: X11 error: BadAtom (invalid Atom parameter),
+ -- request code=18, error code=5
+ --
+ _ <-
+ withDefaultDisplay $ \dpy -> internAtom dpy "_NET_DESKTOP_VIEWPORT" False
+
+ initialWorkspaces <-
+ Data.Maybe.fromMaybe (XMonad.workspaces def)
+ <$> withDefaultDisplay getDesktopNames
+
+ return
+ c { handleEventHook = ewmhDesktopsExtraEventHook <> handleEventHook c
+ , rootMask = rootMask c .|. propertyChangeMask
+ , XMonad.workspaces = initialWorkspaces
+ }
+
+ewmhDesktopsExtraEventHook :: Event -> X All
+ewmhDesktopsExtraEventHook = \case
+ PropertyEvent{ev_window, ev_atom} -> do
+ r <- asks theRoot
+ when (ev_window == r && ev_atom == _NET_DESKTOP_NAMES) $
+ withDisplay $ \dpy -> do
+ sort <- getSortByIndex
+
+ oldNames <- gets $ map tag . sort . workspaces . windowset
+ newNames <- fromMaybe oldNames <$> io (getDesktopNames dpy)
+
+ let
+ (renamesFrom, renamesTo) = both Set.fromList $ unzip renames
+
+ renames = go oldNames newNames where
+ go old@(headOld : tailOld) new@(headNew : tailNew) = do
+ let
+ deleteOld = Set.member headOld deleteNameSet
+ createNew = Set.member headNew createNameSet
+
+ if
+ | headOld == headNew ->
+ -- assert (not deleteOld && not createNew)
+ go tailOld tailNew
+
+ | deleteOld && createNew ->
+ (headOld, headNew) :
+ go tailOld tailNew
+
+ | deleteOld ->
+ go tailOld new
+
+ | createNew ->
+ go old tailNew
+
+ | otherwise ->
+ -- assert (headOld == headNew)
+ go tailOld tailNew
+
+ go _ _ = []
+
+ oldNameSet = Set.fromList oldNames
+ newNameSet = Set.fromList newNames
+ deleteNameSet = Set.difference oldNameSet newNameSet
+ createNameSet = Set.difference newNameSet oldNameSet
+
+ deleteNames = Set.toAscList $
+ Set.difference deleteNameSet renamesFrom
+ createNames = Set.toAscList $
+ Set.difference createNameSet renamesTo
+
+ mapM_ addHiddenWorkspace createNames
+ mapM_ removeEmptyWorkspaceByTag deleteNames
+ when (not (null renames)) $ do
+ let
+ renameMap = Map.fromList renames
+ rename w =
+ case Map.lookup (tag w) renameMap of
+ Just newName -> w { tag = newName }
+ Nothing -> w
+
+ modifyWindowSet $ mapWorkspace rename
+
+ names <- gets $ map tag . sort . workspaces . windowset
+
+ when (names /= newNames) $ do
+ trace $ "setDesktopNames " <> show names
+ io (setDesktopNames names dpy)
+
+ mempty
+
+ _ ->
+ mempty
diff --git a/tv/5pkgs/haskell/xmonad-tv/src/main.hs b/tv/5pkgs/haskell/xmonad-tv/src/main.hs
index eb61bd5cf..7256963a5 100644
--- a/tv/5pkgs/haskell/xmonad-tv/src/main.hs
+++ b/tv/5pkgs/haskell/xmonad-tv/src/main.hs
@@ -5,16 +5,15 @@ module Main (main) where
import System.Exit (exitFailure)
import XMonad.Hooks.EwmhDesktops (ewmh)
+import XMonad.Hooks.EwmhDesktops.Extra (ewmhExtra)
import XMonad.Hooks.RefocusLast (refocusLastLayoutHook, toggleFocus)
-import Control.Exception
import Control.Monad.Extra (whenJustM)
import qualified Data.Aeson
import qualified Data.ByteString.Char8
import qualified Data.List
import qualified Data.Maybe
import Graphics.X11.ExtraTypes.XF86
-import Text.Read (readEither)
import XMonad
import XMonad.Extra (isFloatingX)
import System.IO (hPutStrLn, stderr)
@@ -23,6 +22,7 @@ import System.Posix.Process (executeFile)
import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace
, removeEmptyWorkspace)
import XMonad.Actions.CycleWS (toggleWS)
+import XMonad.Layout.Gaps (Direction2D(U,R,D,L), gaps)
import XMonad.Layout.NoBorders ( smartBorders )
import XMonad.Layout.ResizableTile (ResizableTall(ResizableTall))
import XMonad.Layout.ResizableTile (MirrorResize(MirrorExpand,MirrorShrink))
@@ -58,22 +58,27 @@ main = getArgs >>= \case
readEnv :: Data.Aeson.FromJSON b => String -> IO b
readEnv name =
- Data.Maybe.fromJust
+ readEnv' (error $ "could not get environment variable: " <> name) name
+
+readEnv' :: Data.Aeson.FromJSON b => b -> String -> IO b
+readEnv' defaultValue name =
+ Data.Maybe.fromMaybe defaultValue
. Data.Aeson.decodeStrict'
. Data.ByteString.Char8.pack
- <$> getEnv name
+ . Data.Maybe.fromMaybe mempty
+ <$> lookupEnv name
mainNoArgs :: IO ()
mainNoArgs = do
+ myScreenGaps <- readEnv' [] "XMONAD_SCREEN_GAPS" :: IO [Int]
myScreenWidth <- readEnv "XMONAD_SCREEN_WIDTH" :: IO Dimension
myTermFont <- getEnv "XMONAD_TERM_FONT"
myTermFontWidth <- readEnv "XMONAD_TERM_FONT_WIDTH" :: IO Dimension
myTermPadding <- readEnv "XMONAD_TERM_PADDING" :: IO Dimension
- workspaces0 <- getWorkspaces0
handleShutdownEvent <- newShutdownEventHandler
- let
- config =
- ewmh
+ config <-
+ ewmhExtra
+ $ ewmh
$ withUrgencyHookC
BorderUrgencyHook
{ urgencyBorderColor = "#ff0000"
@@ -86,9 +91,9 @@ mainNoArgs = do
{ terminal = {-pkg:alacritty-tv-}"alacritty"
, modMask = mod4Mask
, keys = myKeys myTermFont
- , workspaces = workspaces0
, layoutHook =
refocusLastLayoutHook $
+ gaps (zip [U,R,D,L] myScreenGaps) $
smartBorders $
ResizableTall
1
@@ -117,23 +122,6 @@ mainNoArgs = do
launch config directories
-getWorkspaces0 :: IO [String]
-getWorkspaces0 =
- try (getEnv "XMONAD_WORKSPACES0_FILE") >>= \case
- Left e -> warn (displaySomeException e)
- Right p -> try (readFile p) >>= \case
- Left e -> warn (displaySomeException e)
- Right x -> case readEither x of
- Left e -> warn e
- Right y -> return y
- where
- warn msg = hPutStrLn stderr ("getWorkspaces0: " ++ msg) >> return []
-
-
-displaySomeException :: SomeException -> String
-displaySomeException = displayException
-
-
forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X ()
forkFile path args env =
xfork (executeFile path True args env) >> return ()
@@ -198,7 +186,7 @@ myKeys font conf = Map.fromList $
, ((_4, xK_Prior), forkFile {-pkg-}"xcalib" ["-invert", "-alter"] Nothing)
- , ((0, xK_Print), forkFile {-pkg-}"flameshot" [] Nothing)
+ , ((0, xK_Print), forkFile {-pkg:flameshot-once-tv-}"flameshot-once" [] Nothing)
, ((_C, xF86XK_Forward), forkFile {-pkg:xdpytools-}"xdpychvt" ["next"] Nothing)
, ((_C, xF86XK_Back), forkFile {-pkg:xdpytools-}"xdpychvt" ["prev"] Nothing)
diff --git a/tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal b/tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal
index 62faf2f00..f211627bf 100644
--- a/tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal
+++ b/tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal
@@ -9,20 +9,21 @@ cabal-version: >=1.10
executable xmonad
main-is: main.hs
build-depends:
- aeson,
- base,
- bytestring,
- containers,
- directory,
- extra,
- filepath,
- template-haskell,
- th-env,
- unix,
- X11,
- xmonad,
- xmonad-contrib
+ base
+ , X11
+ , aeson
+ , bytestring
+ , containers
+ , directory
+ , extra
+ , filepath
+ , pager
+ , unix
+ , xmonad
+ , xmonad-contrib
other-modules:
Shutdown
+ XMonad.Extra
+ XMonad.Hooks.EwmhDesktops.Extra
default-language: Haskell2010
- ghc-options: -O2 -Wall -threaded
+ ghc-options: -O2 -Wall
diff --git a/tv/5pkgs/override/flameshot/default.nix b/tv/5pkgs/override/flameshot/default.nix
deleted file mode 100644
index 10154cc44..000000000
--- a/tv/5pkgs/override/flameshot/default.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-self: super:
-
-super.flameshot.overrideAttrs (old: rec {
- name = "flameshot-${version}";
- version = "0.10.2";
- src = self.fetchFromGitHub {
- owner = "flameshot-org";
- repo = "flameshot";
- rev = "v${version}";
- sha256 = "sha256-rZUiaS32C77tFJmEkw/9MGbVTVscb6LOCyWaWO5FyR4=";
- };
- patches = old.patches or [] ++ [
- ./flameshot_imgur_0.10.2.patch
- ];
-})
diff --git a/tv/5pkgs/override/flameshot/flameshot_imgur_0.10.2.patch b/tv/5pkgs/override/flameshot/flameshot_imgur_0.10.2.patch
deleted file mode 100644
index c4c0bf38a..000000000
--- a/tv/5pkgs/override/flameshot/flameshot_imgur_0.10.2.patch
+++ /dev/null
@@ -1,35 +0,0 @@
---- a/src/tools/imgur/imguruploader.cpp
-+++ b/src/tools/imgur/imguruploader.cpp
-@@ -31,6 +31,7 @@
- #include <QTimer>
- #include <QUrlQuery>
- #include <QVBoxLayout>
-+#include <stdlib.h>
-
- ImgurUploader::ImgurUploader(const QPixmap& capture, QWidget* parent)
- : QWidget(parent)
-@@ -79,8 +80,11 @@ void ImgurUploader::handleReply(QNetworkReply* reply)
- m_imageURL.setUrl(data[QStringLiteral("link")].toString());
-
- auto deleteToken = data[QStringLiteral("deletehash")].toString();
-+ char *deleteImageURLPattern = secure_getenv("IMGUR_DELETE_URL");
-+ if (deleteImageURLPattern == NULL)
-+ deleteImageURLPattern = "https://imgur.com/delete/%1";
- m_deleteImageURL.setUrl(
-- QStringLiteral("https://imgur.com/delete/%1").arg(deleteToken));
-+ QString::fromUtf8(deleteImageURLPattern).arg(deleteToken));
-
- // save history
- QString imageName = m_imageURL.toString();
-@@ -133,7 +137,10 @@ void ImgurUploader::upload()
- QString description = FileNameHandler().parsedPattern();
- urlQuery.addQueryItem(QStringLiteral("description"), description);
-
-- QUrl url(QStringLiteral("https://api.imgur.com/3/image"));
-+ char *createImageURLPattern = secure_getenv("IMGUR_CREATE_URL");
-+ if (createImageURLPattern == NULL)
-+ createImageURLPattern = "https://api.imgur.com/3/image";
-+ QUrl url(QString::fromUtf8(createImageURLPattern));
- url.setQuery(urlQuery);
- QNetworkRequest request(url);
- request.setHeader(QNetworkRequest::ContentTypeHeader,
diff --git a/tv/5pkgs/simple/flameshot-once-tv.nix b/tv/5pkgs/simple/flameshot-once-tv.nix
new file mode 100644
index 000000000..e3a9f9a4f
--- /dev/null
+++ b/tv/5pkgs/simple/flameshot-once-tv.nix
@@ -0,0 +1,48 @@
+{ pkgs }:
+
+pkgs.flameshot-once.override {
+ name = "flameshot-once-tv";
+ config.imgur.enable = true;
+ config.imgur.createUrl = "http://ni.r/image";
+ config.imgur.deleteUrl = "http://ni.r/image/delete/%1";
+ config.imgur.xdg-open.browser = "/etc/profiles/per-user/tv/bin/cr";
+ config.settings.General = {
+ autoCloseIdleDaemon = true;
+ buttons = [
+ "TYPE_ARROW"
+ "TYPE_CIRCLE"
+ "TYPE_CIRCLECOUNT"
+ "TYPE_COPY"
+ "TYPE_DRAWER"
+ "TYPE_IMAGEUPLOADER"
+ "TYPE_MARKER"
+ "TYPE_MOVESELECTION"
+ "TYPE_PENCIL"
+ "TYPE_PIXELATE"
+ "TYPE_RECTANGLE"
+ "TYPE_SAVE"
+ "TYPE_SELECTION"
+ "TYPE_TEXT"
+ ];
+ checkForUpdates = false;
+ contrastOpacity = 220;
+ copyPathAfterSave = true;
+ disabledTrayIcon = true;
+ drawColor = "#E4002B";
+ drawThickness = 8;
+ filenamePattern = "%FT%T%z_flameshot";
+ fontFamily = "iosevka tv 2";
+ savePath = "/tmp";
+ savePathFixed = true;
+ showDesktopNotification = false;
+ showHelp = false;
+ showSidePanelButton = false;
+ showStartupLaunchMessage = false;
+ squareMagnifier = true;
+ uploadWithoutConfirmation = true;
+ };
+ config.settings.Shortcuts = {
+ TYPE_COPY = "Return";
+ TYPE_TOGGLE_PANEL = "`";
+ };
+}
diff --git a/tv/5pkgs/simple/q/default.nix b/tv/5pkgs/simple/q/default.nix
index 809e37e59..1aea80b26 100644
--- a/tv/5pkgs/simple/q/default.nix
+++ b/tv/5pkgs/simple/q/default.nix
@@ -25,7 +25,7 @@ let
fi |
${pkgs.gnused}/bin/sed -r '
# dim week numbers
- s/((^ *| )[ 1-5][0-9]( *)?)(([ 1-3][0-9])*)/\1\4/g
+ s/((^| )[ 1-5][0-9])(( ..| \[7m..\[27m){7})/\1\3/g
# dim month and day names
s/^ *[A-Z].*/&/
# highlight current date
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 01:48:33 +0000
[cgit] Unable to lock slot /tmp/cgit/a5300000.lock: No such file or directory (2)