diff options
125 files changed, 1499 insertions, 1972 deletions
diff --git a/.gitmodules b/.gitmodules index aee01051a..7ecb497ea 100644 --- a/.gitmodules +++ b/.gitmodules @@ -7,6 +7,6 @@ [submodule "lass/5pkgs/autowifi"] path = lass/5pkgs/autowifi url = https://github.com/Lassulus/autowifi -[submodule "submodules/brockman"] - path = submodules/brockman - url = https://github.com/kmein/brockman.git +[submodule "jeschli/2configs/elisp"] + path = jeschli/2configs/elisp + url = https://github.com/Jeschli/misc-elisp-scripts.git diff --git a/jeschli/1systems/reagenzglas/config.nix b/jeschli/1systems/reagenzglas/config.nix index 7596f17d6..dec69563f 100644 --- a/jeschli/1systems/reagenzglas/config.nix +++ b/jeschli/1systems/reagenzglas/config.nix @@ -7,6 +7,7 @@ <stockholm/jeschli/2configs/emacs.nix> <stockholm/jeschli/2configs/firefox.nix> <stockholm/jeschli/2configs/rust.nix> + <stockholm/jeschli/2configs/steam.nix> <stockholm/jeschli/2configs/python.nix> ./desktop.nix ./i3-configuration.nix @@ -36,10 +37,19 @@ # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ - wget vim git - rofi ag alacritty + google-chrome + chromium + copyq + direnv + go + git + gitAndTools.hub + sbcl + rofi + vim + wget ]; users.users.ombi = { @@ -48,19 +58,28 @@ }; users.users.jeschli = { - isNormalUser = true; + isNormalUser = true; + extraGroups = [ "audio" ]; }; # services.xserver.synaptics.enable = true; services.xserver.libinput.enable = true; services.xserver.libinput.disableWhileTyping = true; + hardware.pulseaudio.enable = true; + #Enable ssh daemon services.openssh.enable = true; + #Enable clight + services.clight.enable = true; + services.geoclue2.enable = true; + location.provider = "geoclue2"; + users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM1xtX/SF2IzfAIzrXvH4HsW05eTBX8U8MYlEPadq0DS/nHC45hW2PSEUOVsH0UhBRAB+yClVLyN+JAYsuOoQacQqAVq9R7HAoFITdYTMJCxVs4urSRv0pWwTopRIh1rlI+Q0QfdMoeVtO2ZKG3KoRM+APDy2dsX8LTtWjXmh/ZCtpGl1O8TZtz2ZyXyv9OVDPnQiFwPU3Jqs2Z036c+kwxWlxYc55FRuqwRtQ48c/ilPMu+ZvQ22j1Ch8lNuliyAg1b8pZdOkMJF3R8b46IQ8FEqkr3L1YQygYw2M50B629FPgHgeGPMz3mVd+5lzP+okbhPJjMrUqZAUwbMGwGzZ ombi@nixos" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFXgtbgeivxlMKkoEJ4ANhtR+LRMSPrsmL4U5grFUME jeschli@nixos" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG7C3bgoL9VeVl8pgu8sp3PCOs6TXk4R9y7JKJAHGsfm root@baeckerei" ]; # This value determines the NixOS release with which your system is to be diff --git a/jeschli/1systems/reagenzglas/desktop.nix b/jeschli/1systems/reagenzglas/desktop.nix index 0c4298109..88eae086f 100644 --- a/jeschli/1systems/reagenzglas/desktop.nix +++ b/jeschli/1systems/reagenzglas/desktop.nix @@ -7,8 +7,8 @@ enable = true; xkbOptions = "caps:super"; exportConfiguration = true; - - displayManager.slim.enable = true; + + displayManager.lightdm.enable = true; }; # Configure fonts diff --git a/jeschli/1systems/reagenzglas/i3-configuration.nix b/jeschli/1systems/reagenzglas/i3-configuration.nix index c9968c17a..88f63426d 100644 --- a/jeschli/1systems/reagenzglas/i3-configuration.nix +++ b/jeschli/1systems/reagenzglas/i3-configuration.nix @@ -5,88 +5,93 @@ with pkgs; let i3_config_file = pkgs.writeText "config" '' set $mod Mod4 - + font pango:monospace 8 - + #font pango:DejaVu Sans Mono 8 - + # Before i3 v4.8, we used to recommend this one as the default: # font -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1 # The font above is very space-efficient, that is, it looks good, sharp and # clear in small sizes. However, its unicode glyph coverage is limited, the old # X core fonts rendering does not support right-to-left and this being a bitmap # font, it doesn’t scale on retina/hidpi displays. - + # Use Mouse+$mod to drag floating windows to their wanted position floating_modifier $mod - + # start a terminal - bindsym $mod+Return exec i3-sensible-terminal - + bindsym $mod+Return exec alacritty + # kill focused window bindsym $mod+Shift+q kill - + # start dmenu (a program launcher) # bindsym $mod+d exec dmenu_run # start dmenu (a program launcher) bindsym $mod+d exec ${pkgs.rofi}/bin/rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run - + + bindsym $mod+x exec ${pkgs.rofi}/bin/rofi -modi window -show window -auto-select + + bindsym $mod+F1 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput disable + bindsym $mod+F2 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput enable + # There also is the (new) i3-dmenu-desktop which only displays applications # shipping a .desktop file. It is a wrapper around dmenu, so you need that # installed. # bindsym $mod+d exec --no-startup-id i3-dmenu-desktop - + # change focus bindsym $mod+j focus left bindsym $mod+k focus down bindsym $mod+l focus up bindsym $mod+semicolon focus right - + # alternatively, you can use the cursor keys: bindsym $mod+Left focus left bindsym $mod+Down focus down bindsym $mod+Up focus up bindsym $mod+Right focus right - + # move focused window bindsym $mod+Shift+j move left bindsym $mod+Shift+k move down bindsym $mod+Shift+l move up bindsym $mod+Shift+colon move right - + # alternatively, you can use the cursor keys: bindsym $mod+Shift+Left move left bindsym $mod+Shift+Down move down bindsym $mod+Shift+Up move up bindsym $mod+Shift+Right move right - + # split in horizontal orientation bindsym $mod+h split h - + # split in vertical orientation bindsym $mod+v split v - + # enter fullscreen mode for the focused container bindsym $mod+f fullscreen toggle - + # change container layout (stacked, tabbed, toggle split) bindsym $mod+s layout stacking bindsym $mod+w layout tabbed bindsym $mod+e layout toggle split - + # toggle tiling / floating bindsym $mod+Shift+space floating toggle - + # change focus between tiling / floating windows bindsym $mod+space focus mode_toggle - + # focus the parent container bindsym $mod+a focus parent - + # focus the child container #bindsym $mod+d focus child - + # Define names for default workspaces for which we configure key bindings later on. # We use variables to avoid repeating the names in multiple places. set $ws1 "1" @@ -99,7 +104,7 @@ let set $ws8 "8" set $ws9 "9" set $ws10 "10" - + # switch to workspace bindsym $mod+1 workspace $ws1 bindsym $mod+2 workspace $ws2 @@ -111,7 +116,7 @@ let bindsym $mod+8 workspace $ws8 bindsym $mod+9 workspace $ws9 bindsym $mod+0 workspace $ws10 - + # move focused container to workspace bindsym $mod+Shift+1 move container to workspace $ws1 bindsym $mod+Shift+2 move container to workspace $ws2 @@ -123,18 +128,18 @@ let bindsym $mod+Shift+8 move container to workspace $ws8 bindsym $mod+Shift+9 move container to workspace $ws9 bindsym $mod+Shift+0 move container to workspace $ws10 - + # reload the configuration file bindsym $mod+Shift+c reload # restart i3 inplace (preserves your layout/session, can be used to upgrade i3) bindsym $mod+Shift+r restart # exit i3 (logs you out of your X session) bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'" - + # resize window (you can also use the mouse for that) mode "resize" { # These bindings trigger as soon as you enter the resize mode - + # Pressing left will shrink the window’s width. # Pressing right will grow the window’s width. # Pressing up will shrink the window’s height. @@ -143,27 +148,27 @@ let bindsym k resize grow height 10 px or 10 ppt bindsym l resize shrink height 10 px or 10 ppt bindsym semicolon resize grow width 10 px or 10 ppt - + # same bindings, but for the arrow keys bindsym Left resize shrink width 10 px or 10 ppt bindsym Down resize grow height 10 px or 10 ppt bindsym Up resize shrink height 10 px or 10 ppt bindsym Right resize grow width 10 px or 10 ppt - + # back to normal: Enter or Escape or $mod+r bindsym Return mode "default" bindsym Escape mode "default" bindsym $mod+r mode "default" } - + bindsym $mod+r mode "resize" - + # Start i3bar to display a workspace bar (plus the system information i3status # finds out, if available) bar { status_command i3status } - ''; + ''; in { diff --git a/jeschli/2configs/elisp b/jeschli/2configs/elisp new file mode 160000 +Subproject 279d6a01f5abbab5d28d3a57549b7fec800a510 diff --git a/jeschli/2configs/emacs-org-agenda.nix b/jeschli/2configs/emacs-org-agenda.nix index f9139fcfe..0420dc43d 100644 --- a/jeschli/2configs/emacs-org-agenda.nix +++ b/jeschli/2configs/emacs-org-agenda.nix @@ -114,29 +114,29 @@ let ("NEXT" ("WAITING") ("CANCELLED") ("HOLD")) ("DONE" ("WAITING") ("CANCELLED") ("HOLD"))))) -(setq org-directory "~/projects/notes_private") -(setq org-default-notes-file "~/projects/notes_private/refile.org") +(setq org-directory "~/projects/notes_privat") +(setq org-default-notes-file "~/projects/notes_privat/refile.org") ;; I use C-c c to start capture mode (global-set-key (kbd "C-c c") 'org-capture) ;; Capture templates for: TODO tasks, Notes, appointments, phone calls, meetings, and org-protocol (setq org-capture-templates - (quote (("t" "todo" entry (file "~/git/org/refile.org") + (quote (("t" "todo" entry (file org-default-notes-file) "* TODO %?\n%U\n%a\n" :clock-in t :clock-resume t) - ("r" "respond" entry (file "~/git/org/refile.org") + ("r" "respond" entry (file org-default-notes-file) "* NEXT Respond to %:from on %:subject\nSCHEDULED: %t\n%U\n%a\n" :clock-in t :clock-resume t :immediate-finish t) - ("n" "note" entry (file "~/git/org/refile.org") + ("n" "note" entry (file org-default-notes-file) "* %? :NOTE:\n%U\n%a\n" :clock-in t :clock-resume t) ("j" "Journal" entry (file+datetree "~/git/org/diary.org") "* %?\n%U\n" :clock-in t :clock-resume t) - ("w" "org-protocol" entry (file "~/git/org/refile.org") + ("w" "org-protocol" entry (file org-default-notes-file) "* TODO Review %c\n%U\n" :immediate-finish t) - ("m" "Meeting" entry (file "~/git/org/refile.org") + ("m" "Meeting" entry (file org-default-notes-file) "* MEETING with %? :MEETING:\n%U" :clock-in t :clock-resume t) - ("p" "Phone call" entry (file "~/git/org/refile.org") + ("p" "Phone call" entry (file org-default-notes-file) "* PHONE %? :PHONE:\n%U" :clock-in t :clock-resume t) - ("h" "Habit" entry (file "~/git/org/refile.org") + ("h" "Habit" entry (file org-default-notes-file) "* NEXT %?\n%U\n%a\nSCHEDULED: %(format-time-string \"%<<%Y-%m-%d %a .+1d/3d>>\")\n:PROPERTIES:\n:STYLE: habit\n:REPEAT_TO_STATE: NEXT\n:END:\n")))) ;; Remove empty LOGBOOK drawers on clock out @@ -144,7 +144,7 @@ let (interactive) (save-excursion (beginning-of-line 0) - (org-remove-empty-drawer-at "LOGBOOK" (point)))) + (org-remove-empty-drawer-at (point)))) (add-hook 'org-clock-out-hook 'bh/remove-empty-drawer-on-clock-out 'append) diff --git a/jeschli/2configs/emacs.nix b/jeschli/2configs/emacs.nix index 1ede96232..5c35bc280 100644 --- a/jeschli/2configs/emacs.nix +++ b/jeschli/2configs/emacs.nix @@ -9,235 +9,76 @@ let ]; }; - orgAgendaView = import ./emacs-org-agenda.nix; - - packageRepos = '' - (require 'package) ;; You might already have this line - (let* ((no-ssl (and (memq system-type '(windows-nt ms-dos)) - (not (gnutls-available-p)))) - (url (concat (if no-ssl "http" "https") "://melpa.org/packages/"))) - (add-to-list 'package-archives (cons "melpa" url) t) - (add-to-list 'package-archives - '("org" . "http://orgmode.org/elpa/") t) - ) - (when (< emacs-major-version 24) - ;; For important compatibility libraries like cl-lib - (add-to-list 'package-archives '("gnu" . "http://elpa.gnu.org/packages/"))) - (package-initialize) - ''; - - evilMode = '' - ;; Evil Mode - (require 'evil) - (evil-mode 1) - ;; (require 'evil-org) - ;; (add-hook 'org-mode-hook 'evil-org-mode) - ;; (evil-org-set-key-theme '(navigation insert textobjects additional calendar)) - ;; (require 'evil-org-agenda) - ;; (evil-org-agenda-set-keys) - ''; - - goMode = '' - (setq godoc-and-godef-command "go doc") ;godoc has no cli support any more, thats go doc now - (add-to-list 'exec-path "~/go/bin") - (add-hook 'go-mode-hook - (lambda () - (setq-default) - (setq tab-width 2) - (setq standard-indent 2) - (setq indent-tabs-mode nil))) - ''; - - ido = '' - (require 'ido) - (ido-mode t) - ''; - - helm = '' - (helm-mode 1) - (global-set-key (kbd "M-x") #'helm-M-x) - (global-set-key (kbd "C-x r b") #'helm-filtered-bookmarks) - (global-set-key (kbd "C-x C-f") #'helm-find-files) - ''; - - magit = '' - (global-set-key (kbd "C-x g") 'magit-status) ; "Most Magit commands are commonly invoked from the status buffer" - ''; - - windowCosmetics = '' - (menu-bar-mode -1) - (tool-bar-mode -1) ; Disable the button bar atop screen - (scroll-bar-mode -1) ; Disable scroll bar - (toggle-scroll-bar -1) - (setq inhibit-startup-screen t) ; Disable startup screen with graphics - (setq-default indent-tabs-mode nil) ; Use spaces instead of tabs - (setq default-tab-width 2) ; Two spaces is a tab - (setq tab-width 2) ; Four spaces is a tab - (setq visible-bell nil) ; Disable annoying visual bell graphic - (setq ring-bell-function 'ignore) ; Disable super annoying audio bell - ''; - - orgMode = '' - (add-to-list 'auto-mode-alist '("\\.\\(org\\|org_archive\\|txt\\)$" . org-mode)) - (global-set-key "\C-cl" 'org-store-link) - (global-set-key "\C-ca" 'org-agenda) - (global-set-key "\C-cb" 'org-iswitchb) - (global-set-key "\C-c L" 'org-insert-link-global) - (global-set-key "\C-c o" 'org-open-at-point-global) - (setq org-link-frame-setup '((file . find-file))) ; open link in same frame. - (if (boundp 'org-user-agenda-files) - (setq org-agenda-files org-user-agenda-files) - (setq org-agenda-files (quote ("~/projects/notes_privat"))) - ) - ''; - - theme = '' - (load-theme 'monokai-alt t) - (load-theme 'whiteboard t) - (disable-theme 'monokai-alt) - (disable-theme 'whiteboard) - - (defun mh/load-whiteboard-theme () - "load whiteboard theme" - (interactive) - (message "whiteboard loaded") - (disable-theme 'monokai-alt) - (enable-theme 'whiteboard) - ) - - (defun mh/load-monokai-theme () - "load monokai theme" - (interactive) - (message "monokai loaded") - (disable-theme 'whiteboard) - (enable-theme 'monokai-alt) - ) - - (global-set-key "\C-ctw" 'mh/load-whiteboard-theme) - (global-set-key "\C-ctm" 'mh/load-monokai-theme) - ''; - - # Configuration for rust development - # inspired by - # https://github.com/bbatsov/prelude/blob/master/modules/prelude-rust.el - # - # This requires rls and racer to be installed on the system - rustDevelopment = '' - (add-hook 'rust-mode-hook #'racer-mode) - (add-hook 'rust-mode-hook (lambda() - (local-set-key (kbd "C-c C-d") 'racer-describe) - (local-set-key (kbd "C-c .") 'racer-find-definition) - (local-set-key (kbd "C-c ,") 'pop-tag-mark)) - ) - (add-hook 'racer-mode-hook #'eldoc-mode) - (add-hook 'racer-mode-hook #'company-mode) - (require 'rust-mode) - (define-key rust-mode-map (kbd "TAB") #'company-indent-or-complete-common) - (setq company-tooltip-align-annotations t) - ''; - - recentFiles = '' - (recentf-mode 1) - (setq recentf-max-menu-items 25) - (global-set-key "\C-x\ \C-r" 'recentf-open-files) - ''; - - myFunctionKeys = '' - (fset 'kill-actual-buffer - [?\C-x ?k return]) - - (defun mh/open-term-and-rename (name) - "open a new bash and rename it" - (interactive "sName of new terminal: ") - (term "/run/current-system/sw/bin/bash") - (rename-buffer name) - ) - (global-set-key (kbd "M-<f8>") 'kill-actual-buffer) - - (global-set-key (kbd "<f5>") 'mh/open-term-and-rename) - (global-set-key (kbd "<f6>") 'other-window) - (global-set-key (kbd "<f7>") 'split-window-right) - (global-set-key (kbd "<f8>") 'delete-other-windows) - ''; - - lspMode = '' - (require 'lsp-mode) - (add-hook 'rust-mode-hook #'lsp) - ''; - - dotEmacs = pkgs.writeText "dot-emacs" '' - ${packageRepos} - - ${evilMode} - ${goMode} - ${helm} - ${magit} - ${orgMode} - ${rustDevelopment} - ${theme} - ${windowCosmetics} - - ${orgAgendaView} - ${myFunctionKeys} - ${lspMode} - ''; - - #emacsWithCustomPackages - emacsPkgs= epkgs: [ - # testing lsp mode - epkgs.melpaPackages.lsp-ui - epkgs.melpaPackages.company-lsp - epkgs.melpaPackages.lsp-treemacs - epkgs.melpaPackages.helm-lsp - epkgs.melpaPackages.dap-mode - epkgs.melpaPackages.lsp-mode - + # The emacs packages that I use + # I differ between + # - stable (Packages that I use for some time - happy with it) + # - unstable (Packages that I use for some time - but may drop) + # - testing (Packages that I try out - the new stuff) + emacsPkgs = epkgs: + (with epkgs.melpaPackages ; + + ## windows-purpose (testing) + [ window-purpose ] ++ + + ## helm (stable) + # emacs completion engine + [ helm helm-ag ] ++ + + ## deft (testing) + # text search for a directory + [ deft ] ++ + + ## lsp mode (unstable) + # Language Server Protocol mode + # Used for rust + [ company-lsp dap-mode helm-lsp lsp-mode lsp-treemacs lsp-ui ] ++ + + ## emacs convenience (stable) + # Mixed and general purpose + [ ag company direnv evil google-this spacemacs-theme ] ++ + + ## common lisp (testing) + [ slime ] ++ + + ## magit (stable) + [ magit ] ++ + + ## bunch of programming languages (unstable) + [ go-mode haskell-mode nix-mode ] ++ + + ## rust (unstable) + [ racer rust-mode ] ++ + + ## python (stable) + # Python IDE for emacs + [ elpy ]) ++ + + ## org-mode + # Org-Mode has several extensions + # and can be seen as an application of its own. + (with epkgs.melpaPackages ; # testing - epkgs.melpaPackages.web-mode - epkgs.melpaPackages.js2-mode - epkgs.melpaPackages.xref-js2 - - epkgs.melpaPackages.academic-phrases - - epkgs.melpaPackages.gitlab - epkgs.melpaPackages.helm - epkgs.melpaPackages.weechat + [ org-super-agenda org-bullets org-ql ] ++ + # unstable + [ smex org-mime orgit ] + ) ++ -# emacs convenience - epkgs.melpaPackages.ag - epkgs.melpaPackages.company - epkgs.melpaPackages.direnv - epkgs.melpaPackages.evil - epkgs.melpaPackages.google-this - epkgs.melpaPackages.monokai-alt-theme - epkgs.melpaPackages.zenburn-theme + # stable + (with epkgs.orgPackages ; + [ org-plus-contrib ]) ++ -# development - epkgs.melpaPackages.magit - epkgs.melpaPackages.nix-mode - epkgs.melpaPackages.go-mode - epkgs.melpaPackages.haskell-mode -# rust - epkgs.melpaPackages.rust-mode -# epkgs.melpaPackages.flycheck-rust - epkgs.melpaPackages.racer + # stable + (with epkgs.elpaPackages ; + [ bbdb which-key ]); -# python - epkgs.melpaPackages.elpy - -# org-mode - epkgs.elpaPackages.bbdb - epkgs.orgPackages.org-plus-contrib - epkgs.melpaPackages.smex - epkgs.melpaPackages.org-mime - epkgs.melpaPackages.orgit - - - epkgs.elpaPackages.which-key - ]; +# ## EXWM related (unstable) +# epkgs.exwm +# epkgs.melpaPackages.desktop-environment +# epkgs.melpaPackages.helm-exwm +# ]; emacsWithOverlay = pkgsWithOverlay.emacsWithPackagesFromUsePackage { - config = builtins.readFile dotEmacs; # builtins.readFile ./emacs.el; + config = builtins.readFile ./elisp/init.el; # Package is optional, defaults to pkgs.emacs package = pkgsWithOverlay.emacsGit; # Optionally provide extra packages not in the configuration file @@ -245,18 +86,34 @@ let }; myEmacs = pkgs.writeDashBin "my-emacs" '' - exec ${emacsWithOverlay}/bin/emacs -q -l ${dotEmacs} "$@" + exec ${emacsWithOverlay}/bin/emacs -q "$@" ''; myEmacsWithDaemon = pkgs.writeDashBin "my-emacs-daemon" '' - exec ${emacsWithOverlay}/bin/emacs -q -l ${dotEmacs} --daemon + exec ${emacsWithOverlay}/bin/emacs -q --daemon -l ${./elisp/init.el} ''; myEmacsClient = pkgs.writeDashBin "meclient" '' - exec ${emacsWithOverlay}/bin/emacsclient --create-frame + exec ${emacsWithOverlay}/bin/emacsclient --create-frame "$@" ''; in { environment.systemPackages = [ - myEmacs myEmacsWithDaemon myEmacsClient + myEmacs myEmacsWithDaemon myEmacsClient emacsWithOverlay ]; + +## EXWM Config +# services.xserver = { +# enable = true; +# xkbOptions = "caps:super"; +# exportConfiguration = true; +# +# displayManager.slim.enable = true; +# windowManager.default = "exwm"; +# +# # Set up the login session +# windowManager.session = [{ +# name = "exwm"; +# start = "${emacsWithOverlay}/bin/emacs -q -l " + builtins.toString ./elisp/init.el; +# }]; +# }; } diff --git a/jeschli/2configs/firefox.nix b/jeschli/2configs/firefox.nix index d171fa82d..1e1e16918 100644 --- a/jeschli/2configs/firefox.nix +++ b/jeschli/2configs/firefox.nix @@ -2,20 +2,11 @@ let - # Firefox addons - https-everywhere = pkgs.callPackage ./own-pkgs/https-everywhere {}; - ublock-origin = pkgs.callPackage ./own-pkgs/ublock-origin {}; - webgl-fingerprint-defender = pkgs.callPackage ./own-pkgs/webgl-fingerprint-defender {}; - canvas-fingerprint-defender = pkgs.callPackage ./own-pkgs/canvas-fingerprint-defender {}; - audio-fingerprint-defender = pkgs.callPackage ./own-pkgs/audio-fingerprint-defender {}; - font-fingerprint-defender = pkgs.callPackage ./own-pkgs/font-fingerprint-defender {}; - user-agent-switcher = pkgs.callPackage ./own-pkgs/user-agent-switcher {}; - dark-reader = pkgs.callPackage ./own-pkgs/dark-reader {}; - - wrapper = pkgs.callPackage ./overlays/firefox-with-config.nix { }; + wrapper = pkgs.callPackage ../5pkgs/firefox/firefox-with-config.nix { }; myFirefox = wrapper pkgs.firefox-unwrapped { - extraExtensions = [ + # these plugins are defined in 5pkgs/firefox + extraExtensions = with pkgs ; [ dark-reader https-everywhere ublock-origin diff --git a/jeschli/2configs/haskell.nix b/jeschli/2configs/haskell.nix new file mode 100644 index 000000000..46ae24fb0 --- /dev/null +++ b/jeschli/2configs/haskell.nix @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: +let + all-hies = import (fetchTarball "https://github.com/infinisil/all-hies/tarball/master") {}; +in +{ + environment.systemPackages = with pkgs; [ + cabal2nix + gcc + ghc + haskellPackages.cabal-install + haskellPackages.ghcid + haskellPackages.hindent + haskellPackages.hlint + haskellPackages.hoogle + haskellPackages.stack + (all-hies.selection { selector = p: {inherit (p) ghc864; }; }) + ]; +} diff --git a/jeschli/2configs/i3.nix b/jeschli/2configs/i3.nix index f062daec3..1a6c4927a 100644 --- a/jeschli/2configs/i3.nix +++ b/jeschli/2configs/i3.nix @@ -232,11 +232,10 @@ services.xserver.enable = true; services.xserver.displayManager.lightdm.enable = true; # Allow users in video group to change brightness - hardware.brightnessctl.enable = true; - environment.systemPackages = with pkgs; [ rofi # Dmenu replacement acpilight # Replacement for xbacklight + brightnessctl arandr # Xrandr gui feh wirelesstools # To get wireless statistics diff --git a/jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix b/jeschli/5pkgs/firefox/audio-fingerprint-defender/default.nix index 05815e132..05815e132 100644 --- a/jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix +++ b/jeschli/5pkgs/firefox/audio-fingerprint-defender/default.nix diff --git a/jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix b/jeschli/5pkgs/firefox/canvas-fingerprint-defender/default.nix index 21b4b3f97..21b4b3f97 100644 --- a/jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix +++ b/jeschli/5pkgs/firefox/canvas-fingerprint-defender/default.nix diff --git a/jeschli/2configs/own-pkgs/dark-reader/default.nix b/jeschli/5pkgs/firefox/dark-reader/default.nix index 44f4f9054..44f4f9054 100644 --- a/jeschli/2configs/own-pkgs/dark-reader/default.nix +++ b/jeschli/5pkgs/firefox/dark-reader/default.nix diff --git a/jeschli/5pkgs/firefox/default.nix b/jeschli/5pkgs/firefox/default.nix new file mode 100644 index 000000000..6ba4fec83 --- /dev/null +++ b/jeschli/5pkgs/firefox/default.nix @@ -0,0 +1,18 @@ +with import <stockholm/lib>; + +self: super: + +let + # This callPackage will try to detect obsolete overrides. + callPackage = path: args: let + override = self.callPackage path args; + upstream = optionalAttrs (override ? "name") + (super.${(parseDrvName override.name).name} or {}); + in if upstream ? "name" && + override ? "name" && + compareVersions upstream.name override.name != -1 + then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override + else override; +in + + mapNixDir (path: callPackage path {}) ./. diff --git a/jeschli/2configs/overlays/firefox-with-config.nix b/jeschli/5pkgs/firefox/firefox-with-config.nix index 9be6250d7..9be6250d7 100644 --- a/jeschli/2configs/overlays/firefox-with-config.nix +++ b/jeschli/5pkgs/firefox/firefox-with-config.nix diff --git a/jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix b/jeschli/5pkgs/firefox/font-fingerprint-defender/default.nix index 26751beef..26751beef 100644 --- a/jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix +++ b/jeschli/5pkgs/firefox/font-fingerprint-defender/default.nix diff --git a/jeschli/2configs/own-pkgs/hopper/default.nix b/jeschli/5pkgs/firefox/hopper/default.nix index 569fc6aaf..569fc6aaf 100644 --- a/jeschli/2configs/own-pkgs/hopper/default.nix +++ b/jeschli/5pkgs/firefox/hopper/default.nix diff --git a/jeschli/2configs/own-pkgs/https-everywhere/default.nix b/jeschli/5pkgs/firefox/https-everywhere/default.nix index 66fede43c..66fede43c 100644 --- a/jeschli/2configs/own-pkgs/https-everywhere/default.nix +++ b/jeschli/5pkgs/firefox/https-everywhere/default.nix diff --git a/jeschli/2configs/own-pkgs/pyocclient/default.nix b/jeschli/5pkgs/firefox/pyocclient/default.nix index cd91f6171..cd91f6171 100644 --- a/jeschli/2configs/own-pkgs/pyocclient/default.nix +++ b/jeschli/5pkgs/firefox/pyocclient/default.nix diff --git a/jeschli/2configs/own-pkgs/rmount/default.nix b/jeschli/5pkgs/firefox/rmount/default.nix index 22631f420..22631f420 100644 --- a/jeschli/2configs/own-pkgs/rmount/default.nix +++ b/jeschli/5pkgs/firefox/rmount/default.nix diff --git a/jeschli/2configs/own-pkgs/ublock-origin/default.nix b/jeschli/5pkgs/firefox/ublock-origin/default.nix index 45465d482..002fa3efc 100644 --- a/jeschli/2configs/own-pkgs/ublock-origin/default.nix +++ b/jeschli/5pkgs/firefox/ublock-origin/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { meta = with stdenv.lib; { description = "ublock origin firefox browser addon"; homepage = https://github.com/gorhill/uBlock; - license = licenses.gnu3; + license = licenses.gpl3; maintainers = []; platforms = stdenv.lib.platforms.all; }; diff --git a/jeschli/2configs/own-pkgs/user-agent-switcher/default.nix b/jeschli/5pkgs/firefox/user-agent-switcher/default.nix index c96f11129..c96f11129 100644 --- a/jeschli/2configs/own-pkgs/user-agent-switcher/default.nix +++ b/jeschli/5pkgs/firefox/user-agent-switcher/default.nix diff --git a/jeschli/2configs/own-pkgs/webgl-fingerprint-defender/default.nix b/jeschli/5pkgs/firefox/webgl-fingerprint-defender/default.nix index 4e608d182..4e608d182 100644 --- a/jeschli/2configs/own-pkgs/webgl-fingerprint-defender/default.nix +++ b/jeschli/5pkgs/firefox/webgl-fingerprint-defender/default.nix diff --git a/jeschli/2configs/own-pkgs/wl-clipboard/default.nix b/jeschli/5pkgs/firefox/wl-clipboard/default.nix index 349d910da..349d910da 100644 --- a/jeschli/2configs/own-pkgs/wl-clipboard/default.nix +++ b/jeschli/5pkgs/firefox/wl-clipboard/default.nix diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 7a096cecf..1356b4d7e 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -46,8 +46,8 @@ in # connect to git.shackspace.de as group runner for rz <stockholm/krebs/2configs/shack/gitlab-runner.nix> - # Statistics collection and visualization - <stockholm/krebs/2configs/shack/graphite.nix> + # Statistics collection and visualization + # <stockholm/krebs/2configs/shack/graphite.nix> # graphiteApi is broken and unused(hopefully) ## Collect data from mqtt.shack and store in graphite database <stockholm/krebs/2configs/shack/mqtt_sub.nix> ## Collect radioactive data and put into graphite diff --git a/krebs/3modules/charybdis.nix b/krebs/3modules/charybdis.nix index aa7c980c5..038d79dd0 100644 --- a/krebs/3modules/charybdis.nix +++ b/krebs/3modules/charybdis.nix @@ -71,14 +71,13 @@ in config = mkIf cfg.enable (lib.mkMerge [ { - users.users = singleton { - name = cfg.user; + users.users.${cfg.user} = { description = "Charybdis IRC daemon user"; uid = config.ids.uids.ircd; group = cfg.group; }; - users.groups = singleton { + users.groups.${cfg.group} = { name = cfg.group; gid = config.ids.gids.ircd; }; @@ -102,7 +101,7 @@ in }; } - + (mkIf (cfg.motd != null) { environment.etc."charybdis/ircd.motd".text = cfg.motd; }) diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index aa06a883d..f3180722d 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -102,7 +102,6 @@ let { krebs = import ./krebs { inherit config; }; } { krebs = import ./lass { inherit config; }; } { krebs = import ./makefu { inherit config; }; } - { krebs = import ./nin { inherit config; }; } { krebs = import ./external/palo.nix { inherit config; }; } { krebs = import ./external/mic92.nix { inherit config; }; } { krebs = import ./tv { inherit config; }; } diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index b437456ec..62cdf8542 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -68,6 +68,31 @@ in { }; }; }; + helsinki = { + owner = config.krebs.users.ajs124; + nets = { + retiolum = { + ip4.addr = "10.243.10.1"; + aliases = [ "helsinki.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA5MnCmT9xVEtv3hoZsjmgF4pVnPgzaWWVrZVguMfXcbTiusgWqBIM + Ms/Ue676J3kQIJT1QSMA2RWDUU++dUcfhHF87vFpnyCnaKjfz6LyAwlSfKluttyY + aFNgcUWlZRl4wkqys/oYhLD1q26mO/ekCA2eohzbB1TCaPY97VM5nl0MkXStMN76 + B+Ipw/gQcZXuWYct8Nj69sETPLnbf6ZBKs+T213as+NUSHVUdmBmV8QtmHDI3e7B + 4wAK1JkFCQgVu9gm/6BvqWroOMcmtxzSceyrY+0MWnAnM+wrLcYYaT2xw1OJyWmM + riOHHMw9iLVxqyQ+3eDucJRQcJzO7I4j8zQaoYxPE1ZSl4wTsaypkMuNOyhYv2C9 + RNPJgTBlr911NnY7TcKauz/lO1Qcl5kHBMrIfwsbsQK+zfN2XX+s21/SPeSJ7k1N + OqXeyX0mz2l7bhBDwTTDtINSz8sB3BL59mVbWY5z5b90oeKPrfygmp7V0CSKgHBr + b5ZIhMRfgcK+HjolcEqdL9INpJZVFYt3vWPNhDpbX5sEOjjR+ODceriL8zdlTBRx + PyB9OiK6tN+L63QFM7H1NFN9fPeOd2WbHvfoeX255kx8FHSALKL5rVSz9Ejwc97k + rG0FItgHXajPazulBfUV0N9ck7SwLTmStKxtQ8NKCoIJLpv2ip4C+t0CAwEAAQ== + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = 47fX1g6qynVprA+PtniBLEonFp1B70nMrJ8SBCWNJnL + ''; + }; + }; + }; homeros = { owner = config.krebs.users.kmein; nets = { @@ -399,6 +424,9 @@ in { }; }; users = { + ajs124 = { + mail = "stockholm@ajs124.de"; + }; ciko = { mail = "wieczorek.stefan@googlemail.com"; }; diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 00847071a..9c2c0e94c 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -30,6 +30,7 @@ in { 60 IN NS ns16.ovh.net. 60 IN NS dns16.ovh.net. 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + IN MX 5 lassul.us. 60 IN TXT v=spf1 mx a:lassul.us -all 60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" ) default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index c76ed0ad1..e204b4f31 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -182,7 +182,9 @@ in { gum IN A ${nets.internet.ip4.addr} io IN NS gum.krebsco.de. iso.euer IN A ${nets.internet.ip4.addr} + feed.euer IN A ${nets.internet.ip4.addr} board.euer IN A ${nets.internet.ip4.addr} + etherpad.euer IN A ${nets.internet.ip4.addr} rss.euer IN A ${nets.internet.ip4.addr} mediengewitter IN CNAME over.dose.io. mon.euer IN A ${nets.internet.ip4.addr} diff --git a/krebs/3modules/nin/default.nix b/krebs/3modules/nin/default.nix deleted file mode 100644 index 1531a2c89..000000000 --- a/krebs/3modules/nin/default.nix +++ /dev/null @@ -1,111 +0,0 @@ -{ config, ... }: - -with import <stockholm/lib>; - -{ - hosts = mapAttrs (_: recursiveUpdate { - owner = config.krebs.users.nin; - ci = true; - }) { - hiawatha = { - cores = 2; - nets = { - retiolum = { - ip4.addr = "10.243.132.96"; - ip6.addr = "42:0000:0000:0000:0000:0000:0000:2342"; - aliases = [ - "hiawatha.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAucIe5yLzKJ8F982XRpZT6CvyXuPrtnNTmw/E/T6Oyq88m/OVHh6o - Viho1XAlJZZwqNniItD0AQB98uFB3+3yA7FepnwwC+PEceIfBG4bTDNyYD3ZCsAB - iWpmRar9SQ7LFnoZ6X2lYaJkUD9afmvXqJJLR5MClnRQo5OSqXaFdp7ryWinHP7E - UkPSNByu4LbQ9CnBEW8mmCVZSBLb8ezxg3HpJSigmUcJgiDBJ6aj22BsZ5L+j1Sr - lvUuaCr8WOS41AYsD5dbTYk7EG42tU5utrOS6z5yHmhbA5r8Ro2OFi/R3Td68BIJ - yw/m8sfItBCvjJSMEpKHEDfGMBCfQKltCwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFizK5kauDlnjm/IzyzLi+W4hLKqjSWMkfuxzLwg6egx"; - }; - axon= { - cores = 2; - nets = { - retiolum = { - ip4.addr = "10.243.134.66"; - ip6.addr = "42:0000:0000:0000:0000:0000:0000:1379"; - aliases = [ - "axon.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIECgKCBAEA89h5SLDQL/ENM//3SMzNkVnW4dBdg1GOXs/SdRCTcgygJC0TzsAo - glfQhfS+OhFSC/mXAjP8DnN7Ys6zXzMfJgH7TgVRJ8tCo5ETehICA19hMjMFINLj - KZhhthPuX7u2Jr4uDMQ0eLJnKVHF4PmHnkA+JGcOqO7VSkgcqPvqPMnJFcMkGWvH - L3KAz1KGPHZWrAB2NBDrD/bOZj4L39nS4nJIYVOraP7ze1GTTC7s/0CnZj3qwS5j - VdUYgAR+bdxlWm1B1PPOjkslP6UOklQQK4SjK3ceLYb2yM7BVICeznjWCbkbMACY - PUSvdxyiD7nZcLvuM3cJ1M45zUK+tAHHDB5FFUUAZ+YY/Xml4+JOINekpQdGQqkN - X4VsdRGKpjqi+OXNP4ktDcVkl8uALmNR6TFfAEwQJdjgcMxgJGW9PkqvPl3Mqgoh - m89lHPpO0Cpf40o6lZRG42gH1OR7Iy1M234uA08a3eFf+IQutHaOBt/Oi0YeiaQp - OtJHmWtpsQRz24/m+uroSUtKZ63sESli28G1jP73Qv7CiB8KvSX0Z4zKJOV/CyaT - LLguAyeWdNLtVg4bGRd7VExoWA+Rd9YKHCiE5duhETZk0Hb9WZmgPdM7A0RBb+1H - /F9BPKSZFl2e42VEsy8yNmBqO8lL7DVbAjLhtikTpPLcyjNeqN99a8jFX4c5nhIK - MVsSLKsmNGQq+dylXMbErsGu3P/OuCZ4mRkC32Kp4qwJ+JMrJc8+ZbhKl6Fhwu0w - 7DwwoUaRoMqtr2AwR+X67eJsYiOVo5EkqBo6DrWIM6mO2GrWHg5LTBIShn08q/Nm - ofPK2TmLdfqBycUR0kRCCPVi82f9aElmg3pzzPJnLAn9JLL43q6l+sefvtr9sTs3 - 1co6m8k5mO8zTb8BCmX2nFMkCopuHeF1nQ33y6woq0D8WsXHfHtbPwN9eYRVrbBF - 29YBp5E+Q1pQB+0rJ4A5N1I3VUKhDGKc72pbQc8cYoAbDXA+RKYbsFOra5z585dt - 4HQXpwj3a/JGJYRT6FVbJp4p8PjwAtN9VkpXNl4//3lXQdDD6aQ6ssXaKxVAp2Xj - FjPjx6J6ok4mRvofKNAREt4eZUdDub34bff6G0zI7Vls9t4ul0uHsJ6+ic3CG+Yl - buLfOkDp4hVCAlMPQ2NJfWKSggoVao7OTBPTMB3NiM56YOPptfZgu2ttDRTyuQ7p - hrOwutxoy/abH3hA8bWj1+C23vDtQ2gj0r16SWxpPdb3sselquzKp9NIvtyRVfnG - yYZTWRHg9mahMC2P0/wWAQVjKb0LnTib4lSe21uqFkWzp+3/Uu+hiwP5xGez/NIi - ahyL7t0D9r9y+i1RPjYWypgyR568fiGheQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF4ubHA2pQzV4tQq9D1zRTD1xOSR6xZM3z6te+5A1ekc"; - }; - onondaga = { - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.132.55"; - ip6.addr = "42:0000:0000:0000:0000:0000:0000:1357"; - aliases = [ - "onondaga.r" - "cgit.onondaga.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAqj6NPhRVsr8abz9FFx9+ld3amfxN7SRNccbksUOqkufGS0vaupFR - OWsgj4Qmt3lQ82YVt5yjx0FZHkAsenCEKM3kYoIb4nipT0e1MWkQ7plVveMfGkiu - htaJ1aCbI2Adxfmk4YbyAr8k3G+Zl9t7gTikBRh7cf5PMiu2JhGUZHzx9urR0ieH - xyashZFjl4TtIy4q6QTiyST9kfzteh8k7CJ72zfYkdHl9dPlr5Nk22zH9xPkyzmO - kCNeknuDqKeTT9erNtRLk6pjEcyutt0y2/Uq6iZ38z5qq9k4JzcMuQ3YPpNy8bxn - hVuk2qBu6kBTUW3iLchoh0d4cfFLWLx1SQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGmQk7AXsYLzjUrOjsuhZ3+gT7FjhPtjwxv5XnuU8GJO"; - }; - - }; - users = { - nin = { - mail = "nin@axon.r"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl4jHl2dya9Tecot7AcHuk57FiPN0lo8eDa03WmTOCCU7gEJLgpi/zwLxY/K4eXsDgOt8LJwddicgruX2WgIYD3LnwtuN40/U9QqqdBIv/5sYZTcShAK2jyPj0vQJlVUpL7DLxxRH+t4lWeRw/1qaAAVt9jEVbzT5RH233E6+SbXxfnQDhDwOXwD1qfM10BOGh63iYz8/loXG1meb+pkv3HTf5/D7x+/y1XvWRPKuJ2Ml33p2pE3cTd+Tie1O8CREr45I9JOIOKUDQk1klFL5NNXnaQ9h1FRCsnQuoGztoBq8ed6XXL/b8mQ0lqJMxHIoCuDN/HBZYJ0z+1nh8X6XH nin@axon"; - }; - nin_h = { - mail = "nin@hiawatha.r"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDicZLUPEVNX7SgqYWcjPo0UESRizEfIvVVbiwa1aApA8x25u/5R3sevcgbIpLHYKDMl5tebny9inr6G2zqB6oq/pocQjHxrPnuLzqjvqeSpbjQjlNWJ9GaHT5koTXZHdkEXGL0vfv1SRDNWUiK0rNymr3GXab4DyrnRnuNl/G1UtLf4Zka94YUD0SSPdS9y6knnRrUWKjGMFBZEbNSgHqMGATPQP9VDwKHIO2OWGfiBAJ4nj/MWj+BxHDleCMY9zbym8yY7p/0PLaUe9eIyLC8MftJ5suuMmASlj+UGWgnqUxWxsMHax9y7CTAc23r1NNCXN5LC6/facGt0rEQrdrTizBgOA1FSHAPCl5f0DBEgWBrRuygEcAueuGWvI8/uvtvQQZLhosDbXEfs/3vm2xoYBe7wH4NZHm+d2LqgIcPXehH9hVQsl6pczngTCJt0Q/6tIMffjhDHeYf6xbe/n3AqFT0PylUSvOw/H5iHws3R6rxtgnOio7yTJ4sq0NMzXCtBY6LYPGnkwf0oKsgB8KavZVnxzF8B1TD4nNi0a7ma7bd1LMzI/oGE6i8kDMROgisIECOcoe8YYJZXIne/wimhhRKZAsd+VrKUo4SzNIavCruCodGAVh2vfrqRJD+HD/aWH7Vr1fCEexquaxeKpRtKGIPW9LRCcEsTilqpZdAiw== nin@hiawatha"; - }; - }; -} diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix index 837a9bea7..fcc453fa4 100644 --- a/krebs/3modules/reaktor2.nix +++ b/krebs/3modules/reaktor2.nix @@ -45,6 +45,10 @@ with import <stockholm/lib>; default = self.config.port == "6697"; type = types.bool; }; + API.listen = mkOption { + default = null; + type = types.nullOr types.str; + }; }; })); }; @@ -65,9 +69,11 @@ with import <stockholm/lib>; ExecStart = let configFile = pkgs.writeJSON configFileName configValue; configFileName = "${cfg.systemd-service-name}.config.json"; - configValue = recursiveUpdate { - logTime = false; - } (removeAttrs cfg ["_module"]); + configValue = stripAttr ( + recursiveUpdate { + logTime = false; + } (removeAttrs cfg ["_module"]) + ); in "${pkgs.reaktor2}/bin/reaktor ${configFile}"; Restart = "always"; RestartSec = "30"; diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix index 43c2798d5..eb27aa34d 100644 --- a/krebs/3modules/rtorrent.nix +++ b/krebs/3modules/rtorrent.nix @@ -301,6 +301,7 @@ let default = mkDefault true; inherit (webcfg) basicAuth; root = optionalString rucfg.enable webdir; + listen = [ { inherit (webcfg) addr port; } ]; locations = { "/RPC2".extraConfig = '' @@ -319,15 +320,7 @@ let include ${pkgs.nginx}/conf/fastcgi.conf; ''; } ); - # workaround because upstream nginx api changed - # TODO remove when nobody uses 17.03 anymore - } // (if hasAttr "port" (head options.services.nginx.virtualHosts.type.getSubModules).submodule.options then { - port = webcfg.port; - } else { - listen = [ - { inherit (webcfg) addr port; } - ]; - }); + }; }; rutorrent-imp = { diff --git a/krebs/5pkgs/simple/go-shortener/node-packages.nix b/krebs/5pkgs/simple/go-shortener/node-packages.nix index 526cd5a11..613e31ba0 100644 --- a/krebs/5pkgs/simple/go-shortener/node-packages.nix +++ b/krebs/5pkgs/simple/go-shortener/node-packages.nix @@ -1,34 +1,43 @@ -# This file has been generated by node2nix 1.5.3. Do not edit! +# This file has been generated by node2nix 1.7.0. Do not edit! {nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}: let sources = { - "double-ended-queue-2.1.0-0" = { - name = "double-ended-queue"; - packageName = "double-ended-queue"; - version = "2.1.0-0"; + "denque-1.4.1" = { + name = "denque"; + packageName = "denque"; + version = "1.4.1"; src = fetchurl { - url = "https://registry.npmjs.org/double-ended-queue/-/double-ended-queue-2.1.0-0.tgz"; - sha1 = "103d3527fd31528f40188130c841efdd78264e5c"; + url = "https://registry.npmjs.org/denque/-/denque-1.4.1.tgz"; + sha512 = "OfzPuSZKGcgr96rf1oODnfjqBFmr1DVoc/TrItj3Ohe0Ah1C5WX5Baquw/9U9KovnQ88EqmJbD66rKYUQYN1tQ=="; }; }; - "redis-commands-1.3.5" = { + "redis-commands-1.5.0" = { name = "redis-commands"; packageName = "redis-commands"; - version = "1.3.5"; + version = "1.5.0"; src = fetchurl { - url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.3.5.tgz"; - sha512 = "2q8pai3gf0dczb03jjig3mpaz4j2kvw8icpgf8hp4fryr3d6c0mjkvxxdmlyhainybx4zhgqsw9ghc9p986alzdzd2n2p4cxvr8b0by"; + url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.5.0.tgz"; + sha512 = "6KxamqpZ468MeQC3bkWmCB1fp56XL64D4Kf0zJSwDZbVLLm7KFkoIcHrgRvQ+sk8dnhySs7+yBg94yIkAK7aJg=="; }; }; - "redis-parser-2.6.0" = { + "redis-errors-1.2.0" = { + name = "redis-errors"; + packageName = "redis-errors"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/redis-errors/-/redis-errors-1.2.0.tgz"; + sha1 = "eb62d2adb15e4eaf4610c04afe1529384250abad"; + }; + }; + "redis-parser-3.0.0" = { name = "redis-parser"; packageName = "redis-parser"; - version = "2.6.0"; + version = "3.0.0"; src = fetchurl { - url = "https://registry.npmjs.org/redis-parser/-/redis-parser-2.6.0.tgz"; - sha1 = "52ed09dacac108f1a631c07e9b69941e7a19504b"; + url = "https://registry.npmjs.org/redis-parser/-/redis-parser-3.0.0.tgz"; + sha1 = "b66d828cdcafe6b4b8a428a7def4c6bcac31c8b4"; }; }; }; @@ -37,40 +46,43 @@ in formidable = nodeEnv.buildNodePackage { name = "formidable"; packageName = "formidable"; - version = "1.2.1"; + version = "1.2.2"; src = fetchurl { - url = "https://registry.npmjs.org/formidable/-/formidable-1.2.1.tgz"; - sha512 = "1x0n2rfaiasdjbw1mm7s29z84f68c7iji7lb1gkxvpknvv6q7bwns7z55ijcf4vkh4kvis12rbgaaih49jf9lj53s30mllb1d35bkqn"; + url = "https://registry.npmjs.org/formidable/-/formidable-1.2.2.tgz"; + sha512 = "V8gLm+41I/8kguQ4/o1D3RIHRmhYFG4pnNyonvua+40rqcEmT4+V71yaZ3B457xbbgCsCfjSPi65u/W6vK1U5Q=="; }; buildInputs = globalBuildInputs; meta = { description = "A node.js module for parsing form data, especially file uploads."; - homepage = https://github.com/felixge/node-formidable; + homepage = https://github.com/node-formidable/formidable; license = "MIT"; }; production = true; bypassCache = true; + reconstructLock = true; }; redis = nodeEnv.buildNodePackage { name = "redis"; packageName = "redis"; - version = "2.8.0"; + version = "3.0.2"; src = fetchurl { - url = "https://registry.npmjs.org/redis/-/redis-2.8.0.tgz"; - sha512 = "3a3044ax6qdvss83xgjfx10h5q91ls0mwgs3wpsnxcdsiipq3cnmqzsh6glyq0r7vsmpw49jp84c2jnfrhi2bgycrkd9hhhf6ia8lrk"; + url = "https://registry.npmjs.org/redis/-/redis-3.0.2.tgz"; + sha512 = "PNhLCrjU6vKVuMOyFu7oSP296mwBkcE6lrAjruBYG5LgdSqtRBoVQIylrMyVZD/lkF24RSNNatzvYag6HRBHjQ=="; }; dependencies = [ - sources."double-ended-queue-2.1.0-0" - sources."redis-commands-1.3.5" - sources."redis-parser-2.6.0" + sources."denque-1.4.1" + sources."redis-commands-1.5.0" + sources."redis-errors-1.2.0" + sources."redis-parser-3.0.0" ]; buildInputs = globalBuildInputs; meta = { - description = "Redis client library"; - homepage = https://github.com/NodeRedis/node_redis; + description = "A high performance Redis client."; + homepage = https://github.com/NodeRedis/node-redis; license = "MIT"; }; production = true; bypassCache = true; + reconstructLock = true; }; }
\ No newline at end of file diff --git a/krebs/5pkgs/simple/go-shortener/update.sh b/krebs/5pkgs/simple/go-shortener/update.sh index 0c1ecc58c..1a58d0367 100755 --- a/krebs/5pkgs/simple/go-shortener/update.sh +++ b/krebs/5pkgs/simple/go-shortener/update.sh @@ -1,2 +1,4 @@ -node2nix -8 -i pkgs.json -c combine.nix +#!/usr/bin/env nix-shell +#! nix-shell -i bash -p nodePackages_10_x.node2nix +node2nix -10 -i pkgs.json -c combine.nix rm node-env.nix combine.nix diff --git a/krebs/5pkgs/simple/realwallpaper/default.nix b/krebs/5pkgs/simple/realwallpaper/default.nix index c511458f9..057983fec 100644 --- a/krebs/5pkgs/simple/realwallpaper/default.nix +++ b/krebs/5pkgs/simple/realwallpaper/default.nix @@ -138,7 +138,7 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' # remove snow from ice map if needs_rebuild ice.png ice-raw.jpg; then - convert ice-raw.jpg -fuzz 20% -fill black -opaque white -scale "$in_size" ice.png + convert ice-raw.jpg -fuzz 20% -fill black -opaque white -colorspace gray -blur 0x6 -scale "$in_size" ice.png fi if needs_rebuild snow.png snow-raw.jpg; then diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 847e3c61e..c64d43862 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "d96bd3394b734487d1c3bfbac0e8f17465e03afe", - "date": "2020-03-19T15:32:34+01:00", - "sha256": "05n27wz5ln9ni5cy5rhjcy612i44gmblkq5m0g827v8pd0nk00da", + "rev": "0f5ce2fac0c726036ca69a5524c59a49e2973dd4", + "date": "2020-05-19T01:31:20+02:00", + "sha256": "0nkk492aa7pr0d30vv1aw192wc16wpa1j02925pldc09s9m9i0r3", "fetchSubmodules": false } diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 123d624d8..8fd800964 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "598a9cbed6348ebda43c6b1a9a3061e0206297e7", - "date": "2020-03-28T03:06:32+01:00", - "sha256": "12m910j2sfhm3a6skw4janxy010gzdxp15bn8v9w7w9hhjzvdw8c", + "rev": "48723f48ab92381f0afd50143f38e45cf3080405", + "date": "2020-05-22T11:40:20+02:00", + "sha256": "0h3b3l867j3ybdgimfn76lw7w6yjhszd5x02pq5827l659ihcf53", "fetchSubmodules": false } diff --git a/krebs/update-nixpkgs.sh b/krebs/update-nixpkgs.sh index 9b5d7ccd8..bb4b54793 100755 --- a/krebs/update-nixpkgs.sh +++ b/krebs/update-nixpkgs.sh @@ -3,7 +3,7 @@ dir=$(dirname $0) oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \ --url https://github.com/NixOS/nixpkgs-channels \ - --rev refs/heads/nixos-19.09' \ + --rev refs/heads/nixos-20.03' \ > $dir/nixpkgs.json newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev" diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index 5e16052ad..8332e7c53 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -21,20 +21,15 @@ with import <stockholm/lib>; #<stockholm/lass/2configs/prism-share.nix> <stockholm/lass/2configs/ssh-cryptsetup.nix> <stockholm/lass/2configs/network-manager.nix> + <stockholm/lass/2configs/home-media.nix> ]; - #media center - users.users.media = { - isNormalUser = true; - uid = genid_uint31 "media"; - extraGroups = [ "video" "audio" ]; - }; + krebs.build.host = config.krebs.hosts.icarus; services.xserver.displayManager.lightdm.autoLogin = { enable = true; user = "media"; }; - krebs.build.host = config.krebs.hosts.icarus; - programs.adb.enable = true; + environment.systemPackages = [ pkgs.chromium ]; } diff --git a/lass/1systems/icarus/physical.nix b/lass/1systems/icarus/physical.nix index 861bd8b0b..bd74c29f3 100644 --- a/lass/1systems/icarus/physical.nix +++ b/lass/1systems/icarus/physical.nix @@ -46,6 +46,15 @@ ''; services.thinkfan.enable = true; + services.thinkfan.levels = '' + (0, 0, 55) + (1, 48, 60) + (2, 50, 61) + (3, 52, 63) + (6, 60, 65) + (7, 80, 85) + (127, 90, 32767) + ''; services.logind.lidSwitch = "ignore"; services.logind.lidSwitchDocked = "ignore"; diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index fe0b6d85b..c1ceb0633 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -39,6 +39,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/network-manager.nix> <stockholm/lass/2configs/nfs-dl.nix> #<stockholm/lass/2configs/hardening.nix> + <stockholm/lass/2configs/ppp.nix> { krebs.iptables.tables.filter.INPUT.rules = [ #risk of rain @@ -77,16 +78,6 @@ with import <stockholm/lib>; }; } { - lass.umts = { - enable = true; - modem = "/dev/serial/by-id/usb-Lenovo_F5521gw_2C7D8D7C35FC7040-if09"; - initstrings = '' - Init1 = AT+CFUN=1 - Init2 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0 - ''; - }; - } - { services.nginx = { enable = true; virtualHosts.default = { diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index c6e0400bf..f1f14e791 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -65,13 +65,6 @@ with import <stockholm/lib>; config.krebs.users.makefu.pubkey ]; }; - users.users.nin = { - uid = genid "nin"; - isNormalUser = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - ]; - }; users.extraUsers.dritter = { uid = genid_uint31 "dritter"; isNormalUser = true; @@ -123,26 +116,6 @@ with import <stockholm/lib>; localAddress = "10.233.2.2"; }; } - { - #onondaga - systemd.services."container@onondaga".reloadIfChanged = mkForce false; - containers.onondaga = { - config = { ... }: { - imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ]; - environment.systemPackages = [ pkgs.git ]; - services.openssh.enable = true; - users.users.root.openssh.authorizedKeys.keys = [ - config.krebs.users.lass.pubkey - config.krebs.users.nin.pubkey - ]; - }; - autoStart = true; - enableTun = true; - privateNetwork = true; - hostAddress = "10.233.2.5"; - localAddress = "10.233.2.6"; - }; - } <stockholm/lass/2configs/exim-smarthost.nix> <stockholm/lass/2configs/ts3.nix> <stockholm/lass/2configs/privoxy-retiolum.nix> @@ -263,8 +236,6 @@ with import <stockholm/lib>; } { users.users.download.openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos" - config.krebs.users.palo.pubkey ]; } { @@ -382,6 +353,9 @@ with import <stockholm/lib>; lass.pubkey lass-android.pubkey makefu.pubkey + palo.pubkey + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos" + "AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki11:15 <Profpatsch> AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki" ]; }; }; diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix index 9bb31191c..e41c9bd1e 100644 --- a/lass/1systems/shodan/config.nix +++ b/lass/1systems/shodan/config.nix @@ -19,23 +19,14 @@ with import <stockholm/lib>; <stockholm/lass/2configs/ssh-cryptsetup.nix> <stockholm/lass/2configs/nfs-dl.nix> <stockholm/lass/2configs/gg23.nix> + <stockholm/lass/2configs/hass> <stockholm/lass/2configs/br.nix> + <stockholm/lass/2configs/fetchWallpaper.nix> + <stockholm/lass/2configs/home-media.nix> ]; krebs.build.host = config.krebs.hosts.shodan; - #media center - users.users.media = { - isNormalUser = true; - uid = genid_uint31 "media"; - extraGroups = [ "video" "audio" ]; - }; - - services.xserver.displayManager.lightdm.autoLogin = { - enable = true; - user = "media"; - }; - services.logind.lidSwitch = "ignore"; services.logind.lidSwitchDocked = "ignore"; diff --git a/lass/1systems/uriel/config.nix b/lass/1systems/uriel/config.nix index 3eddcfc52..b50dc63f5 100644 --- a/lass/1systems/uriel/config.nix +++ b/lass/1systems/uriel/config.nix @@ -12,6 +12,7 @@ with import <stockholm/lib>; i18n.defaultLocale ="de_DE.UTF-8"; time.timeZone = "Europe/Berlin"; services.xserver.enable = true; + services.xserver.libinput.enable = false; users.users.locke = { uid = genid "locke"; home = "/home/locke"; diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 52d694c46..1185be9d4 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -71,12 +71,14 @@ in { gitAndTools.qgit git-preview gnome3.dconf + iodine lm_sensors ncdu nix-index nix-review nmap pavucontrol + ponymix powertop rxvt_unicode-with-plugins sxiv @@ -112,7 +114,7 @@ in { xkbOptions = "caps:escape"; libinput.enable = true; displayManager.lightdm.enable = true; - windowManager.default = "xmonad"; + displayManager.defaultSession = "none+xmonad"; windowManager.session = [{ name = "xmonad"; start = '' diff --git a/lass/2configs/blue.nix b/lass/2configs/blue.nix index aad8411b1..a4000cada 100644 --- a/lass/2configs/blue.nix +++ b/lass/2configs/blue.nix @@ -19,6 +19,7 @@ with (import <stockholm/lib>); ]; services.tor.enable = true; + services.tor.client.enable = true; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-i retiolum -p udp --dport 60000:61000"; target = "ACCEPT";} diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 08a226e6d..82839beba 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -113,6 +113,8 @@ ]; in { + environment.systemPackages = [ pkgs.review-mail-queue ]; + krebs.exim-smarthost = { enable = true; dkim = [ diff --git a/lass/2configs/gg23.nix b/lass/2configs/gg23.nix index b23494b28..3d4c1e306 100644 --- a/lass/2configs/gg23.nix +++ b/lass/2configs/gg23.nix @@ -20,12 +20,13 @@ with import <stockholm/lib>; } ''; machines = [ - { ethernetAddress = "c8:3d:d4:2c:40:ae"; hostName = "tv"; ipAddress = "10.42.0.3"; } + { ethernetAddress = "a8:a6:48:65:ce:4c"; hostName = "tv"; ipAddress = "10.42.0.3"; } { ethernetAddress = "3c:2a:f4:22:28:37"; hostName = "drucker"; ipAddress = "10.42.0.4"; } - { ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-bett"; ipAddress = "10.42.0.10"; } + { ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-tv"; ipAddress = "10.42.0.10"; } { ethernetAddress = "80:7d:3a:68:04:f0"; hostName = "s20-drucker"; ipAddress = "10.42.0.11"; } - { ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-kueche"; ipAddress = "10.42.0.12"; } + { ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-wasch"; ipAddress = "10.42.0.12"; } { ethernetAddress = "80:7d:3a:67:bb:69"; hostName = "s20-stereo"; ipAddress = "10.42.0.13"; } + { ethernetAddress = "ec:b5:fa:07:78:16"; hostName = "hue-bridge"; ipAddress = "10.42.0.21"; } { ethernetAddress = "80:8d:b7:c5:80:dc"; hostName = "arubaAP"; ipAddress = "10.42.0.99"; } ]; }; @@ -45,9 +46,6 @@ with import <stockholm/lib>; boot.kernel.sysctl."net.ipv4.ip_forward" = 1; krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass - { predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass - { predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto { predicate = "-i int0 -p udp --dport 53"; target = "ACCEPT"; } # dns ]; krebs.iptables.tables.filter.FORWARD.rules = [ @@ -62,72 +60,5 @@ with import <stockholm/lib>; krebs.iptables.tables.nat.POSTROUTING.rules = [ { v6 = false; predicate = "-s 10.42.0.0/24 ! -d 10.42.0.0/24"; target = "MASQUERADE"; } ]; - - services.home-assistant = let - tasmota_s20 = name: topic: { - platform = "mqtt"; - inherit name; - state_topic = "stat/${topic}/POWER"; - command_topic = "cmnd/${topic}/POWER"; - payload_on = "ON"; - payload_off = "OFF"; - }; - in { - enable = true; - package = pkgs.home-assistant.override { - #extraComponents = [ - # (pkgs.fetchgit { - # url = "https://github.com/marcschumacher/dwd_pollen"; - # rev = "0.1"; - # sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymllz2p"; - # }) - #]; - }; - config = { - homeassistant = { - name = "Home"; time_zone = "Europe/Berlin"; - latitude = "48.7687"; - longitude = "9.2478"; - elevation = 247; - }; - sun.elevation = 66; - discovery = {}; - frontend = { }; - mqtt = { - broker = "localhost"; - port = 1883; - client_id = "home-assistant"; - username = "gg23"; - password = "gg23-mqtt"; - keepalive = 60; - protocol = 3.1; - }; - sensor = [ - ]; - switch = [ - (tasmota_s20 "Drucker Strom" "drucker") - (tasmota_s20 "Bett Licht" "bett") - (tasmota_s20 "Kueche Licht" "kueche") - ]; - device_tracker = [ - { - platform = "luci"; - } - ]; - }; - }; - - services.mosquitto = { - enable = true; - host = "0.0.0.0"; - allowAnonymous = false; - checkPasswords = true; - users.gg23 = { - password = "gg23-mqtt"; - acl = [ "topic readwrite #" ]; - }; - }; - environment.systemPackages = [ pkgs.mosquitto ]; - } diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix new file mode 100644 index 000000000..639ba3d3f --- /dev/null +++ b/lass/2configs/hass/default.nix @@ -0,0 +1,106 @@ +{ config, lib, pkgs, ... }: +with import ./lib.nix { inherit lib; }; + +{ + imports = [ + ./zigbee.nix + ./rooms/bett.nix + ./rooms/essen.nix + ./rooms/nass.nix + ]; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto + { predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto + { predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass + { predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass + ]; + + services.home-assistant = { + enable = true; + package = pkgs.home-assistant.override { + # extraComponents = [ "hue" ]; + }; + configWritable = true; + }; + + lass.hass.config = let + tasmota_s20 = name: topic: { + platform = "mqtt"; + inherit name; + state_topic = "stat/${topic}/POWER"; + command_topic = "cmnd/${topic}/POWER"; + payload_on = "ON"; + payload_off = "OFF"; + }; + in { + homeassistant = { + name = "Home"; + time_zone = "Europe/Berlin"; + latitude = "52.46187"; + longitude = "13.41489"; + elevation = 90; + unit_system = "metric"; + customize = friendly_names; + }; + config = {}; + sun.elevation = 66; + discovery = {}; + frontend = {}; + mqtt = { + broker = "localhost"; + port = 1883; + client_id = "home-assistant"; + username = "gg23"; + password = "gg23-mqtt"; + keepalive = 60; + protocol = 3.1; + + discovery = true; + birth_message = { + topic = "/hass/status"; + payload = "online"; + }; + will_message = { + topic = "/hass/status"; + payload = "offline"; + }; + }; + sensor = [ + { + platform = "dwd_weather_warnings"; + region_name = "Berlin"; + } + ]; + switch = [ + (tasmota_s20 "TV" "tv") + (tasmota_s20 "Drucker Strom" "drucker") + (tasmota_s20 "Waschmaschine" "wasch") + (tasmota_s20 "Stereo Anlage" "stereo") + ]; + mobile_app = {}; + hue = {}; + weather = [ + { + platform = "openweathermap"; + api_key = "xxx"; # TODO put into secrets + } + ]; + system_health = {}; + history = {}; + shopping_list = {}; + }; + + services.mosquitto = { + enable = true; + host = "0.0.0.0"; + allowAnonymous = false; + checkPasswords = true; + users.gg23 = { + password = "gg23-mqtt"; + acl = [ "topic readwrite #" ]; + }; + }; + + environment.systemPackages = [ pkgs.mosquitto ]; +} diff --git a/lass/2configs/hass/lib.nix b/lass/2configs/hass/lib.nix new file mode 100644 index 000000000..555cfae28 --- /dev/null +++ b/lass/2configs/hass/lib.nix @@ -0,0 +1,263 @@ +{ lib, ... }: +rec { + lights = { + bett = "0x0017880106ed3bd8"; + essen = "0x0017880108327622"; + arbeit = "0x0017880106ee2865"; + nass = "0x00178801082e9f2f"; + }; + + switches = { + dimmer = { + bett = "0x00178801086ac38c"; + essen = "0x00178801086ad1fb"; + nass = "0x00178801086ac373"; + }; + }; + + sensors = { + movement = { + essen = "0x0017880106f772f2"; + nass = "0x0017880106f77f30"; + }; + }; + + friendly_names = + lib.mapAttrs' (n: v: lib.nameValuePair "light.${v}_light" { friendly_name = "l.${n}"; }) lights // + lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "s.${n}_up"; }) switches.dimmer // + lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "i.${n}_up"; }) sensors.movement // + lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "l.${n}_up"; }) lights // + lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_linkquality" { friendly_name = "s.${n}_link"; }) switches.dimmer // + lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_linkquality" { friendly_name = "i.${n}_link"; }) sensors.movement // + lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_linkquality" { friendly_name = "l.${n}_link"; }) lights // + lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_battery" { friendly_name = "s.${n}_bat"; }) switches.dimmer // + lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_battery" { friendly_name = "i.${n}_bat"; }) sensors.movement // + lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_action" { friendly_name = "s.${n}_act"; }) switches.dimmer // + lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_occupancy" { friendly_name = "i.${n}_move"; }) sensors.movement // + lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_occupancy" { friendly_name = "i.${n}_move"; }) sensors.movement // + lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_temperature" { friendly_name = "i.${n}_heat"; }) sensors.movement // + lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_temperature" { friendly_name = "i.${n}_heat"; }) sensors.movement // + lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_illuminance" { friendly_name = "i.${n}_lux"; }) sensors.movement // + lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_illuminance" { friendly_name = "i.${n}_lux"; }) sensors.movement // + {}; + + detect_movement = sensor: light: delay: + let + id = "${sensor}_${light}"; + sensor_ = "binary_sensor.${sensor}_occupancy"; + light_ = "light.${light}_light"; + in { + input_boolean."${id}" = { + }; + timer."${id}" = { + duration = delay; + }; + automation = [ + # { + # alias = "debug detect_movement"; + # trigger = { + # platform = "state"; + # entity_id = sensor_; + # }; + # action = [ + # { + # service = "system_log.write"; + # data_template = { + # message = "XXXXXXXXXXXXXXXXXXXXXX {{ states('input_boolean.${sensor}_${light}_triggered') == 'on' }}"; + # #message = "XXXXXXXXXXXXXXXXXXXXXX {{ state_attr('trigger.to_state.state', 'illuminance') }}"; + # }; + # } + # ]; + # } + { + alias = "movement reset timer ${id}"; + hide_entity = true; + trigger = { + platform = "state"; + entity_id = sensor_; + from = "off"; + to = "on"; + }; + action = [ + { + service = "timer.cancel"; + data_template.entity_id = "timer.${id}"; + } + ]; + } + { + alias = "movement on ${id}"; + # hide_entity = true; + trigger = { + platform = "state"; + entity_id = "binary_sensor.${sensor}_occupancy"; + from = "off"; + to = "on"; + }; + condition = { + condition = "and"; + conditions = [ + { + condition = "template"; + value_template = "{{ trigger.to_state.attributes.illuminance < 13000 }}"; + } + { + condition = "template"; + value_template = "{{ states('${light_}') == 'off' }}"; + } + ]; + }; + action = [ + { + service = "light.turn_on"; + data_template = { + entity_id = light_; + brightness = "100"; + }; + } + { delay = "0:00:02"; } + { + service = "input_boolean.turn_on"; + data_template.entity_id = "input_boolean.${id}"; + } + ]; + } + { + alias = "movement off ${id}"; + hide_entity = true; + trigger = { + platform = "state"; + entity_id = sensor_; + from = "on"; + to = "off"; + }; + condition = { + condition = "template"; + value_template = "{{ states('input_boolean.${id}') == 'on' }}"; + }; + action = [ + { + service = "timer.start"; + entity_id = "timer.${id}"; + } + ]; + } + { + alias = "movement override ${id}"; + hide_entity = true; + trigger = { + platform = "state"; + entity_id = light_; + }; + action = [ + { + service = "input_boolean.turn_off"; + data_template.entity_id = "input_boolean.${id}"; + } + { + service = "system_log.write"; + data_template = { + message = "XXXXXXXXXXXXXXXXXXXXXX {{ trigger }}"; + }; + } + ]; + } + { + alias = "movement expired ${id}"; + hide_entity = true; + trigger = { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.${id}"; + }; + action = [ + { + service = "light.turn_off"; + data_template = { + entity_id = light_; + }; + } + { + service = "input_boolean.turn_off"; + data_template.entity_id = "input_boolean.${id}"; + } + ]; + } + ]; + }; + + lightswitch = switch: light: { + automation = [ + { + alias = "lightswitch ${switch} turn on light ${light}"; + hide_entity = "true"; + trigger = { + platform = "mqtt"; + topic = "zigbee/${switch}"; + }; + condition = { + condition = "or"; + conditions = [ + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'on-press' }}"; + } + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'up-press' }}"; + } + { + condition = "and"; + conditions = [ + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'down-press' }}"; + } + { + condition = "template"; + value_template = "{{ trigger.payload_json.brightness > 30 }}"; + } + ]; + } + ]; + }; + action = [ + { + service = "light.turn_on"; + data_template = { + entity_id = "light.${light}_light"; + brightness = "{{ trigger.payload_json.brightness }}"; + }; + } + ]; + } + { + alias = "lightswitch ${switch} turn off light ${light}"; + hide_entity = "true"; + trigger = { + platform = "mqtt"; + topic = "zigbee/${switch}"; + }; + condition = { + condition = "or"; + conditions = [ + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'off-press' }}"; + } + { + condition = "template"; + value_template = "{{ trigger.payload_json.brightness < 30 }}"; + } + ]; + }; + action = { + service = "light.turn_off"; + data_template = { + entity_id = "light.${light}_light"; + }; + }; + } + ]; + }; +} diff --git a/lass/2configs/hass/rooms/bett.nix b/lass/2configs/hass/rooms/bett.nix new file mode 100644 index 000000000..b5da9221c --- /dev/null +++ b/lass/2configs/hass/rooms/bett.nix @@ -0,0 +1,8 @@ +{ lib, ... }: +with import ../lib.nix { inherit lib; }; + +{ + lass.hass.config = lib.mkMerge [ + (lightswitch switches.dimmer.bett lights.bett) + ]; +} diff --git a/lass/2configs/hass/rooms/essen.nix b/lass/2configs/hass/rooms/essen.nix new file mode 100644 index 000000000..f74996154 --- /dev/null +++ b/lass/2configs/hass/rooms/essen.nix @@ -0,0 +1,9 @@ +{ lib, ... }: +with import ../lib.nix { inherit lib; }; + +{ + lass.hass.config = lib.mkMerge [ + (detect_movement sensors.movement.essen lights.essen 10) + (lightswitch switches.dimmer.essen lights.essen) + ]; +} diff --git a/lass/2configs/hass/rooms/nass.nix b/lass/2configs/hass/rooms/nass.nix new file mode 100644 index 000000000..163f4fc48 --- /dev/null +++ b/lass/2configs/hass/rooms/nass.nix @@ -0,0 +1,10 @@ +{ lib, ... }: +with import ../lib.nix { inherit lib; }; + +{ + lass.hass.config = lib.mkMerge [ + (detect_movement sensors.movement.nass lights.nass 100) + (lightswitch switches.dimmer.nass lights.nass) + ]; +} + diff --git a/lass/2configs/hass/zigbee.nix b/lass/2configs/hass/zigbee.nix new file mode 100644 index 000000000..6d091066e --- /dev/null +++ b/lass/2configs/hass/zigbee.nix @@ -0,0 +1,151 @@ +{config, pkgs, lib, ...}: let + + zigbee2mqtt_cfg = pkgs.writeText "zigbee2mqtt.json" (builtins.toJSON { + homeassistant = true; + permit_join = false; + mqtt = { + discovery = true; + base_topic = "zigbee"; + server = "mqtt://10.42.0.1"; + user = "gg23"; + password = "gg23-mqtt"; + }; + serial.port = "/dev/cc2531"; + }); + +in { + # symlink the zigbee controller + services.udev.extraRules = '' + SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dailout" + ''; + + system.activationScripts.installZigbee = '' + install -d /var/lib/zigbee2mqtt + install ${zigbee2mqtt_cfg} /var/lib/zigbee2mqtt/configuration.yaml + ''; + + # hack to restart docker container on config change + systemd.services.docker-zigbee2mqtt.environment.cfg = zigbee2mqtt_cfg; + + docker-containers.zigbee2mqtt = { + image = "koenkk/zigbee2mqtt"; + extraDockerOptions = [ + "--device=/dev/cc2531:/dev/cc2531" + ]; + volumes = ["/var/lib/zigbee2mqtt:/app/data"]; + }; + + lass.hass.config = { + sensor = [ + # Sensor for monitoring the bridge state + { + platform = "mqtt"; + name = "Zigbee2mqtt Bridge state"; + state_topic = "/zigbee2mqtt/bridge/state"; + icon = "mdi:router-wireless"; + } + # Sensor for Showing the Zigbee2mqtt Version + { + platform = "mqtt"; + name = "Zigbee2mqtt Version"; + state_topic = "/zigbee2mqtt/bridge/config"; + value_template = "{{ value_json.version }}"; + icon = "mdi:zigbee"; + } + # Sensor for Showing the Coordinator Version + { + platform = "mqtt"; + name = "Coordinator Version"; + state_topic = "/zigbee2mqtt/bridge/config"; + value_template = "{{ value_json.coordinator }}"; + icon = "mdi:chip"; + } + ]; + switch = [ + { + platform = "mqtt"; + name = "zigbee2mqtt_join"; + state_topic = "/zigbee2mqtt/bridge/config/permit_join"; + command_topic = "/zigbee2mqtt/bridge/config/permit_join"; + payload_on = "true"; + payload_off = "false"; + } + ]; + automation = [ + #{ + # alias = "Zigbee2mqtt Log Level"; + # initial_state = "on"; + # trigger = { + # platform = "state"; + # entity_id = "input_select.zigbee2mqtt_log_level"; + # }; + # action = [ + # { + # service = "mqtt.publish"; + # data = { + # payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}"; + # topic = "/zigbee2mqtt/bridge/config/log_level"; + # }; + # } + # ]; + #} + # Automation to start timer when enable join is turned on + { + id = "zigbee_join_enabled"; + alias = ""; + hide_entity = "true"; + trigger = { + platform = "state"; + entity_id = "switch.zigbee2mqtt_join"; + to = "on"; + }; + action = { + service = "timer.start"; + entity_id = "timer.zigbee_permit_join"; + }; + } + # Automation to stop timer when switch turned off and turn off switch when timer finished + { + id = "zigbee_join_disabled"; + hide_entity = "true"; + trigger = [ + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.zigbee_permit_join"; + } + { + platform = "state"; + entity_id = "switch.zigbee2mqtt_join"; + to = "off"; + } + ]; + action = [ + { service = "timer.cancel"; + data.entity_id = "timer.zigbee_permit_join"; + } + { service = "switch.turn_off"; + entity_id = "switch.zigbee2mqtt_join"; + } + ]; + } + ]; + #input_select.zigbee2mqtt_log_level = { + # name = "Zigbee2mqtt Log Level"; + # options = [ + # "debug" + # "info" + # "warn" + # "error" + # ]; + # initial = "info"; + # icon = "mdi:format-list-bulleted"; + #}; + + timer.zigbee_permit_join = { + name = "Zigbee Time remaining"; + duration = 120; + }; + }; +} + diff --git a/lass/2configs/home-media.nix b/lass/2configs/home-media.nix new file mode 100644 index 000000000..7e10aed34 --- /dev/null +++ b/lass/2configs/home-media.nix @@ -0,0 +1,23 @@ +with import <stockholm/lib>; +{ pkgs, ... }: +{ + users.users.media = { + isNormalUser = true; + uid = genid_uint31 "media"; + extraGroups = [ "video" "audio" ]; + }; + + services.xserver.displayManager.lightdm.autoLogin = { + enable = true; + user = "media"; + }; + + hardware.pulseaudio.configFile = pkgs.writeText "pulse.pa" '' + .include ${pkgs.pulseaudioFull}/etc/pulse/default.pa + load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1;10.42.0.0/24 auth-anonymous=1 + ''; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 4713"; target = "ACCEPT"; } # pulseaudio + ]; +} diff --git a/lass/2configs/network-manager.nix b/lass/2configs/network-manager.nix index ab27eb841..b41cc7ac8 100644 --- a/lass/2configs/network-manager.nix +++ b/lass/2configs/network-manager.nix @@ -2,18 +2,6 @@ { networking.wireless.enable = lib.mkForce false; - systemd.services.modemmanager = { - description = "ModemManager"; - after = [ "network-manager.service" ]; - bindsTo = [ "network-manager.service" ]; - wantedBy = [ "network-manager.service" ]; - serviceConfig = { - ExecStart = "${pkgs.modemmanager}/bin/ModemManager"; - PrivateTmp = true; - Restart = "always"; - RestartSec = "5"; - }; - }; networking.networkmanager = { ethernet.macAddress = "random"; wifi.macAddress = "random"; @@ -26,7 +14,11 @@ users.users.mainUser = { extraGroups = [ "networkmanager" ]; packages = with pkgs; [ - gnome3.gnome_keyring gnome3.dconf + gnome3.gnome_keyring + gnome3.dconf ]; }; + environment.systemPackages = [ + pkgs.nm-dmenu + ]; } diff --git a/lass/2configs/ppp.nix b/lass/2configs/ppp.nix new file mode 100644 index 000000000..9cc7568a5 --- /dev/null +++ b/lass/2configs/ppp.nix @@ -0,0 +1,32 @@ +{ pkgs, ... }: { + + # usage: pppd call default + + environment.etc."ppp/peers/default".text = '' + /dev/ttyACM2 + 921600 + crtscts + defaultroute + holdoff 10 + lock + maxfail 0 + noauth + nodetach + noipdefault + passive + persist + usepeerdns + connect "${pkgs.ppp}/bin/chat -f ${pkgs.writeText "default.chat" '' + ABORT "BUSY" + ABORT "NO CARRIER" + REPORT CONNECT + "" "ATDT*99#" + CONNECT + ''}" + ''; + + environment.systemPackages = [ + pkgs.ppp + ]; + +} diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index c4c4b0abb..6245691fe 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -12,7 +12,7 @@ let music_dir = "/home/radio/music"; add_random = pkgs.writeDashBin "add_random" '' - ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" | grep '\.ogg$' | shuf -n1 | sed 's,${music_dir}/,,')" + ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" | grep -v '/other/' | grep '\.ogg$' | shuf -n1 | sed 's,${music_dir}/,,')" ''; skip_track = pkgs.writeBashBin "skip_track" '' @@ -44,15 +44,41 @@ let if [[ "$current_track" =~ ^the_playlist/music/.* ]]; then ${pkgs.attr}/bin/setfattr -n user.skip_count -v 0 "$music_dir"/"$current_track" else - mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/music/ + mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/music/ || : fi - echo good: "$track_infos" + echo good: "$track_infos" + ''; + + track_youtube_link = pkgs.writeDash "track_youtube_link" '' + ${pkgs.mpc_cli}/bin/mpc current -f %file% \ + | ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@https://www.youtube.com/watch?v=\1@' ''; print_current = pkgs.writeDashBin "print_current" '' echo "$(${pkgs.mpc_cli}/bin/mpc current -f %file%) \ - $(${pkgs.mpc_cli}/bin/mpc current -f %file% \ - | ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@http://www.youtube.com/watch?v=\1@')" + $(${track_youtube_link})" + ''; + + print_current_json = pkgs.writeDashBin "print_current_json" '' + ${pkgs.jq}/bin/jq -n -c \ + --arg name "$(${pkgs.mpc_cli}/bin/mpc current)" \ + --arg filename "$(${pkgs.mpc_cli}/bin/mpc current -f %file%)" \ + --arg youtube "$(${track_youtube_link})" '{ + name: $name, + filename: $filename, + youtube: $youtube + }' + ''; + + write_to_irc = pkgs.writeDash "write_to_irc" '' + ${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \ + -H content-type:application/json \ + -d "$(${pkgs.jq}/bin/jq -n \ + --arg text "$1" '{ + command:"PRIVMSG", + params:["#the_playlist",$text] + }' + )" ''; in { @@ -81,6 +107,7 @@ in { good_track skip_track print_current + print_current_json ncmpcpp mpc_cli ]; @@ -146,6 +173,7 @@ in { tables = { filter.INPUT.rules = [ { predicate = "-p tcp --dport 8000"; target = "ACCEPT"; } + { predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; } ]; }; }; @@ -195,6 +223,7 @@ in { done | while read track; do echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE" echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE" + ${write_to_irc} "playing: $track" done ''; in { @@ -206,6 +235,7 @@ in { serviceConfig = { ExecStart = recentlyPlayed; + User = "radio"; }; }; @@ -218,6 +248,7 @@ in { useTLS = true; nick = "the_playlist"; username = "radio"; + API.listen = "unix:/home/radio/reaktor.sock"; plugins = [ { plugin = "register"; @@ -259,6 +290,42 @@ in { ]; }; + krebs.htgen.radio = { + port = 8001; + user = { + name = "radio"; + }; + script = '' + case "$Method $Request_URI" in + "GET /current") + printf 'HTTP/1.1 200 OK\r\n' + printf 'Connection: close\r\n' + printf '\r\n' + ${print_current_json}/bin/print_current_json + exit + ;; + "POST /skip") + printf 'HTTP/1.1 200 OK\r\n' + printf 'Connection: close\r\n' + printf '\r\n' + msg=$(${skip_track}/bin/skip_track) + ${write_to_irc} "$msg" + echo "$msg" + exit + ;; + "POST /good") + printf 'HTTP/1.1 200 OK\r\n' + printf 'Connection: close\r\n' + printf '\r\n' + msg=$(${good_track}/bin/good_track) + ${write_to_irc} "$msg" + echo "$msg" + exit + ;; + esac + ''; + }; + services.nginx = { enable = true; virtualHosts."radio.lassul.us" = { diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 901fecfb2..baeac213b 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -13,6 +13,8 @@ in { ]; security.acme = { + email = "acme@lassul.us"; + acceptTerms = true; certs."lassul.us" = { allowKeysForGroup = true; group = "lasscert"; @@ -72,11 +74,6 @@ in { security.acme.certs."cgit.lassul.us" = { email = "lassulus@lassul.us"; webroot = "/var/lib/acme/acme-challenge"; - plugins = [ - "account_key.json" - "fullchain.pem" - "key.pem" - ]; group = "nginx"; user = "nginx"; }; diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 90dcb9d9c..f6179c394 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -4,6 +4,7 @@ _: ./dnsmasq.nix ./ejabberd ./folderPerms.nix + ./hass.nix ./hosts.nix ./mysql-backup.nix ./news.nix @@ -11,7 +12,6 @@ _: ./pyload.nix ./restic.nix ./screenlock.nix - ./umts.nix ./usershadow.nix ./xjail.nix ./autowifi.nix diff --git a/lass/3modules/hass.nix b/lass/3modules/hass.nix new file mode 100644 index 000000000..30158e78a --- /dev/null +++ b/lass/3modules/hass.nix @@ -0,0 +1,34 @@ +{ config, lib, pkgs, ... }: +with import <stockholm/lib>; +let + + cfg = config.lass.hass; + +in { + options.lass.hass = { + config = mkOption { + default = {}; + type = with lib.types; let + valueType = nullOr (oneOf [ + bool + int + float + str + (attrsOf valueType) + (listOf valueType) + ]) // { + description = "Yaml value"; + emptyValue.value = {}; + }; + in valueType; + }; + }; + + config = + assert versionOlder version "20.09"; + mkIf (cfg.config != {}) + { + services.home-assistant.config = cfg.config; + }; +} + diff --git a/lass/3modules/umts.nix b/lass/3modules/umts.nix deleted file mode 100644 index 207278440..000000000 --- a/lass/3modules/umts.nix +++ /dev/null @@ -1,112 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; - -let - cfg = config.lass.umts; - - out = { - options.lass.umts = api; - config = lib.mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "umts"; - modem = mkOption { - type = types.str; - default = "/dev/ttyUSB0"; - }; - initstrings = mkOption { - type = types.str; - default = '' - Init1 = ATZ - Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 - ''; - }; - username = mkOption { - type = types.str; - default = "default"; - }; - password = mkOption { - type = types.str; - default = "default"; - }; - pppDefaults = mkOption { - type = types.str; - default = '' - noipdefault - usepeerdns - defaultroute - persist - noauth - ''; - }; - }; - - nixpkgs-1509 = import (pkgs.fetchFromGitHub { - owner = "NixOS"; repo = "nixpkgs-channels"; - rev = "91371c2bb6e20fc0df7a812332d99c38b21a2bda"; - sha256 = "1as1i0j9d2n3iap9b471y4x01561r2s3vmjc5281qinirlr4al73"; - }) {}; - - wvdial = nixpkgs-1509.wvdial; # https://github.com/NixOS/nixpkgs/issues/16113 - - umts-bin = pkgs.writeScriptBin "umts" '' - #!/bin/sh - set -euf - systemctl start umts - trap "systemctl stop umts;trap - INT TERM EXIT;exit" INT TERM EXIT - echo nameserver 8.8.8.8 | tee -a /etc/resolv.conf - journalctl -xfu umts - ''; - - wvdial-defaults = '' - [Dialer Defaults] - Modem = ${cfg.modem} - ${cfg.initstrings} - Modem Type = Analog Modem - Baud = 460800 - phone= *99# - Username = ${cfg.username} - Password = ${cfg.password} - Stupid Mode = 1 - Idle Seconds = 0 - PPPD Path = ${pkgs.ppp}/bin/pppd - ''; - - imp = { - environment.shellAliases = { - umts = "sudo ${umts-bin}/bin/umts"; - }; - - environment.systemPackages = [ - pkgs.ppp - ]; - - security.sudo.extraConfig = '' - lass ALL= (root) NOPASSWD: ${umts-bin}/bin/umts - ''; - - environment.etc = [ - { - source = pkgs.writeText "wvdial.conf" wvdial-defaults; - target = "wvdial.conf"; - } - { - source = pkgs.writeText "wvdial" cfg.pppDefaults; - target = "ppp/peers/wvdial"; - } - ]; - - systemd.services.umts = { - description = "UMTS wvdial Service"; - serviceConfig = { - Type = "simple"; - Restart = "always"; - RestartSec = "10s"; - ExecStart = "${wvdial}/bin/wvdial -n"; - }; - }; - }; - -in out diff --git a/lass/3modules/xjail.nix b/lass/3modules/xjail.nix index f6ce7ccc9..37f90ee1c 100644 --- a/lass/3modules/xjail.nix +++ b/lass/3modules/xjail.nix @@ -6,11 +6,11 @@ with import <stockholm/lib>; type = types.attrsOf (types.submodule ({ config, ...}: { options = { name = mkOption { - type = types.string; + type = types.str; default = config._module.args.name; }; user = mkOption { - type = types.string; + type = types.str; default = config.name; }; groups = mkOption { @@ -18,11 +18,11 @@ with import <stockholm/lib>; default = []; }; from = mkOption { - type = types.string; + type = types.str; default = "lass"; }; display = mkOption { - type = types.string; + type = types.str; default = toString (genid_uint31 config._module.args.name); }; dpi = mkOption { @@ -47,7 +47,7 @@ with import <stockholm/lib>; }; wm = mkOption { #TODO find type - type = types.string; + type = types.str; default = "${pkgs.writeHaskellPackage "xephyrify-xmonad" { executables.xmonad = { extra-depends = [ diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix index c0aef513f..e1c45598f 100644 --- a/lass/5pkgs/custom/xmonad-lass/default.nix +++ b/lass/5pkgs/custom/xmonad-lass/default.nix @@ -1,16 +1,10 @@ { config, pkgs, ... }: -pkgs.writeHaskellPackage "xmonad-lass" { - executables.xmonad = { - extra-depends = [ - "containers" - "extra" - "unix" - "X11" - "xmonad" - "xmonad-contrib" - "xmonad-stockholm" - ]; - text = /* haskell */ '' +pkgs.writers.writeHaskellBin "xmonad" { + libraries = with pkgs.haskellPackages; [ + extra + xmonad-stockholm + ]; +} /* haskell */ '' {-# LANGUAGE LambdaCase #-} @@ -62,7 +56,7 @@ instance UrgencyHook LibNotifyUrgencyHook where safeSpawn "${pkgs.libnotify}/bin/notify-send" [show name, "workspace " ++ idx] myTerm :: FilePath -myTerm = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtc" +myTerm = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtc" myFont :: String myFont = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1" @@ -150,10 +144,7 @@ myKeyMap = , ("M4-<F2>", windows copyToAll) - , ("M4-<F4>", spawn "${pkgs.writeDash "nm-dmenu" '' - export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin - exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@" - ''}") + , ("M4-<F4>", spawn "${pkgs.nm-dmenu}/bin/nm-dmenu") , ("M4-<Insert>", spawn "${pkgs.writeDash "paste" '' ${pkgs.coreutils}/bin/sleep 0.1 ${pkgs.xclip}/bin/xclip -o | ${pkgs.xdotool}/bin/xdotool type -f - @@ -223,6 +214,4 @@ gridConfig = def allWorkspaceNames :: W.StackSet i l a sid sd -> X [i] allWorkspaceNames ws = return $ map W.tag (W.hidden ws ++ (map W.workspace $ W.visible ws)) ++ [W.tag $ W.workspace $ W.current ws] - ''; - }; -} +'' diff --git a/lass/5pkgs/emot-menu/default.nix b/lass/5pkgs/emot-menu/default.nix index d5d84e456..440e160d0 100644 --- a/lass/5pkgs/emot-menu/default.nix +++ b/lass/5pkgs/emot-menu/default.nix @@ -18,6 +18,9 @@ ζ | zeta (╯°□°)╯ ┻━┻ | table flip (」゜ロ゜)」 | why woot +(_゜_゜_) | gloom I see you +༼ ༎ຶ ෴ ༎ຶ༽ | sad +(\/) (°,,,,°) (\/) | krebs ''; in diff --git a/lass/5pkgs/nm-dmenu/default.nix b/lass/5pkgs/nm-dmenu/default.nix new file mode 100644 index 000000000..cb47bded3 --- /dev/null +++ b/lass/5pkgs/nm-dmenu/default.nix @@ -0,0 +1,6 @@ +{ pkgs, ... }: + +pkgs.writeDashBin "nm-dmenu" '' + export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin + exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@" +'' diff --git a/lass/5pkgs/review-mail-queue/default.nix b/lass/5pkgs/review-mail-queue/default.nix new file mode 100644 index 000000000..c8c66706c --- /dev/null +++ b/lass/5pkgs/review-mail-queue/default.nix @@ -0,0 +1,39 @@ +{ pkgs }: let + + review = pkgs.writers.writeBash "review-mail" '' + mail="$1" + ${pkgs.exim}/bin/exim -Mvc "$mail" | grep -E 'Subject:|To:' + ${pkgs.exim}/bin/exim -Mvl "$mail" + while :; do + read -p 'delete?' key + case "$key" in + v*) + ${pkgs.exim}/bin/exim -Mvc "$mail" + ;; + d*) + ${pkgs.exim}/bin/exim -Mrm "$mail" + break + ;; + r*) + ${pkgs.exim}/bin/exim -Mt "$mail" + break + ;; + n*) + break + ;; + esac + done + echo '-------------------' + echo '-------------------' + echo '-------------------' + echo '-------------------' + echo '-------------------' + ''; + +in pkgs.writers.writeBashBin "review-mail" '' + for mail in $(${pkgs.exim}/bin/exim -bp \ + | ${pkgs.gnugrep}/bin/grep frozen \ + | ${pkgs.gawk}/bin/awk '{print $3}'); do + ${review} "$mail" + done +'' diff --git a/lib/default.nix b/lib/default.nix index 14e6e27a3..5a948bbf3 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -49,6 +49,8 @@ let indent = replaceChars ["\n"] ["\n "]; + stripAttr = converge (filterAttrsRecursive (n: v: v != {} && v != null)); + mapNixDir = f: x: { list = foldl' mergeAttrs {} (map (mapNixDir1 f) x); path = mapNixDir1 f x; diff --git a/lib/types.nix b/lib/types.nix index ffae8c7bc..16ccb145e 100644 --- a/lib/types.nix +++ b/lib/types.nix @@ -7,7 +7,7 @@ let mkOptionType optional optionalAttrs optionals range splitString stringLength substring test testString typeOf; inherit (lib.types) - attrsOf bool either enum int listOf nullOr path str string submodule; + attrsOf bool either enum int listOf nullOr path str submodule; in rec { @@ -65,7 +65,7 @@ rec { extraZones = mkOption { default = {}; # TODO: string is either MX, NS, A or AAAA - type = attrsOf string; + type = attrsOf str; }; secure = mkOption { @@ -182,7 +182,7 @@ rec { extraConfig = mkOption { description = "Extra Configuration to be appended to the hosts file"; default = ""; - type = string; + type = str; }; port = mkOption { type = int; diff --git a/nin/0tests/dummysecrets/ssh.id_ed25519 b/makefu/0tests/data/secrets/ebk-notify.yml index e69de29bb..e69de29bb 100644 --- a/nin/0tests/dummysecrets/ssh.id_ed25519 +++ b/makefu/0tests/data/secrets/ebk-notify.yml diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 8603d7696..a38a671f4 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -108,7 +108,6 @@ in { ## network <stockholm/makefu/2configs/vpn/openvpn-server.nix> # <stockholm/makefu/2configs/vpn/vpnws/server.nix> - <stockholm/makefu/2configs/dnscrypt/server.nix> <stockholm/makefu/2configs/binary-cache/server.nix> <stockholm/makefu/2configs/backup/server.nix> <stockholm/makefu/2configs/iodined.nix> @@ -137,9 +136,11 @@ in { <stockholm/makefu/2configs/deployment/owncloud.nix> <stockholm/makefu/2configs/deployment/board.euer.krebsco.de.nix> <stockholm/makefu/2configs/deployment/rss.euer.krebsco.de.nix> + <stockholm/makefu/2configs/deployment/feed.euer.krebsco.de> <stockholm/makefu/2configs/deployment/boot-euer.nix> <stockholm/makefu/2configs/deployment/gecloudpad> <stockholm/makefu/2configs/deployment/docker/archiveteam-warrior.nix> + <stockholm/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix> <stockholm/makefu/2configs/shiori.nix> <stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix> diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 37fb9128d..cfe0d0a3f 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -26,6 +26,10 @@ in { # <stockholm/makefu/2configs/disable_v6.nix> #<stockholm/makefu/2configs/graphite-standalone.nix> #<stockholm/makefu/2configs/share-user-sftp.nix> + + <stockholm/makefu/2configs/urlwatch> + <stockholm/makefu/2configs/legacy_only.nix> + <stockholm/makefu/2configs/share/omo.nix> <stockholm/makefu/2configs/dcpp/airdcpp.nix> { krebs.airdcpp.dcpp.shares = let @@ -125,16 +129,16 @@ in { zramSwap.enable = true; - krebs.Reaktor.reaktor-shack = { - nickname = "Reaktor|shack"; - workdir = "/var/lib/Reaktor/shack"; - channels = [ "#shackspace" ]; - plugins = with pkgs.ReaktorPlugins; - [ shack-correct - # stockholm-issue - sed-plugin - random-emoji ]; - }; + #krebs.Reaktor.reaktor-shack = { + # nickname = "Reaktor|shack"; + # workdir = "/var/lib/Reaktor/shack"; + # channels = [ "#shackspace" ]; + # plugins = with pkgs.ReaktorPlugins; + # [ shack-correct + # # stockholm-issue + # sed-plugin + # random-emoji ]; + #}; #krebs.Reaktor.reaktor-bgt = { # nickname = "Reaktor|bgt"; # workdir = "/var/lib/Reaktor/bgt"; diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index 4c479875e..4e6706b25 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -19,7 +19,9 @@ <stockholm/makefu/2configs/tools/all.nix> { programs.adb.enable = true; } + { systemd.services.docker.wantedBy = lib.mkForce []; } <stockholm/makefu/2configs/dict.nix> + <stockholm/makefu/2configs/legacy_only.nix> #<stockholm/makefu/3modules/netboot_server.nix> #{ # netboot_server = { @@ -162,7 +164,11 @@ krebs.tinc.retiolum.connectTo = [ "omo" "prism" "nextgum" "wbob" ]; # hard dependency because otherwise the device will not be unlocked - boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }]; + boot.initrd.luks.devices.luksroot = + { + device = "/dev/sda2"; + allowDiscards = true; + }; # avoid full boot dir boot.loader.grub.configurationLimit = 3; diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix index 3c1659558..c115bcb6c 100644 --- a/makefu/2configs/bureautomation/default.nix +++ b/makefu/2configs/bureautomation/default.nix @@ -41,6 +41,7 @@ in { }; autoExtraComponents = true; config = { + config = {}; discovery = {}; homeassistant = { name = "Bureautomation"; diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 0cbb5efe7..0219e9bb7 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -30,7 +30,7 @@ with import <stockholm/lib>; }; nix.trustedUsers = [ config.krebs.build.user.name ]; - boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; + boot.kernelPackages = lib.mkDefault pkgs.linuxPackages; nixpkgs.config.allowUnfreePredicate = pkg: packageName pkg == "unrar"; @@ -85,4 +85,8 @@ with import <stockholm/lib>; RuntimeMaxUse=128M ''; environment.pathsToLink = [ "/share" ]; + security.acme = { + email = "letsencrypt@syntax-fehler.de"; + acceptTerms = true; + }; } diff --git a/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix b/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix new file mode 100644 index 000000000..a01f924e7 --- /dev/null +++ b/makefu/2configs/deployment/docker/etherpad.euer.krebsco.de.nix @@ -0,0 +1,39 @@ +{ lib, ... }: +let + port = 19201; +in { + #services.nginx.virtualHosts."euer.krebsco.de".serverAliases = [ "etherpad.euer.krebsco.de" ]; + services.nginx.virtualHosts."etherpad.euer.krebsco.de" = { + # useACMEHost = "euer.krebsco.de"; + enableACME = true; + forceSSL = true; + locations."/".proxyPass = "http://localhost:${toString port}"; + }; + docker-containers."etherpad-lite" = { + image = "makefoo/bgt-etherpad:2020-05-02.5"; + ports = [ "127.0.0.1:${toString port}:9001" ]; + volumes = [ + "/var/src/secrets/etherpad/apikey:/opt/etherpad-lite/APIKEY.txt" + "etherpad_data:/opt/etherpad-lite/var" # persistent dirtydb + ]; + # for postgres + #DB_TYPE=postgres + #DB_HOST=db.local + #DB_PORT=4321 + #DB_NAME=etherpad + #DB_USER=dbusername + #DB_PASS=mypassword + environment = { + # ADMIN_PASSWORD = "auf jeden fall nicht das echte admin passwort"; + SUPPRESS_ERRORS_IN_PAD_TEXT = "true"; + TITLE = "Binärgewitter Etherpad"; + SKIN_NAME = "no-skin"; + DEFAULT_PAD_TEXT = builtins.replaceStrings ["\n"] ["\\n"] (builtins.readFile ./template.md); + PAD_OPTIONS_USE_MONOSPACE_FONT = "true"; + PAD_OPTIONS_USER_NAME = "true"; + PAD_OPTIONS_USER_COLOR = "true"; + PAD_OPTIONS_CHAT_AND_USERS = "true"; + PAD_OPTIONS_LANG = "en-US"; + }; + }; +} diff --git a/makefu/2configs/deployment/docker/template.md b/makefu/2configs/deployment/docker/template.md new file mode 100644 index 000000000..a26b2f042 --- /dev/null +++ b/makefu/2configs/deployment/docker/template.md @@ -0,0 +1,33 @@ +# BGT<NUMBER> + +1. studio-link aufnehmen drücken (wichtig) + - markus 6407eb63@studio-link.de + - Felix1 1f1021b2@studio-link.de + - L33tFelix 4d47a82a@studio-link.de + - Ingo 03b33b4a@studio-link.de +2. audiocity starten, 48000Hz einstellen, Audio-Device checken und aufnehmen drücken (wichtig) +3. obs starten und aufnehmen drücken (eher unwichtig) +4. darkice starten (wichtig) +4. klatschen +5. Hallo und herzlich Willkommen + +## Vorschläge +### Backlog von Picks und Lesefoo aus der letzten Woche + +--- + +## Blast from the Past + +## Toter der Woche + +## Untoter der Woche + +## News + +## Themen + +## Mimimi der Woche + +## Lesefoo + +## Picks diff --git a/makefu/2configs/deployment/feed.euer.krebsco.de/default.nix b/makefu/2configs/deployment/feed.euer.krebsco.de/default.nix new file mode 100644 index 000000000..de072092b --- /dev/null +++ b/makefu/2configs/deployment/feed.euer.krebsco.de/default.nix @@ -0,0 +1,52 @@ +{ config, lib, pkgs, ... }: +let + filter-file = ./filter.yml; + pkg = with pkgs.python3Packages;buildPythonPackage rec { + version = "d16ce227dc68c9f60f6dd06e6835bab7cdfdf61b"; + pname = "ebk-notify"; + propagatedBuildInputs = [ + docopt + pyyaml + requests + beautifulsoup4 + dateutil + feedgen + ]; + src = pkgs.fetchgit { + url = "http://cgit.euer.krebsco.de/ebk-notify"; + rev = version; + sha256 = "15dlhp17alm01fw7mzdyh2z9zwz8psrs489lxs3hgg1p5wa0kzsp"; + }; + }; + domain = "feed.euer.krebsco.de"; + path = "/var/www/feed.euer.krebsco.de"; +in +{ + systemd.tmpfiles.rules = [ + "d ${path} nginx nogroup - -" + ]; + krebs.secret.files.ebknotify = { + path = "/etc/ebk-notify.yml"; + owner.name = "nginx"; + source-path = "${<secrets/ebk-notify.yml>}"; + }; + systemd.services.ebk-notify = { + startAt = "*:0/10"; + serviceConfig = { + User = "nginx"; # TODO better permission setting + # PrivateTmp = true; + ExecStart = "${pkg}/bin/ebk-notify --atom --outdir ${path} --config /etc/ebk-notify.yml --cache /tmp/ebk-cache.json --filter ${filter-file} --wait 30"; + }; + }; + systemd.timers.ebk-notify.timerConfig.RandomizedDelaySec = "120"; + services.nginx = { + virtualHosts."${domain}" = { + forceSSL = true; + enableACME = true; + locations."/" = { + root = path; + index = "root.atom"; + }; + }; + }; +} diff --git a/makefu/2configs/deployment/feed.euer.krebsco.de/filter.yml b/makefu/2configs/deployment/feed.euer.krebsco.de/filter.yml new file mode 100644 index 000000000..50058f32b --- /dev/null +++ b/makefu/2configs/deployment/feed.euer.krebsco.de/filter.yml @@ -0,0 +1,44 @@ +- name: Free Stuff by Category + zipcode: 70378 + distance: 2 + categoryId: 192 +- name: Kies + zipcode: 70378 + q: grobkies + distance: 2 +- name: pflanzkübel + zipcode: 70378 + q: Pflanzkübel + distance: 3 +- name: Ikea Samla + zipcode: 70378 + q: samla + distance: 5 +- name: Duplo + zipcode: 70378 + q: Duplo + distance: 10 +- name: Baby Gummistiefel + zipcode: 70378 + q: Gummistiefel + distance: 5 +- name: Werkbank + zipcode: 70378 + q: Werkbank + distance: 5 +- name: Stirnthermometer + zipcode: 70378 + q: Stirnthermometer + distance: 5 +- name: Ohrthermometer + zipcode: 70378 + q: Ohrthermometer + distance: 5 +- name: Fieberthermometer + zipcode: 70378 + q: Fieberthermometer + distance: 5 +- name: Einhell + zipcode: 70378 + q: Einhell + distance: 5 diff --git a/makefu/2configs/deployment/gecloudpad/default.nix b/makefu/2configs/deployment/gecloudpad/default.nix index e13ec6ae6..8b88626a3 100644 --- a/makefu/2configs/deployment/gecloudpad/default.nix +++ b/makefu/2configs/deployment/gecloudpad/default.nix @@ -4,12 +4,14 @@ let wsgi-sock = "${workdir}/uwsgi-gecloudpad.sock"; workdir = config.services.uwsgi.runDir; gecloudpad = pkgs.python3Packages.callPackage ./gecloudpad.nix {}; + gecloudpad_settings = pkgs.writeText "gecloudpad_settings" '' + BASEURL = "https://etherpad.euer.krebsco.de" + ''; in { services.uwsgi = { enable = true; user = "nginx"; - # runDir = "/var/lib/photostore"; plugins = [ "python3" ]; instance = { type = "emperor"; @@ -18,6 +20,7 @@ in { type = "normal"; pythonPackages = self: with self; [ gecloudpad ]; socket = wsgi-sock; + env = ["GECLOUDPAD_SETTINGS=${gecloudpad_settings}"]; }; }; }; diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix index ed3155efc..1cfda6fc5 100644 --- a/makefu/2configs/deployment/owncloud.nix +++ b/makefu/2configs/deployment/owncloud.nix @@ -15,6 +15,7 @@ with lib; let # TODO: copy-paste from lass/2/websites/util.nix + nextcloud = pkgs.nextcloud18; serveCloud = domains: let domain = head domains; @@ -23,9 +24,9 @@ let in { system.activationScripts."prepare-nextcloud-${domain}" = '' if test ! -e ${root} ;then - echo "copying latest ${pkgs.nextcloud.name} release to ${root}" + echo "copying latest ${nextcloud.name} release to ${root}" mkdir -p $(dirname "${root}") - cp -r ${pkgs.nextcloud} "${root}" + cp -r ${nextcloud} "${root}" chown -R nginx:nginx "${root}" chmod 770 "${root}" fi diff --git a/makefu/2configs/editor/vim.nix b/makefu/2configs/editor/vim.nix index 52ccd0ddd..3954dc0f3 100644 --- a/makefu/2configs/editor/vim.nix +++ b/makefu/2configs/editor/vim.nix @@ -22,7 +22,8 @@ in { vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; vimrcConfig.vam.pluginDictionaries = [ { names = [ "undotree" - "YouCompleteMe" "UltiSnips" + "YouCompleteMe" + #"UltiSnips" "vim-better-whitespace" ]; } # vim-nix handles indentation better but does not perform sanity { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 2a6e41ad8..639994674 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -18,6 +18,7 @@ let yacos-backend = { cgit.desc = "Yet Another Check-Out System"; }; + ebk-notify.cgit.desc = "Ebay Kleinanzeigen Notify"; }; krebs-repos = mapAttrs make-krebs-repo { diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix index 5b46c7e2d..9c1d560a0 100644 --- a/makefu/2configs/gui/base.nix +++ b/makefu/2configs/gui/base.nix @@ -29,24 +29,21 @@ in awesome.enable = true; awesome.noArgb = true; awesome.luaModules = [ pkgs.luaPackages.vicious ]; - default = "awesome"; }; - - displayManager.auto.enable = true; - displayManager.auto.user = mainUser; + displayManager.defaultSession = lib.mkDefault "none+awesome"; + displayManager.lightdm = { enable = true; autoLogin.enable = true; autoLogin.user = mainUser; }; desktopManager.xterm.enable = false; }; environment.systemPackages = [ pkgs.gnome3.defaultIconTheme ]; # lid switch is handled via button presses services.logind.lidSwitch = lib.mkDefault "ignore"; makefu.awesome.enable = true; - i18n.consoleFont = "Lat2-Terminus16"; + console.font = "Lat2-Terminus16"; fonts = { - enableCoreFonts = true; enableFontDir = true; enableGhostscriptFonts = true; - fonts = [ pkgs.terminus_font ]; + fonts = [ pkgs.terminus_font pkgs.corefonts ]; }; users.users.${mainUser} = { diff --git a/makefu/2configs/gui/urxvtd.nix b/makefu/2configs/gui/urxvtd.nix index 286b87ab3..cb6c25840 100644 --- a/makefu/2configs/gui/urxvtd.nix +++ b/makefu/2configs/gui/urxvtd.nix @@ -10,7 +10,7 @@ in { serviceConfig = { SyslogIdentifier = "urxvtd"; ExecReload = "${pkgs.coreutils}/bin/echo NOP"; - ExecStart = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtd"; + ExecStart = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtd"; Restart = "always"; RestartSec = "2s"; StartLimitBurst = 0; diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix index 6da1a37e7..1a5e6d04f 100644 --- a/makefu/2configs/gui/wbob-kiosk.nix +++ b/makefu/2configs/gui/wbob-kiosk.nix @@ -12,16 +12,15 @@ windowManager = lib.mkForce { awesome.enable = false; - default = "none"; }; desktopManager.xfce = { - extraSessionCommands = '' + enable = true; + }; + displayManager.defaultSession = "xfce"; + displayManager.sessionCommands = '' ${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms ${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1 ''; - enable = true; - }; - # xrandrHeads = [ "HDMI1" "HDMI2" ]; # prevent screen from turning off, disable dpms }; diff --git a/makefu/2configs/ham/androidtv/adbshell.nix b/makefu/2configs/ham/androidtv/adbshell.nix index f5b96c859..0fadeeb05 100644 --- a/makefu/2configs/ham/androidtv/adbshell.nix +++ b/makefu/2configs/ham/androidtv/adbshell.nix @@ -9,11 +9,11 @@ buildPythonPackage rec { pname = "adb_shell"; - version = "0.0.8"; + version = "0.1.1"; src = fetchPypi { inherit pname version; - sha256 = "01f9jinhfyjldg9793gz2i7gcd9xyx0a62r7a5ijssklcnn2rwnm"; + sha256 = "0a4mjrnw2lrhsakb1vjb5l6m3cr1ii7fibs7020nwv08cyx6pq6q"; }; propagatedBuildInputs = [ diff --git a/makefu/2configs/ham/androidtv/default.nix b/makefu/2configs/ham/androidtv/default.nix index 8f3bdc1f3..9899b2dd3 100644 --- a/makefu/2configs/ham/androidtv/default.nix +++ b/makefu/2configs/ham/androidtv/default.nix @@ -6,11 +6,11 @@ buildPythonPackage rec { pname = "androidtv"; - version = "0.0.34"; + version = "0.0.39"; src = fetchPypi { inherit pname version; - sha256 = "13078i2a9hglpv4ldycph5n5485np21vs6z2qn830hybmx8kfxsw"; + sha256 = "06lrjj74g2f3pkhsn3c8h13mkykgqqf4g9q6x5yv23z6ghjnk2dz"; }; propagatedBuildInputs = [ diff --git a/makefu/2configs/ham/androidtv/purepythonadb.nix b/makefu/2configs/ham/androidtv/purepythonadb.nix index d4e763b70..c9b1ff5e8 100644 --- a/makefu/2configs/ham/androidtv/purepythonadb.nix +++ b/makefu/2configs/ham/androidtv/purepythonadb.nix @@ -5,11 +5,11 @@ buildPythonPackage rec { pname = "pure-python-adb"; - version = "0.2.3.dev0"; + version = "0.2.2.dev0"; src = fetchPypi { inherit pname version; - sha256 = "88e5a4578435197799aa368fb1a5d87fe43e02a888cb7e85c2ad66173b383c89"; + sha256 = "1xigv6c8xyb4g852nr3smz0137rnp81jvlikza071y7rc6pdzwza"; }; meta = with lib; { @@ -18,4 +18,4 @@ buildPythonPackage rec { license = licenses.mit; # maintainers = [ maintainers. ]; }; -}
\ No newline at end of file +} diff --git a/makefu/2configs/ham/default.nix b/makefu/2configs/ham/default.nix index 53723299c..2db4ad4de 100644 --- a/makefu/2configs/ham/default.nix +++ b/makefu/2configs/ham/default.nix @@ -14,6 +14,7 @@ let #flurlicht = import ./multi/flurlicht.nix; kurzzeitwecker = import ./multi/kurzzeitwecker.nix; firetv_restart = import ./multi/firetv_restart.nix; + the_playlist = import ./multi/the_playlist.nix; # switch # automation # binary_sensor @@ -34,6 +35,7 @@ in { ]; }; config = { + config = {}; input_select = zigbee.input_select; # dict timer = zigbee.timer // kurzzeitwecker.timer; # dict homeassistant = { @@ -49,6 +51,8 @@ in { logger = { default = "info"; }; + rest_command = {} + // the_playlist.rest_command; tts = [ { platform = "google_translate"; language = "de"; @@ -131,6 +135,7 @@ in { # https://www.home-assistant.io/cookbook/automation_for_rainy_days/ ] ++ ((import ./sensor/outside.nix) {inherit lib;}) + ++ the_playlist.sensor ++ zigbee.sensor ; frontend = { }; # light = flurlicht.light; @@ -140,6 +145,7 @@ in { ++ (import ./automation/firetv_restart.nix) ++ kurzzeitwecker.automation #++ flurlicht.automation + ++ the_playlist.automation ++ zigbee.automation; script = { } diff --git a/makefu/2configs/ham/multi/the_playlist.nix b/makefu/2configs/ham/multi/the_playlist.nix new file mode 100644 index 000000000..ad090938c --- /dev/null +++ b/makefu/2configs/ham/multi/the_playlist.nix @@ -0,0 +1,83 @@ +# Inputs: +# binary_sensor.playlist_button_good +# binary_sensor.playlist_button_bad + +# outputs +# rest_command +# automation +# sensor +{ + rest_command = { + good_song = { + url = "http://prism.r:8001/good"; + method = "POST"; + }; + bad_song = { + url = "http://prism.r:8001/skip"; + method = "POST"; + }; + }; + automation = [ + { + alias = "playlist song publish"; + trigger = { + #platform = "event"; + #event_data.entity_id = "sensor.the_playlist_song"; + platform = "state"; + entity_id = "sensor.the_playlist_song"; + }; + action = { + service = "mqtt.publish"; + data = { + topic = "/ham/the_playlist/song"; + payload_template = "{{ states.sensor.the_playlist_song.state }}"; + }; + }; + } + { + alias = "playlist upvote on button"; + trigger = { + platform = "state"; + entity_id = "binary_sensor.playlist_button_good"; + from = "off"; + to = "on"; + }; + action.service = "rest_command.good_song"; + } + { + alias = "playlist downvote on button"; + trigger = { + platform = "state"; + entity_id = "binary_sensor.playlist_button_bad"; + from = "off"; + to = "on"; + }; + action.service = "rest_command.bad_song"; + } + ]; + sensor = [ + { platform = "rest"; + name = "pl"; + resource = "http://prism.r:8001/current"; + scan_interval = 30; + value_template = "1"; + json_attributes = [ "name" "filename" "youtube" ]; + } + { platform = "template"; + sensors = { + the_playlist_song = { + friendly_name = "Current Song"; + value_template = ''{{ states.sensor.pl.attributes['name'] }}''; + }; + the_playlist_url = { + friendly_name = "Song Youtube URL"; + value_template = ''{{ states.sensor.pl.attributes['youtube'] }}''; + }; + the_playlist_filename = { + friendly_name = "Song Filename"; + value_template = ''{{ states.sensor.pl.attributes['filename'] }}''; + }; + }; + } + ]; +} diff --git a/makefu/2configs/ham/zigbee2mqtt/default.nix b/makefu/2configs/ham/zigbee2mqtt/default.nix index 7c55326f9..84d32c872 100644 --- a/makefu/2configs/ham/zigbee2mqtt/default.nix +++ b/makefu/2configs/ham/zigbee2mqtt/default.nix @@ -17,4 +17,5 @@ volumes = ["/var/lib/zigbee2mqtt:/app/data"]; }; state = [ "/var/lib/zigbee2mqtt/configuration.yaml" "/var/lib/zigbee2mqtt/state.json" ]; + systemd.services.docker-zigbee2mqtt.after = [ "home-assistant.service" "docker.service" "network-online.target" ]; } diff --git a/makefu/2configs/home-manager/cli.nix b/makefu/2configs/home-manager/cli.nix index 6b5d26111..5d5673b81 100644 --- a/makefu/2configs/home-manager/cli.nix +++ b/makefu/2configs/home-manager/cli.nix @@ -1,15 +1,6 @@ {pkgs, ... }: { imports = [ ./zsh.nix ]; home-manager.users.makefu = { - services.gpg-agent = { - enable = true; - defaultCacheTtl = 900; - maxCacheTtl = 7200; - defaultCacheTtlSsh = 3600; - maxCacheTtlSsh = 86400; - enableSshSupport = true; - enableScDaemon = true; - }; programs.direnv = { stdlib = '' use_nix() { diff --git a/makefu/2configs/home-manager/desktop.nix b/makefu/2configs/home-manager/desktop.nix index 406f7f0d1..cf20af1b1 100644 --- a/makefu/2configs/home-manager/desktop.nix +++ b/makefu/2configs/home-manager/desktop.nix @@ -7,7 +7,6 @@ programs.browserpass = { browsers = [ "firefox" ] ; enable = true; }; programs.firefox = { enable = true; - enableIcedTea = true; }; programs.obs-studio.enable = true; xdg.enable = true; diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix index 4cd9becc7..f972e98b4 100644 --- a/makefu/2configs/home-manager/zsh.nix +++ b/makefu/2configs/home-manager/zsh.nix @@ -1,5 +1,12 @@ { pkgs, ... }: { + programs = { + ssh.startAgent = false; + gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + }; imports = [ { #direnv home-manager.users.makefu.home.packages = [ pkgs.direnv pkgs.nur.repos.kalbasit.nixify ]; @@ -8,7 +15,8 @@ { # bat home-manager.users.makefu.home.packages = [ pkgs.bat ]; home-manager.users.makefu.programs.zsh.shellAliases = { - cat = "bat"; + cat = "bat --style=header,snip"; + mirage = "sxiv"; # only available when tools/extra-gui is in use catn = "${pkgs.coreutils}/bin/cat"; ncat = "${pkgs.coreutils}/bin/cat"; }; @@ -53,8 +61,6 @@ setopt HIST_IGNORE_SPACE setopt HIST_FIND_NO_DUPS - unset SSH_AGENT_PID - export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh" compdef _pass brain zstyle ':completion::complete:brain::' prefix "$HOME/brain" compdef _pass secrets diff --git a/makefu/2configs/hw/bluetooth.nix b/makefu/2configs/hw/bluetooth.nix index e6a534b7b..411121556 100644 --- a/makefu/2configs/hw/bluetooth.nix +++ b/makefu/2configs/hw/bluetooth.nix @@ -33,11 +33,7 @@ hardware.bluetooth = { enable = true; powerOnBoot = false; - - extraConfig = '' - [general] - Enable=Source,Sink,Media,Socket - ''; + config.general.Enable = "Source,Sink,Media,Socket"; }; services.dbus.packages = [ pkgs.blueman ]; } diff --git a/makefu/2configs/legacy_only.nix b/makefu/2configs/legacy_only.nix new file mode 100644 index 000000000..3d40471ba --- /dev/null +++ b/makefu/2configs/legacy_only.nix @@ -0,0 +1,8 @@ +{ networking.enableIPv6 = false; + boot.kernel.sysctl = { + "net.ipv6.conf.all.disable_ipv6" = 1; + "net.ipv6.conf.default.disable_ipv6" = 1; + "net.ipv6.conf.lo.disable_ipv6" = 1; + }; + boot.kernelParams = [ "ipv6.disable=1" ]; +} diff --git a/makefu/2configs/minimal.nix b/makefu/2configs/minimal.nix index ad4c128ec..78a9dcfa6 100644 --- a/makefu/2configs/minimal.nix +++ b/makefu/2configs/minimal.nix @@ -69,9 +69,9 @@ # the only locale you will ever need i18n = { - consoleKeyMap = "us"; defaultLocale = "en_US.UTF-8"; }; + console.keyMap = "us"; # suppress chrome autit event messages security.audit.rules = [ "-a task,never" ]; diff --git a/makefu/2configs/nur.nix b/makefu/2configs/nur.nix index 891144957..65cf836c4 100644 --- a/makefu/2configs/nur.nix +++ b/makefu/2configs/nur.nix @@ -1,8 +1,8 @@ { pkgs, ... }:{ nixpkgs.config.packageOverrides = pkgs: { nur = import (builtins.fetchTarball { - url = "https://github.com/nix-community/NUR/archive/7bfd0117b359d0f72d086ff7e1f0ba3aeaf8d91e.tar.gz"; - sha256 = "0gb2np1r2m9kkz1s374gxdqrwhkzx48iircy00y6mjr7h14rhyxk"; + url = "https://github.com/nix-community/NUR/archive/b7f7e072b3fa56aa0d86dfe3689cb13f0615bbbe.tar.gz"; + sha256 = "0slxxg3r460aa1rc83j0rklmr0i1hyzfbjy0kn30fyh1l3lqb22m"; } ){ inherit pkgs; diff --git a/makefu/2configs/share/omo.nix b/makefu/2configs/share/omo.nix index ed5066787..929e5c601 100644 --- a/makefu/2configs/share/omo.nix +++ b/makefu/2configs/share/omo.nix @@ -42,6 +42,18 @@ in { browseable = "yes"; "guest ok" = "yes"; }; + anime = { + path = "/media/cryptX/anime"; + "read only" = "yes"; + browseable = "yes"; + "guest ok" = "yes"; + }; + serien = { + path = "/media/cryptX/series"; + "read only" = "yes"; + browseable = "yes"; + "guest ok" = "yes"; + }; crypX-games = { path = "/media/cryptX/games"; "read only" = "yes"; diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index 43892ed2c..f184b5be5 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -21,6 +21,7 @@ brain whatsupnix nixpkgs-pytools + hydra-check # git-related git-preview tig diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index 7c01104a0..49b36a5d7 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -4,7 +4,7 @@ users.users.makefu.packages = with pkgs;[ # media gimp - mirage + # mirage - last time available in 19.09 inkscape libreoffice # skype diff --git a/makefu/2configs/tools/studio.nix b/makefu/2configs/tools/studio.nix index 2c8ca399d..0998a695e 100644 --- a/makefu/2configs/tools/studio.nix +++ b/makefu/2configs/tools/studio.nix @@ -1,6 +1,9 @@ { pkgs, ... }: { + nixpkgs.config.permittedInsecurePackages = [ + "openssl-1.0.2u" # required for studio-link + ]; users.users.makefu.packages = with pkgs; [ obs-studio studio-link diff --git a/makefu/5pkgs/tinymediamanager/default.nix b/makefu/5pkgs/tinymediamanager/default.nix new file mode 100644 index 000000000..64d00e3a1 --- /dev/null +++ b/makefu/5pkgs/tinymediamanager/default.nix @@ -0,0 +1,38 @@ +{ stdenv, lib, pkgs, fetchurl,libmediainfo,libzen,jre }: +let + tmm-bin = pkgs.writers.writeDash "tinymediamanager" '' + TMMDIR=$(dirname $(readlink -f $0))/../lib/tmm + tmp=$(mktemp -d) # workaround for unwriteable base directory + trap 'rm -rf $tmp' INT TERM EXIT + cd "$tmp" + LD_LIBRARY_PATH=${lib.makeLibraryPath [ libmediainfo libzen ]} \ + ${jre}/bin/java \ + -Dappbase=https://www.tinymediamanager.org/ \ + -Dtmm.contentfolder=$HOME/.config/tmm \ + -classpath "$TMMDIR/tmm.jar:$TMMDIR/lib/*" \ + org.tinymediamanager.TinyMediaManager $@ + ''; +in +stdenv.mkDerivation rec { + pname = "tinymediamanager"; + version = "3.1.5"; + + src = fetchurl { + url = "http://release.tinymediamanager.org/v3/dist/tmm_${version}_linux.tar.gz"; + sha256 = "01nlbkiwvw1cdwrxpdvkkc6g5zrjig22hxbyv1i44ay4wi6vmcax"; + }; + sourceRoot = "."; + + phases = [ "unpackPhase" "installPhase" ]; + installPhase = '' + install -D ${tmm-bin} $out/bin/tinymediamanager + install -d $out/lib + cp -r . $out/lib/tmm + ''; + + meta = { + homepage = http://users.eastlink.ca/~doiron/bin2iso/ ; + description = "converts bin+cue to iso"; + license = lib.licenses.gpl3; + }; +} diff --git a/makefu/krops.nix b/makefu/krops.nix index 13a228d9d..bf2a7a19a 100644 --- a/makefu/krops.nix +++ b/makefu/krops.nix @@ -77,7 +77,7 @@ (lib.mkIf ( host-src.home-manager ) { home-manager.git = { url = https://github.com/rycee/home-manager; - ref = "9781f37"; + ref = "cb17f1e"; }; }) ]; diff --git a/nin/0tests/dummysecrets/hashedPasswords.nix b/nin/0tests/dummysecrets/hashedPasswords.nix deleted file mode 100644 index 0967ef424..000000000 --- a/nin/0tests/dummysecrets/hashedPasswords.nix +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/nin/1systems/axon/config.nix b/nin/1systems/axon/config.nix deleted file mode 100644 index 5e81afdbd..000000000 --- a/nin/1systems/axon/config.nix +++ /dev/null @@ -1,132 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: - -with lib; - -{ - imports = [ - <stockholm/nin> - <nixpkgs/nixos/modules/installer/scan/not-detected.nix> - #../2configs/copyq.nix - <stockholm/nin/2configs/ableton.nix> - <stockholm/nin/2configs/games.nix> - <stockholm/nin/2configs/git.nix> - <stockholm/nin/2configs/retiolum.nix> - <stockholm/nin/2configs/termite.nix> - ]; - - krebs.build.host = config.krebs.hosts.axon; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/pool/root"; - fsType = "ext4"; - }; - - fileSystems."/tmp" = - { device = "tmpfs"; - fsType = "tmpfs"; - }; - - fileSystems."/boot" = - { device = "/dev/sda1"; - fsType = "ext2"; - }; - - boot.initrd.luks.devices.crypted.device = "/dev/sda2"; - boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; - - swapDevices = [ ]; - - nix.maxJobs = lib.mkDefault 4; - # Use the GRUB 2 boot loader. - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - # Define on which hard drive you want to install Grub. - boot.loader.grub.device = "/dev/sda"; - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # nin config - time.timeZone = "Europe/Berlin"; - services.xserver = { - enable = true; - - displayManager.lightdm.enable = true; - }; - - networking.networkmanager.enable = true; - #networking.wireless.enable = true; - - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - - hardware.bluetooth.enable = true; - - hardware.opengl.driSupport32Bit = true; - - #nixpkgs.config.steam.java = true; - - environment.systemPackages = with pkgs; [ - atom - chromium - firefox - git - htop - keepassx - lmms - networkmanagerapplet - openvpn - python - ruby - steam - taskwarrior - thunderbird - vim - virtmanager - ]; - - nixpkgs.config = { - - allowUnfree = true; - - }; - - #services.logind.extraConfig = "HandleLidSwitch=ignore"; - - services.xserver.synaptics = { - enable = true; - }; - - services.xserver.displayManager.sessionCommands = '' - ${pkgs.xorg.xhost}/bin/xhost + local: - ''; - - services.xserver.desktopManager.xfce = let - xbindConfig = pkgs.writeText "xbindkeysrc" '' - "${pkgs.pass}/bin/passmenu --type" - Control + p - ''; - in { - enable = true; - extraSessionCommands = '' - ${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig} - ''; - }; - - # The NixOS release to be compatible with for stateful data such as databases. - system.stateVersion = "17.03"; - -} diff --git a/nin/1systems/hiawatha/config.nix b/nin/1systems/hiawatha/config.nix deleted file mode 100644 index a09eed958..000000000 --- a/nin/1systems/hiawatha/config.nix +++ /dev/null @@ -1,126 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: - -with lib; - -{ - imports = [ - <stockholm/nin> - <nixpkgs/nixos/modules/installer/scan/not-detected.nix> - #../2configs/copyq.nix - <stockholm/nin/2configs/games.nix> - <stockholm/nin/2configs/git.nix> - <stockholm/nin/2configs/retiolum.nix> - <stockholm/nin/2configs/termite.nix> - ]; - - krebs.build.host = config.krebs.hosts.hiawatha; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/b83f8830-84f3-4282-b10e-015c4b76bd9e"; - fsType = "ext4"; - }; - - fileSystems."/tmp" = - { device = "tmpfs"; - fsType = "tmpfs"; - }; - - fileSystems."/home" = - { device = "/dev/fam/home"; - }; - - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/2f319b08-2560-401d-b53c-2abd28f1a010"; - fsType = "ext2"; - }; - - boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; - boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; - - swapDevices = [ ]; - - nix.maxJobs = lib.mkDefault 4; - # Use the GRUB 2 boot loader. - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - # Define on which hard drive you want to install Grub. - boot.loader.grub.device = "/dev/sda"; - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - fileSystems."/home/nin/.local/share/Steam" = { - device = "/dev/fam/steam"; - }; - - # nin config - time.timeZone = "Europe/Berlin"; - services.xserver.enable = true; - - networking.networkmanager.enable = true; - #networking.wireless.enable = true; - - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - - hardware.bluetooth.enable = true; - - hardware.opengl.driSupport32Bit = true; - - #nixpkgs.config.steam.java = true; - - environment.systemPackages = with pkgs; [ - firefox - git - lmms - networkmanagerapplet - python - steam - thunderbird - vim - virtmanager - ]; - - nixpkgs.config = { - - allowUnfree = true; - - }; - - #services.logind.extraConfig = "HandleLidSwitch=ignore"; - - services.xserver.synaptics = { - enable = true; - }; - - - services.xserver.desktopManager.xfce = let - xbindConfig = pkgs.writeText "xbindkeysrc" '' - "${pkgs.pass}/bin/passmenu --type" - Control + p - ''; - in { - enable = true; - extraSessionCommands = '' - ${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig} - ''; - }; - - # The NixOS release to be compatible with for stateful data such as databases. - system.stateVersion = "17.03"; - -} diff --git a/nin/1systems/onondaga/config.nix b/nin/1systems/onondaga/config.nix deleted file mode 100644 index 3cd0773ae..000000000 --- a/nin/1systems/onondaga/config.nix +++ /dev/null @@ -1,23 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: - -{ - imports = [ - <stockholm/nin> - <stockholm/nin/2configs/retiolum.nix> - <stockholm/nin/2configs/weechat.nix> - <stockholm/nin/2configs/git.nix> - ]; - - krebs.build.host = config.krebs.hosts.onondaga; - - boot.isContainer = true; - networking.useDHCP = false; - - time.timeZone = "Europe/Amsterdam"; - - services.openssh.enable = true; -} diff --git a/nin/2configs/ableton.nix b/nin/2configs/ableton.nix deleted file mode 100644 index 343a9089d..000000000 --- a/nin/2configs/ableton.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ config, pkgs, ... }: let - mainUser = config.users.extraUsers.nin; -in { - users.users= { - ableton = { - isNormalUser = true; - extraGroups = [ - "audio" - "video" - ]; - packages = [ - pkgs.wine - pkgs.winetricks - ]; - }; - }; - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(ableton) NOPASSWD: ALL - ''; -} diff --git a/nin/2configs/copyq.nix b/nin/2configs/copyq.nix deleted file mode 100644 index 0616c4025..000000000 --- a/nin/2configs/copyq.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ config, pkgs, ... }: -with import <stockholm/lib>; -let - copyqConfig = pkgs.writeDash "copyq-config" '' - ${pkgs.copyq}/bin/copyq config check_clipboard true - ${pkgs.copyq}/bin/copyq config check_selection true - ${pkgs.copyq}/bin/copyq config copy_clipboard true - ${pkgs.copyq}/bin/copyq config copy_selection true - - ${pkgs.copyq}/bin/copyq config activate_closes true - ${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0 - ${pkgs.copyq}/bin/copyq config clipboard_tab clipboard - ${pkgs.copyq}/bin/copyq config disable_tray true - ${pkgs.copyq}/bin/copyq config hide_tabs true - ${pkgs.copyq}/bin/copyq config hide_toolbar true - ${pkgs.copyq}/bin/copyq config item_popup_interval true - ${pkgs.copyq}/bin/copyq config maxitems 1000 - ${pkgs.copyq}/bin/copyq config move true - ${pkgs.copyq}/bin/copyq config text_wrap true - ''; -in { - systemd.user.services.copyq = { - after = [ "graphical.target" ]; - wants = [ "graphical.target" ]; - wantedBy = [ "default.target" ]; - environment = { - DISPLAY = ":0"; - }; - serviceConfig = { - SyslogIdentifier = "copyq"; - ExecStart = "${pkgs.copyq}/bin/copyq"; - ExecStartPost = copyqConfig; - Restart = "always"; - RestartSec = "2s"; - StartLimitBurst = 0; - }; - }; -} diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix deleted file mode 100644 index 250383ca8..000000000 --- a/nin/2configs/default.nix +++ /dev/null @@ -1,173 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; -{ - imports = [ - ../2configs/vim.nix - <stockholm/krebs/2configs/binary-cache/nixos.nix> - <stockholm/krebs/2configs/binary-cache/prism.nix> - { - users.extraUsers = - mapAttrs (_: h: { hashedPassword = h; }) - (import <secrets/hashedPasswords.nix>); - } - { - users.users = { - root = { - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - config.krebs.users.nin_h.pubkey - ]; - }; - nin = { - name = "nin"; - uid = 1337; - home = "/home/nin"; - group = "users"; - createHome = true; - useDefaultShell = true; - extraGroups = [ - "audio" - "fuse" - ]; - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - config.krebs.users.nin_h.pubkey - ]; - }; - }; - } - { - environment.variables = { - NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; - }; - } - (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in { - environment.variables = { - CURL_CA_BUNDLE = ca-bundle; - GIT_SSL_CAINFO = ca-bundle; - SSL_CERT_FILE = ca-bundle; - }; - }) - ]; - - networking.hostName = config.krebs.build.host.name; - nix.maxJobs = config.krebs.build.host.cores; - - krebs = { - enable = true; - dns.search-domain = "r"; - build = { - user = config.krebs.users.nin; - }; - }; - - nix.useSandbox = true; - - users.mutableUsers = false; - - services.timesyncd.enable = true; - - #why is this on in the first place? - services.nscd.enable = false; - - boot.tmpOnTmpfs = true; - # see tmpfiles.d(5) - systemd.tmpfiles.rules = [ - "d /tmp 1777 root root - -" - ]; - - # multiple-definition-problem when defining environment.variables.EDITOR - environment.extraInit = '' - EDITOR=vim - ''; - - nixpkgs.config.allowUnfree = true; - - environment.shellAliases = { - gs = "git status"; - }; - - environment.systemPackages = with pkgs; [ - #stockholm - git - gnumake - jq - proot - pavucontrol - populate - p7zip - termite - unzip - unrar - hashPassword - ]; - - programs.bash = { - enableCompletion = true; - interactiveShellInit = '' - HISTCONTROL='erasedups:ignorespace' - HISTSIZE=65536 - HISTFILESIZE=$HISTSIZE - - shopt -s checkhash - shopt -s histappend histreedit histverify - shopt -s no_empty_cmd_completion - complete -d cd - ''; - promptInit = '' - if test $UID = 0; then - PS1='\[\033[1;31m\]$PWD\[\033[0m\] ' - elif test $UID = 1337; then - PS1='\[\033[1;32m\]$PWD\[\033[0m\] ' - else - PS1='\[\033[1;33m\]\u@$PWD\[\033[0m\] ' - fi - if test -n "$SSH_CLIENT"; then - PS1='\[\033[35m\]\h'" $PS1" - fi - ''; - }; - - services.openssh = { - enable = true; - hostKeys = [ - # XXX bits here make no science - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - - krebs.iptables = { - enable = true; - tables = { - nat.PREROUTING.rules = [ - { predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; } - { predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; } - ]; - nat.OUTPUT.rules = [ - { predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; } - ]; - filter.INPUT.policy = "DROP"; - filter.FORWARD.policy = "DROP"; - filter.INPUT.rules = [ - { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; } - { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } - { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; } - { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } - { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } - { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; } - { predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; } - { predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; } - ]; - }; - }; - - networking.dhcpcd.extraConfig = '' - noipv4ll - ''; -} diff --git a/nin/2configs/games.nix b/nin/2configs/games.nix deleted file mode 100644 index 15e17238d..000000000 --- a/nin/2configs/games.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ config, pkgs, ... }: - -let - mainUser = config.users.extraUsers.mainUser; - vdoom = pkgs.writeDash "vdoom" '' - ${pkgs.zandronum}/bin/zandronum \ - -fov 120 \ - "$@" - ''; - doom = pkgs.writeDash "doom" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${vdoom} \ - -file $DOOM_DIR/lib/brutalv20.pk3 \ - "$@" - ''; - doom1 = pkgs.writeDashBin "doom1" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${doom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@" - ''; - doom2 = pkgs.writeDashBin "doom2" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${doom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@" - ''; - vdoom1 = pkgs.writeDashBin "vdoom1" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${vdoom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@" - ''; - vdoom2 = pkgs.writeDashBin "vdoom2" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${vdoom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@" - ''; - - doomservercfg = pkgs.writeText "doomserver.cfg" '' - skill 7 - #survival true - #sv_maxlives 4 - #sv_norespawn true - #sv_weapondrop true - no_jump true - #sv_noweaponspawn true - sv_sharekeys true - sv_survivalcountdowntime 1 - sv_noteamselect true - sv_updatemaster false - #sv_coop_loseinventory true - #cl_startasspectator false - #lms_spectatorview false - ''; - - vdoomserver = pkgs.writeDashBin "vdoomserver" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - - ${pkgs.zandronum}/bin/zandronum-server \ - +exec ${doomservercfg} \ - "$@" - ''; - -in { - environment.systemPackages = with pkgs; [ - dwarf_fortress - doom1 - doom2 - vdoom1 - vdoom2 - vdoomserver - ]; - - hardware.pulseaudio.support32Bit = true; - -} diff --git a/nin/2configs/git.nix b/nin/2configs/git.nix deleted file mode 100644 index aed4a9f48..000000000 --- a/nin/2configs/git.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; - -let - - out = { - services.nginx.enable = true; - krebs.git = { - enable = true; - cgit = { - settings = { - root-title = "public repositories at ${config.krebs.build.host.name}"; - root-desc = "keep calm and engage"; - }; - }; - repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos; - rules = rules; - }; - - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } - ]; - }; - - repos = public-repos; - - rules = concatMap make-rules (attrValues repos); - - public-repos = mapAttrs make-public-repo { - stockholm = { - cgit.desc = "take all the computers hostage, they'll love you!"; - }; - }; - - make-public-repo = name: { cgit ? {}, ... }: { - inherit cgit name; - public = true; - }; - - make-rules = - with git // config.krebs.users; - repo: - singleton { - user = [ nin nin_h ]; - repo = [ repo ]; - perm = push "refs/*" [ non-fast-forward create delete merge ]; - } ++ - optional repo.public { - user = attrValues config.krebs.users; - repo = [ repo ]; - perm = fetch; - } ++ - optional (length (repo.collaborators or []) > 0) { - user = repo.collaborators; - repo = [ repo ]; - perm = fetch; - }; - -in out diff --git a/nin/2configs/im.nix b/nin/2configs/im.nix deleted file mode 100644 index b078dbd53..000000000 --- a/nin/2configs/im.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, lib, pkgs, ... }: -with import <stockholm/lib>; -{ - environment.systemPackages = with pkgs; [ - (pkgs.writeDashBin "im" '' - export PATH=${makeSearchPath "bin" (with pkgs; [ - tmux - gnugrep - weechat - ])} - ssh chat@onondaga - if tmux list-sessions -F\#S | grep -q '^im''$'; then - exec tmux attach -t im - else - exec tmux new -s im weechat - fi - '') - ]; -} diff --git a/nin/2configs/retiolum.nix b/nin/2configs/retiolum.nix deleted file mode 100644 index 821e3cc00..000000000 --- a/nin/2configs/retiolum.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ ... }: - -{ - - krebs.iptables = { - tables = { - filter.INPUT.rules = [ - { predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; } - { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; } - { predicate = "-p udp --dport tinc"; target = "ACCEPT"; } - ]; - }; - }; - - krebs.tinc.retiolum = { - enable = true; - connectTo = [ - "prism" - "pigstarter" - "gum" - "flap" - ]; - }; - - nixpkgs.config.packageOverrides = pkgs: { - tinc = pkgs.tinc_pre; - }; -} diff --git a/nin/2configs/skype.nix b/nin/2configs/skype.nix deleted file mode 100644 index 621dfae82..000000000 --- a/nin/2configs/skype.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - mainUser = config.users.extraUsers.nin; - inherit (import <stockholm/lib>) genid; - -in { - users.extraUsers = { - skype = { - name = "skype"; - uid = genid "skype"; - description = "user for running skype"; - home = "/home/skype"; - useDefaultShell = true; - extraGroups = [ "audio" "video" ]; - createHome = true; - }; - }; - - krebs.per-user.skype.packages = [ - pkgs.skype - ]; - - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(skype) NOPASSWD: ALL - ''; -} diff --git a/nin/2configs/termite.nix b/nin/2configs/termite.nix deleted file mode 100644 index 942446b01..000000000 --- a/nin/2configs/termite.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = [ - pkgs.termite - ]; - - krebs.per-user.nin.packages = let - termitecfg = pkgs.writeTextFile { - name = "termite-config"; - destination = "/etc/xdg/termite/config"; - text = '' - [colors] - foreground = #d0d7d0 - background = #000000 - ''; - }; - in [ - termitecfg - ]; - -} diff --git a/nin/2configs/vim.nix b/nin/2configs/vim.nix deleted file mode 100644 index 7b5d37611..000000000 --- a/nin/2configs/vim.nix +++ /dev/null @@ -1,355 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; -let - out = { - environment.systemPackages = [ - vim - pkgs.pythonPackages.flake8 - ]; - - environment.etc.vimrc.source = vimrc; - - environment.variables.EDITOR = mkForce "vim"; - environment.variables.VIMINIT = ":so /etc/vimrc"; - }; - - vimrc = pkgs.writeText "vimrc" '' - set nocompatible - - set autoindent - set backspace=indent,eol,start - set backup - set backupdir=${dirs.backupdir}/ - set directory=${dirs.swapdir}// - set hlsearch - set incsearch - set laststatus=2 - set mouse=a - set noruler - set pastetoggle=<INS> - set runtimepath=${extra-runtimepath},$VIMRUNTIME - set shortmess+=I - set showcmd - set showmatch - set ttimeoutlen=0 - set undodir=${dirs.undodir} - set undofile - set undolevels=1000000 - set undoreload=1000000 - set viminfo='20,<1000,s100,h,n${files.viminfo} - set visualbell - set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o - set wildmenu - set wildmode=longest,full - - set et ts=2 sts=2 sw=2 - - filetype plugin indent on - - set t_Co=256 - colorscheme hack - syntax on - - au Syntax * syn match Garbage containedin=ALL /\s\+$/ - \ | syn match TabStop containedin=ALL /\t\+/ - \ | syn keyword Todo containedin=ALL TODO - - au BufRead,BufNewFile *.hs so ${hs.vim} - - au BufRead,BufNewFile *.nix so ${nix.vim} - - au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile - - "Syntastic config - let g:syntastic_python_checkers=['flake8'] - - nmap <esc>q :buffer - nmap <M-q> :buffer - - cnoremap <C-A> <Home> - - noremap <C-c> :q<cr> - vnoremap < <gv - vnoremap > >gv - - nnoremap <esc>[5^ :tabp<cr> - nnoremap <esc>[6^ :tabn<cr> - nnoremap <esc>[5@ :tabm -1<cr> - nnoremap <esc>[6@ :tabm +1<cr> - - nnoremap <f1> :tabp<cr> - nnoremap <f2> :tabn<cr> - inoremap <f1> <esc>:tabp<cr> - inoremap <f2> <esc>:tabn<cr> - - " <C-{Up,Down,Right,Left> - noremap <esc>Oa <nop> | noremap! <esc>Oa <nop> - noremap <esc>Ob <nop> | noremap! <esc>Ob <nop> - noremap <esc>Oc <nop> | noremap! <esc>Oc <nop> - noremap <esc>Od <nop> | noremap! <esc>Od <nop> - " <[C]S-{Up,Down,Right,Left> - noremap <esc>[a <nop> | noremap! <esc>[a <nop> - noremap <esc>[b <nop> | noremap! <esc>[b <nop> - noremap <esc>[c <nop> | noremap! <esc>[c <nop> - noremap <esc>[d <nop> | noremap! <esc>[d <nop> - vnoremap u <nop> - ''; - - extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ - pkgs.vimPlugins.Syntastic - pkgs.vimPlugins.undotree - pkgs.vimPlugins.airline - (pkgs.vimUtils.buildVimPlugin { - name = "file-line-1.0"; - src = pkgs.fetchgit { - url = git://github.com/bogado/file-line; - rev = "refs/tags/1.0"; - sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0"; - }; - }) - ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let - name = "hack"; - in { - name = "vim-color-${name}-1.0.2"; - destination = "/colors/${name}.vim"; - text = /* vim */ '' - set background=dark - hi clear - if exists("syntax_on") - syntax clear - endif - - let colors_name = ${toJSON name} - - hi Normal ctermbg=235 - hi Comment ctermfg=242 - hi Constant ctermfg=062 - hi Identifier ctermfg=068 - hi Function ctermfg=041 - hi Statement ctermfg=167 - hi PreProc ctermfg=167 - hi Type ctermfg=041 - hi Delimiter ctermfg=251 - hi Special ctermfg=062 - - hi Garbage ctermbg=088 - hi TabStop ctermbg=016 - hi Todo ctermfg=174 ctermbg=NONE - - hi NixCode ctermfg=148 - hi NixData ctermfg=149 - hi NixQuote ctermfg=150 - - hi diffNewFile ctermfg=207 - hi diffFile ctermfg=207 - hi diffLine ctermfg=207 - hi diffSubname ctermfg=207 - hi diffAdded ctermfg=010 - hi diffRemoved ctermfg=009 - ''; - }))) - ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let - name = "vim"; - in { - name = "vim-syntax-${name}-1.0.0"; - destination = "/syntax/${name}.vim"; - text = /* vim */ '' - ${concatMapStringsSep "\n" (s: /* vim */ '' - syn keyword vimColor${s} ${s} - \ containedin=ALLBUT,vimComment,vimLineComment - hi vimColor${s} ctermfg=${s} - '') (map (i: lpad 3 "0" (toString i)) (range 0 255))} - ''; - }))) - ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let - name = "showsyntax"; - in { - name = "vim-plugin-${name}-1.0.0"; - destination = "/plugin/${name}.vim"; - text = /* vim */ '' - if exists('g:loaded_showsyntax') - finish - endif - let g:loaded_showsyntax = 0 - - fu! ShowSyntax() - let id = synID(line("."), col("."), 1) - let name = synIDattr(id, "name") - let transName = synIDattr(synIDtrans(id),"name") - if name != transName - let name .= " (" . transName . ")" - endif - echo "Syntax: " . name - endfu - - command! -n=0 -bar ShowSyntax :call ShowSyntax() - ''; - }))) - ]; - - dirs = { - backupdir = "$HOME/.cache/vim/backup"; - swapdir = "$HOME/.cache/vim/swap"; - undodir = "$HOME/.cache/vim/undo"; - }; - files = { - viminfo = "$HOME/.cache/vim/info"; - }; - - mkdirs = let - dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s)); - in assert out != ""; out; - alldirs = attrValues dirs ++ map dirOf (attrValues files); - in unique (sort lessThan alldirs); - - vim = pkgs.writeDashBin "vim" '' - set -efu - (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs}) - exec ${pkgs.vim}/bin/vim "$@" - ''; - - - hs.vim = pkgs.writeText "hs.vim" '' - syn region String start=+\[[[:alnum:]]*|+ end=+|]+ - - hi link ConId Identifier - hi link VarId Identifier - hi link hsDelimiter Delimiter - ''; - - nix.vim = pkgs.writeText "nix.vim" '' - setf nix - - " Ref <nix/src/libexpr/lexer.l> - syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/ - syn match NixINT /\<[0-9]\+\>/ - syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ - syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ - syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/ - syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/ - syn region NixSTRING - \ matchgroup=NixSTRING - \ start='"' - \ skip='\\"' - \ end='"' - syn region NixIND_STRING - \ matchgroup=NixIND_STRING - \ start="'''" - \ skip="'''\('\|[$]\|\\[nrt]\)" - \ end="'''" - - syn match NixOther /[():/;=.,?\[\]]/ - - syn match NixCommentMatch /\(^\|\s\)#.*/ - syn region NixCommentRegion start="/\*" end="\*/" - - hi link NixCode Statement - hi link NixData Constant - hi link NixComment Comment - - hi link NixCommentMatch NixComment - hi link NixCommentRegion NixComment - hi link NixID NixCode - hi link NixINT NixData - hi link NixPATH NixData - hi link NixHPATH NixData - hi link NixSPATH NixData - hi link NixURI NixData - hi link NixSTRING NixData - hi link NixIND_STRING NixData - - hi link NixEnter NixCode - hi link NixOther NixCode - hi link NixQuote NixData - - syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings - syn cluster nix_ind_strings contains=NixIND_STRING - syn cluster nix_strings contains=NixSTRING - - ${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let - startAlts = filter isString [ - ''/\* ${lang} \*/'' - extraStart - ]; - sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*''; - in /* vim */ '' - syn include @nix_${lang}_syntax syntax/${lang}.vim - unlet b:current_syntax - - syn match nix_${lang}_sigil - \ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X - \ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING - \ transparent - - syn region nix_${lang}_region_STRING - \ matchgroup=NixSTRING - \ start='"' - \ skip='\\"' - \ end='"' - \ contained - \ contains=@nix_${lang}_syntax - \ transparent - - syn region nix_${lang}_region_IND_STRING - \ matchgroup=NixIND_STRING - \ start="'''" - \ skip="'''\('\|[$]\|\\[nrt]\)" - \ end="'''" - \ contained - \ contains=@nix_${lang}_syntax - \ transparent - - syn cluster nix_ind_strings - \ add=nix_${lang}_region_IND_STRING - - syn cluster nix_strings - \ add=nix_${lang}_region_STRING - - syn cluster nix_has_dollar_curly - \ add=@nix_${lang}_syntax - '') { - c = {}; - cabal = {}; - haskell = {}; - sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"''; - vim.extraStart = - ''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"''; - })} - - " Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY. - syn clear shVarAssign - - syn region nixINSIDE_DOLLAR_CURLY - \ matchgroup=NixEnter - \ start="[$]{" - \ end="}" - \ contains=TOP - \ containedin=@nix_has_dollar_curly - \ transparent - - syn region nix_inside_curly - \ matchgroup=NixEnter - \ start="{" - \ end="}" - \ contains=TOP - \ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly - \ transparent - - syn match NixQuote /'''\([''$']\|\\.\)/he=s+2 - \ containedin=@nix_ind_strings - \ contained - - syn match NixQuote /\\./he=s+1 - \ containedin=@nix_strings - \ contained - - syn sync fromstart - - let b:current_syntax = "nix" - - set isk=@,48-57,_,192-255,-,' - set bg=dark - ''; -in -out diff --git a/nin/2configs/weechat.nix b/nin/2configs/weechat.nix deleted file mode 100644 index 6c0fb313e..000000000 --- a/nin/2configs/weechat.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (import <stockholm/lib>) genid; -in { - krebs.per-user.chat.packages = with pkgs; [ - mosh - weechat - tmux - ]; - - users.extraUsers.chat = { - home = "/home/chat"; - uid = genid "chat"; - useDefaultShell = true; - createHome = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - ]; - }; -} diff --git a/nin/default.nix b/nin/default.nix deleted file mode 100644 index c31d6d949..000000000 --- a/nin/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -_: -{ - imports = [ - ../krebs - ./2configs - ]; -} diff --git a/nin/krops.nix b/nin/krops.nix deleted file mode 100644 index 52aeb8470..000000000 --- a/nin/krops.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ name }: let - inherit (import ../krebs/krops.nix { inherit name; }) - krebs-source - lib - pkgs - ; - - source = { test }: lib.evalSource [ - (krebs-source { test = test; }) - { - nixos-config.symlink = "stockholm/nin/1systems/${name}/config.nix"; - secrets = if test then { - file = toString ./0tests/dummysecrets; - } else { - pass = { - dir = "${lib.getEnv "HOME"}/.password-store"; - name = "hosts/${name}"; - }; - }; - } - ]; - -in { - # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy) - deploy = pkgs.krops.writeDeploy "${name}-deploy" { - source = source { test = false; }; - target = "root@${name}/var/src"; - }; - - # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) - test = { target }: pkgs.krops.writeTest "${name}-test" { - inherit target; - source = source { test = true; }; - }; -} diff --git a/submodules/brockman b/submodules/brockman deleted file mode 160000 -Subproject 1a5b3faa1185f8c0e7861ebadf07e48ac4bdf7e diff --git a/submodules/krops b/submodules/krops -Subproject 55aa2c77ce8183f3d2b24f54efa33ab6a42e1e0 +Subproject f1b7112ac3cbe090e96f2c82c525b6db69b8203 |