diff options
36 files changed, 552 insertions, 172 deletions
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index cf72e0d73..916073375 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -12,8 +12,8 @@ <stockholm/krebs/2configs/buildbot-stockholm.nix> <stockholm/krebs/2configs/binary-cache/nixos.nix> <stockholm/krebs/2configs/ircd.nix> - <stockholm/krebs/2configs/reaktor-retiolum.nix> - <stockholm/krebs/2configs/reaktor-krebs.nix> + <stockholm/krebs/2configs/nscd-fix.nix> + <stockholm/krebs/2configs/reaktor2.nix> <stockholm/krebs/2configs/repo-sync.nix> ]; diff --git a/krebs/2configs/nscd-fix.nix b/krebs/2configs/nscd-fix.nix new file mode 100644 index 000000000..20dc3bae4 --- /dev/null +++ b/krebs/2configs/nscd-fix.nix @@ -0,0 +1,24 @@ +{ pkgs, ... }: +with import <stockholm/lib>; +let + versionOlderThan = v: + compareVersions + (versions.majorMinor version) + (versions.majorMinor v) + == -1; + + enable = + versionOlderThan "19.03"; + warning = '' + Using custom services.nscd.config because + https://github.com/NixOS/nixpkgs/pull/50316 + ''; +in + optionalAttrs enable (trace warning { + services.nscd.enable = mkForce true; + services.nscd.config = mkForce (readFile (pkgs.fetchurl { + url = https://raw.githubusercontent.com/arianvp/nixpkgs/1d5f4cb/nixos/modules/services/system/nscd.conf; + sha256 = "1jlddk38lyynjn51zx3xi1nc29ahajyh0qg48qbq6dqlsrn3wxqs"; + })); + }) + diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix deleted file mode 100644 index 862c9b991..000000000 --- a/krebs/2configs/reaktor-krebs.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, lib, pkgs, ... }: -with import <stockholm/lib>; - -{ - krebs.Reaktor.krebs = { - nickname = "Reaktor|krebs"; - channels = [ - "#krebs" - "#nixos-wiki" - ]; - extraEnviron = { - REAKTOR_HOST = "irc.freenode.org"; - REAKTOR_NICKSERV_PASSWORD = "/var/lib/Reaktor/reaktor_nickserv_password"; - }; - plugins = with pkgs.ReaktorPlugins; [ - sed-plugin - ] ++ - (attrValues (task "agenda")) - ; - }; - krebs.secret.files.nix-serve-key = { - path = "/var/lib/Reaktor/reaktor_nickserv_password"; - owner.name = "Reaktor"; - source-path = toString <secrets> + "/reaktor_nickserv_password"; - }; -} diff --git a/krebs/2configs/reaktor-retiolum.nix b/krebs/2configs/reaktor-retiolum.nix deleted file mode 100644 index 69fc4b202..000000000 --- a/krebs/2configs/reaktor-retiolum.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, lib, pkgs, ... }: -with import <stockholm/lib>; - -{ - krebs.Reaktor.retiolum = { - nickname = "Reaktor|lass"; - channels = [ "#noise" "#xxx" ]; - extraEnviron = { - REAKTOR_HOST = "irc.r"; - }; - plugins = with pkgs.ReaktorPlugins; [ - sed-plugin - ] ++ - (attrValues (task "agenda")) - ; - }; -} diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix new file mode 100644 index 000000000..f1e59142e --- /dev/null +++ b/krebs/2configs/reaktor2.nix @@ -0,0 +1,168 @@ +with import <stockholm/lib>; +{ config, pkgs, ... }: + +let + #for shared state directory + stateDir = config.krebs.reaktor2.r.stateDir; + + generators = pkgs.reaktor2-plugins.generators; + hooks = pkgs.reaktor2-plugins.hooks; + commands = pkgs.reaktor2-plugins.commands; + + task = name: let + rcFile = builtins.toFile "taskrc" '' + confirmation=no + ''; + in { + pattern = "^${name}-([a-z]+)(?::\\s*(.*))?"; + activate = "match"; + command = 1; + arguments = [2]; + commands = { + add = { + env = { + TASKDATA = "${stateDir}/${name}"; + }; + filename = pkgs.writeDash "${name}-task-add" '' + ${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$*" + ''; + }; + list = { + env = { + TASKDATA = "${stateDir}/${name}"; + }; + filename = pkgs.writeDash "${name}-task-list" '' + ${pkgs.taskwarrior}/bin/task rc:${rcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"' + ''; + }; + delete = { + env = { + TASKDATA = "${stateDir}/${name}"; + }; + filename = pkgs.writeDash "${name}-task-delete" '' + ${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$*" + ''; + }; + done = { + env = { + TASKDATA = "${stateDir}/${name}"; + }; + filename = pkgs.writeDash "${name}-task-done" '' + ${pkgs.taskwarrior}/bin/task rc:${rcFile} done "$*" + ''; + }; + }; + }; + + systemPlugin = { + plugin = "system"; + config = { + workdir = stateDir; + hooks.JOIN = [ + { + activate = "always"; + command = { + filename = + "${pkgs.Reaktor.src}/reaktor/commands/tell-on_join"; + env = { + PATH = makeBinPath [ + pkgs.coreutils # XXX env, touch + pkgs.jq # XXX sed + pkgs.utillinux # XXX flock + ]; + state_file = "${stateDir}/tell.json"; + }; + }; + } + ]; + hooks.PRIVMSG = [ + { + pattern = "^bier bal(ance)*$"; + activate = "match"; + command = { + env = { + state_file = "${stateDir}/ledger"; + }; + filename = pkgs.writeDash "bier-balance" '' + ${pkgs.hledger}/bin/hledger -f $state_file bal -N -O csv \ + | ${pkgs.coreutils}/bin/tail +2 \ + | ${pkgs.miller}/bin/mlr --icsv --opprint cat + ''; + }; + } + { + pattern = ''^(\S+)\s+([+-][1-9][0-9]*)\s+(\S+)$''; + activate = "match"; + arguments = [1 2 3]; + command = { + env = { + # TODO; get state as argument + state_file = "${stateDir}/ledger"; + }; + filename = pkgs.writeDash "ledger-add" '' + set -x + tonick=$1 + amt=$2 + unit=$3 + printf '%s\n %s %d %s\n %s %d %s\n' "$(date -Id)" "$tonick" "$amt" "$unit" "$_from" "$(expr 0 - "''${amt#+}")" "$unit" >> $state_file + ''; + }; + } + hooks.sed + (generators.command_hook { + inherit (commands) hello random-emoji nixos-version stockholm-issue; + tell = { + filename = + "${pkgs.Reaktor.src}/reaktor/commands/tell-on_privmsg"; + env = { + PATH = makeBinPath [ + pkgs.coreutils # XXX date, env + pkgs.jq # XXX sed + pkgs.utillinux # XXX flock + ]; + state_file = "${stateDir}/tell.txt"; + }; + }; + }) + (task "agenda") + ]; + }; + }; + +in { + + krebs.reaktor2 = { + freenode = { + hostname = "irc.freenode.org"; + nick = "reaktor2|krebs"; + plugins = [ + { + plugin = "register"; + config = { + channels = [ + "#krebs" + ]; + }; + } + systemPlugin + ]; + user = "reaktor2"; + }; + r = { + nick = "reaktor2|krebs"; + plugins = [ + { + plugin = "register"; + config = { + channels = [ + "#noise" + "#xxx" + ]; + }; + } + systemPlugin + ]; + user = "reaktor2"; + }; + }; +} diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index a7ec0e158..089113ac6 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -84,8 +84,8 @@ in { nets = rec { internet = { # eve.thalheim.io - ip4.addr = "188.68.39.17"; - ip6.addr = "2a03:4000:13:31e::1"; + ip4.addr = "95.216.112.61"; + ip6.addr = "2a01:4f9:2b:1605::1"; aliases = [ "eve.i" ]; }; retiolum = { @@ -141,6 +141,29 @@ in { }; }; }; + idontcare = { + owner = config.krebs.users.Mic92; + nets = rec { + retiolum = { + addrs = [ + config.krebs.hosts.idontcare.nets.retiolum.ip4.addr + config.krebs.hosts.idontcare.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.177"; + aliases = [ "idontcare.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O + qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A + OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An + lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb + O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw + jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; justraute = { owner = config.krebs.users.raute; # laptop nets = { @@ -393,7 +416,7 @@ in { pubkey = ssh-for "kmein"; }; Mic92 = { - mail = "joerg@higgsboson.tk"; + mail = "joerg@thalheim.io"; pubkey = ssh-for "Mic92"; }; palo = { diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix index 3dd86503f..3f263d010 100644 --- a/krebs/3modules/reaktor2.nix +++ b/krebs/3modules/reaktor2.nix @@ -25,7 +25,7 @@ with import <stockholm/lib>; type = types.listOf types.attrs; }; stateDir = mkOption { - default = "/var/lib/${self.config.systemd-service-name}"; + default = "/var/lib/${self.config.user}"; readOnly = true; type = types.absolute-pathname; }; @@ -33,6 +33,10 @@ with import <stockholm/lib>; default = "reaktor2${optionalString (name != "default") "-${name}"}"; type = types.filename; }; + user = mkOption { + default = self.config.systemd-service-name; + type = types.str; + }; useTLS = mkOption { default = self.config.port == "6697"; type = types.bool; @@ -47,10 +51,10 @@ with import <stockholm/lib>; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; serviceConfig = { - User = cfg.systemd-service-name; + User = cfg.user; Group = "reaktor2"; DynamicUser = true; - StateDirectory = cfg.systemd-service-name; + StateDirectory = cfg.user; ExecStart = let configFile = pkgs.writeJSON configFileName configValue; configFileName = "${cfg.systemd-service-name}.config.json"; diff --git a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py index ecb03917b..4925b25bb 100755 --- a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py +++ b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py @@ -46,7 +46,7 @@ if is_regex(line): print('to many lines, skipped') else: if last.strip() != ret.strip(): - print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip())) + print("\x02{}\x02 meant: {}".format(usr, ret.strip())) if ret: d[usr] = ret diff --git a/krebs/5pkgs/simple/reaktor2-plugins.nix b/krebs/5pkgs/simple/reaktor2-plugins.nix new file mode 100644 index 000000000..fcbcd6365 --- /dev/null +++ b/krebs/5pkgs/simple/reaktor2-plugins.nix @@ -0,0 +1,106 @@ +{ lib, pkgs, ... }: +with import <stockholm/lib>; + +rec { + generators = { + command_hook = commands: { + pattern = + "^\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$"; + command = 1; + arguments = [2]; + commands = commands; + }; + }; + + commands = { + + hello = { + filename = "${pkgs.Reaktor.src}/reaktor/commands/hello"; + }; + + random-emoji = { + filename = <stockholm/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh>; + env = { + PATH = makeBinPath (with pkgs; [ coreutils gnused gnugrep xmlstarlet wget ]); + }; + }; + + nixos-version = { + filename = pkgs.writeDash "nixos-version" '' + . /etc/os-release + echo "$PRETTY_NAME" + ''; + }; + + stockholm-issue = { + filename = <stockholm/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh>; + env = { + PATH = makeBinPath (with pkgs; [ coreutils git gnused haskellPackages.lentil ]); + origin = "http://cgit.gum/stockholm"; + state_dir = "/tmp/stockholm-issue"; + }; + }; + + }; + + hooks = { + + sed = { + activate = "always"; + pattern = "^(.*)$"; + arguments = [1]; + command = { + env = { + PATH = makeBinPath (with pkgs; [ gnused ]); + state_dir = "/tmp"; + }; + filename = pkgs.writeDash "sed-plugin" '' + set -efu + exec ${pkgs.python3}/bin/python \ + ${<stockholm/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py>} "$@" + ''; + }; + }; + + shack-correct = { + activate = "match"; + pattern = "^(.*Shack.*)$"; + arguments = [1]; + command.filename = <stockholm/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh>; + }; + + + url-title = { + #pattern = "^.*(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$"; + pattern = "^.*(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$"; + activate = "match"; + arguments = [1]; + command = { + filename = pkgs.writePython3 "url-title" { deps = with pkgs.python3Packages; [ beautifulsoup4 lxml ]; } '' + import cgi + import sys + import urllib.request + from bs4 import BeautifulSoup + + try: + req = urllib.request.Request(sys.argv[1]) + req.add_header('user-agent', 'Reaktor-url-title') + resp = urllib.request.urlopen(req) + if resp.headers['content-type'].find('text/html') >= 0: + soup = BeautifulSoup(resp.read(16000), "lxml") + title = soup.find('title').string + + if len(title.split('\n')) > 5: + title = '\n'.join(title.split('\n')[:5]) + + print(title[:450]) + else: + cd_header = resp.headers['content-disposition'] + print(cgi.parse_header(cd_header)[1]['filename']) + except: # noqa: E722 + pass + ''; + }; + }; + }; +} diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index d3f681a65..614d5bccf 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "0396345b79436f54920f7eb651ab42acf2eb7973", - "date": "2018-12-30T21:22:33-05:00", - "sha256": "10wd0wsair6dlilgaviqw2p9spgcf8qg736bzs08jha0f4zfqjs4", + "rev": "97e0d53d669cd07f0750a42fd535524b3cdd46d1", + "date": "2019-01-15T00:11:44+01:00", + "sha256": "111xa7qn9142dar29cil4br2mvn8f1rbiy310lkhwl73126fq8dw", "fetchSubmodules": false } diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index df2778bef..23746d210 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -36,10 +36,10 @@ with import <stockholm/lib>; # TODO write function for proxy_pass (ssl/nonssl) krebs.iptables.tables.filter.FORWARD.rules = [ - { v6 = false; precedence = 1000; predicate = "-d 192.168.122.92"; target = "ACCEPT"; } + { v6 = false; precedence = 1000; predicate = "-d 192.168.122.141"; target = "ACCEPT"; } ]; krebs.iptables.tables.nat.PREROUTING.rules = [ - { v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.92"; } + { v6 = false; precedence = 1000; predicate = "-d 95.216.1.130"; target = "DNAT --to-destination 192.168.122.141"; } ]; } { @@ -379,6 +379,7 @@ with import <stockholm/lib>; name = "download"; home = "/var/download"; useDefaultShell = true; + uid = genid "download"; openssh.authorizedKeys.keys = with config.krebs.users; [ lass.pubkey lass-shodan.pubkey @@ -420,6 +421,16 @@ with import <stockholm/lib>; { predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; } ]; } + { + nix.trustedUsers = [ "Mic92" ]; + users.users.Mic92 = { + uid = genid_uint31 "Mic92"; + isNormalUser = true; + openssh.authorizedKeys.keys = [ + config.krebs.users.Mic92.pubkey + ]; + }; + } ]; krebs.build.host = config.krebs.hosts.prism; diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix index a2b5efb29..9a84e9d63 100644 --- a/lass/1systems/prism/physical.nix +++ b/lass/1systems/prism/physical.nix @@ -63,9 +63,15 @@ defaultGateway = "95.216.1.129"; # Use google's public DNS server nameservers = [ "8.8.8.8" ]; - interfaces.eth0 = { - ipAddress = "95.216.1.150"; - prefixLength = 26; - }; + interfaces.eth0.ipv4.addresses = [ + { + address = "95.216.1.150"; + prefixLength = 26; + } + { + address = "95.216.1.130"; + prefixLength = 26; + } + ]; }; } diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix index 58fa564a1..9d8bcd7be 100644 --- a/lass/1systems/yellow/config.nix +++ b/lass/1systems/yellow/config.nix @@ -88,7 +88,7 @@ with import <stockholm/lib>; client dev tun proto udp - remote 82.102.16.229 1194 + remote 89.249.65.83 1194 resolv-retry infinite remote-random nobind @@ -103,13 +103,9 @@ with import <stockholm/lib>; reneg-sec 0 comp-lzo no - explicit-exit-notify 3 - remote-cert-tls server - #mute 10000 auth-user-pass ${toString <secrets/nordvpn.txt>} - verb 3 pull fast-io @@ -118,32 +114,33 @@ with import <stockholm/lib>; <ca> -----BEGIN CERTIFICATE----- - MIIEyjCCA7KgAwIBAgIJANIxRSmgmjW6MA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD - VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH - Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUyMjkubm9yZHZw - bi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEWEGNlcnRAbm9y - ZHZwbi5jb20wHhcNMTcxMTIyMTQ1MTQ2WhcNMjcxMTIwMTQ1MTQ2WjCBnjELMAkG - A1UEBhMCUEExCzAJBgNVBAgTAlBBMQ8wDQYDVQQHEwZQYW5hbWExEDAOBgNVBAoT - B05vcmRWUE4xEDAOBgNVBAsTB05vcmRWUE4xGjAYBgNVBAMTEWRlMjI5Lm5vcmR2 - cG4uY29tMRAwDgYDVQQpEwdOb3JkVlBOMR8wHQYJKoZIhvcNAQkBFhBjZXJ0QG5v - cmR2cG4uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv++dfZlG - UeFF2sGdXjbreygfo78Ujti6X2OiMDFnwgqrhELstumXl7WrFf5EzCYbVriNuUny - mNCx3OxXxw49xvvg/KplX1CE3rKBNnzbeaxPmeyEeXe+NgA7rwOCbYPQJScFxK7X - +D16ZShY25GyIG7hqFGML0Qz6gpZRGaHSd0Lc3wSgoLzGtsIg8hunhfi00dNqMBT - ukCzgfIqbQUuqmOibsWnYvZoXoYKnbRL0Bj8IYvwvu4p2oBQpvM+JR4DC+rv52LI - 583Q6g3LebQ4JuQf8jgxvEEV4UL1CsUBqN3mcRpVUKJS3ijXmzEX9MfpBRcp1rBA - VsiE4Mrk7PXhkwIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFFIv1UuKN2NXaVjRNXDT - Rs/+LT/9MIHTBgNVHSMEgcswgciAFFIv1UuKN2NXaVjRNXDTRs/+LT/9oYGkpIGh - MIGeMQswCQYDVQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQ - MA4GA1UEChMHTm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUy - Mjkubm9yZHZwbi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEW - EGNlcnRAbm9yZHZwbi5jb22CCQDSMUUpoJo1ujAMBgNVHRMEBTADAQH/MA0GCSqG - SIb3DQEBCwUAA4IBAQBf1vr93OIkIFehXOCXYFmAYai8/lK7OQH0SRMYdUPvADjQ - e5tSDK5At2Ew9YLz96pcDhzLqtbQsRqjuqWKWs7DBZ8ZiJg1nVIXxE+C3ezSyuVW - //DdqMeUD80/FZD5kPS2yJJOWfuBBMnaN8Nxb0BaJi9AKFHnfg6Zxqa/FSUPXFwB - wH+zeymL2Dib2+ngvCm9VP3LyfIdvodEJ372H7eG8os8allUnkUzpVyGxI4pN/IB - KROBRPKb+Aa5FWeWgEUHIr+hNrEMvcWfSvZAkSh680GScQeJh5Xb4RGMCW08tb4p - lrojzCvC7OcFeUNW7Ayiuukx8rx/F4+IZ1yJGff9 + MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ + MA4GA1UEChMHTm9yZFZQTjEYMBYGA1UEAxMPTm9yZFZQTiBSb290IENBMB4XDTE2 + MDEwMTAwMDAwMFoXDTM1MTIzMTIzNTk1OVowOTELMAkGA1UEBhMCUEExEDAOBgNV + BAoTB05vcmRWUE4xGDAWBgNVBAMTD05vcmRWUE4gUm9vdCBDQTCCAiIwDQYJKoZI + hvcNAQEBBQADggIPADCCAgoCggIBAMkr/BYhyo0F2upsIMXwC6QvkZps3NN2/eQF + kfQIS1gql0aejsKsEnmY0Kaon8uZCTXPsRH1gQNgg5D2gixdd1mJUvV3dE3y9FJr + XMoDkXdCGBodvKJyU6lcfEVF6/UxHcbBguZK9UtRHS9eJYm3rpL/5huQMCppX7kU + eQ8dpCwd3iKITqwd1ZudDqsWaU0vqzC2H55IyaZ/5/TnCk31Q1UP6BksbbuRcwOV + skEDsm6YoWDnn/IIzGOYnFJRzQH5jTz3j1QBvRIuQuBuvUkfhx1FEwhwZigrcxXu + MP+QgM54kezgziJUaZcOM2zF3lvrwMvXDMfNeIoJABv9ljw969xQ8czQCU5lMVmA + 37ltv5Ec9U5hZuwk/9QO1Z+d/r6Jx0mlurS8gnCAKJgwa3kyZw6e4FZ8mYL4vpRR + hPdvRTWCMJkeB4yBHyhxUmTRgJHm6YR3D6hcFAc9cQcTEl/I60tMdz33G6m0O42s + Qt/+AR3YCY/RusWVBJB/qNS94EtNtj8iaebCQW1jHAhvGmFILVR9lzD0EzWKHkvy + WEjmUVRgCDd6Ne3eFRNS73gdv/C3l5boYySeu4exkEYVxVRn8DhCxs0MnkMHWFK6 + MyzXCCn+JnWFDYPfDKHvpff/kLDobtPBf+Lbch5wQy9quY27xaj0XwLyjOltpiST + LWae/Q4vAgMBAAGjHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqG + SIb3DQEBDQUAA4ICAQC9fUL2sZPxIN2mD32VeNySTgZlCEdVmlq471o/bDMP4B8g + nQesFRtXY2ZCjs50Jm73B2LViL9qlREmI6vE5IC8IsRBJSV4ce1WYxyXro5rmVg/ + k6a10rlsbK/eg//GHoJxDdXDOokLUSnxt7gk3QKpX6eCdh67p0PuWm/7WUJQxH2S + DxsT9vB/iZriTIEe/ILoOQF0Aqp7AgNCcLcLAmbxXQkXYCCSB35Vp06u+eTWjG0/ + pyS5V14stGtw+fA0DJp5ZJV4eqJ5LqxMlYvEZ/qKTEdoCeaXv2QEmN6dVqjDoTAo + k0t5u4YRXzEVCfXAC3ocplNdtCA72wjFJcSbfif4BSC8bDACTXtnPC7nD0VndZLp + +RiNLeiENhk0oTC+UVdSc+n2nJOzkCK0vYu0Ads4JGIB7g8IB3z2t9ICmsWrgnhd + NdcOe15BincrGA8avQ1cWXsfIKEjbrnEuEk9b5jel6NfHtPKoHc9mDpRdNPISeVa + wDBM1mJChneHt59Nh8Gah74+TM1jBsw4fhJPvoc7Atcg740JErb904mZfkIEmojC + VPhBHVQ9LHBAdM8qFI2kRK0IynOmAZhexlP/aT/kpEsEPyaZQlnBn3An1CRz8h0S + PApL8PytggYKeQmRhl499+6jLxcZ2IegLfqq41dzIjwHwTMplg+1pKIOVojpWA== -----END CERTIFICATE----- </ca> key-direction 1 @@ -152,23 +149,24 @@ with import <stockholm/lib>; # 2048 bit OpenVPN static key # -----BEGIN OpenVPN Static key V1----- - 49b2f54c6ee58d2d97331681bb577d55 - 054f56d92b743c31e80b684de0388702 - ad3bf51088cd88f3fac7eb0729f2263c - 51d82a6eb7e2ed4ae6dfa65b1ac764d0 - b9dedf1379c1b29b36396d64cb6fd6b2 - e61f869f9a13001dadc02db171f04c4d - c46d1132c1f31709e7b54a6eabae3ea8 - fbd2681363c185f4cb1be5aa42a27c31 - 21db7b2187fd11c1acf224a0d5a44466 - b4b5a3cc34ec0227fe40007e8b379654 - f1e8e2b63c6b46ee7ab6f1bd82f57837 - 92c209e8f25bc9ed493cb5c1d891ae72 - 7f54f4693c5b20f136ca23e639fd8ea0 - 865b4e22dd2af43e13e6b075f12427b2 - 08af9ffd09c56baa694165f57fe2697a - 3377fa34aebcba587c79941d83deaf45 + e685bdaf659a25a200e2b9e39e51ff03 + 0fc72cf1ce07232bd8b2be5e6c670143 + f51e937e670eee09d4f2ea5a6e4e6996 + 5db852c275351b86fc4ca892d78ae002 + d6f70d029bd79c4d1c26cf14e9588033 + cf639f8a74809f29f72b9d58f9b8f5fe + fc7938eade40e9fed6cb92184abb2cc1 + 0eb1a296df243b251df0643d53724cdb + 5a92a1d6cb817804c4a9319b57d53be5 + 80815bcfcb2df55018cc83fc43bc7ff8 + 2d51f9b88364776ee9d12fc85cc7ea5b + 9741c4f598c485316db066d52db4540e + 212e1518a9bd4828219e24b20d88f598 + a196c9de96012090e333519ae18d3509 + 9427e7b372d348d352dc4c85e18cd4b9 + 3f8a56ddb2e64eb67adfc9b337157ff4 -----END OpenVPN Static key V1----- </tls-auth> + ''; } diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 69e697a1d..2547e8bac 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -2,6 +2,7 @@ with import <stockholm/lib>; { config, pkgs, ... }: { imports = [ + <stockholm/krebs/2configs/nscd-fix.nix> ./binary-cache/client.nix ./gc.nix ./mc.nix @@ -81,9 +82,6 @@ with import <stockholm/lib>; services.timesyncd.enable = mkForce true; - #why is this on in the first place? - services.nscd.enable = false; - systemd.tmpfiles.rules = [ "d /tmp 1777 root root - -" ]; @@ -115,6 +113,7 @@ with import <stockholm/lib>; #network iptables iftop + tcpdump #stuff for dl aria2 diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index f487a9910..555295422 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -96,6 +96,7 @@ with import <stockholm/lib>; { from = "nordvpn@lassul.us"; to = lass.mail; } { from = "csv-direct@lassul.us"; to = lass.mail; } { from = "nintendo@lassul.us"; to = lass.mail; } + { from = "overleaf@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix index 62e3f6d52..a3acb82bb 100644 --- a/lass/2configs/games.nix +++ b/lass/2configs/games.nix @@ -74,7 +74,6 @@ in { createHome = true; useDefaultShell = true; packages = with pkgs; [ - ftb minecraft steam-run dolphinEmu diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 223fc73ba..7fb248139 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -155,6 +155,13 @@ in { ssl_key = "/var/lib/acme/lassul.us/key.pem"; }; + users.users.UBIK-SFTP = { + uid = genid_uint31 "UBIK-SFTP"; + home = "/home/UBIK-SFTP"; + useDefaultShell = true; + createHome = true; + }; + users.users.xanf = { uid = genid_uint31 "xanf"; home = "/home/xanf"; @@ -227,5 +234,22 @@ in { createHome = true; }; + services.restic.backups.domsen = { + initialize = true; + extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr.duckdns.org -p 52222 -i ${toString <secrets> + "/ssh.id_ed25519"} -s sftp'" ]; + repository = "sftp:efOVcMWSZ@wilhelmstr.duckdns.org:/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES"; + passwordFile = toString <secrets> + "/domsen_backup_pw"; + paths = [ + "/srv/http" + "/home/domsen/Mail" + "/home/ms/Mail" + "/home/klabusterbeere/Mail" + "/home/jms/Mail" + "/home/bruno/Mail" + "/home/akayguen/Mail" + "/backups/sql_dumps" + ]; + }; + } diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix index 2491352eb..e40042b2d 100644 --- a/makefu/1systems/cake/config.nix +++ b/makefu/1systems/cake/config.nix @@ -2,6 +2,7 @@ { imports = [ <stockholm/makefu> + ./hardware-config.nix <stockholm/makefu/2configs/tools/core.nix> # configure your hw: # <stockholm/makefu/2configs/save-diskspace.nix> @@ -11,46 +12,10 @@ tinc.retiolum.enable = true; build.host = config.krebs.hosts.cake; }; - boot.loader.grub.enable = false; - boot.loader.generic-extlinux-compatible.enable = true; - boot.kernelPackages = pkgs.linuxPackages_latest; - boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" ]; - programs.info.enable = false; - programs.man.enable = false; + documentation.info.enable = false; + documentation.man.enable = false; services.nixosManual.enable = false; - boot.tmpOnTmpfs = lib.mkForce false; sound.enable = false; - hardware.enableRedistributableFirmware = true; - hardware.firmware = [ - (pkgs.stdenv.mkDerivation { - name = "broadcom-rpi3-rest"; - src = pkgs.fetchurl { - url = "https://raw.githubusercontent.com/RPi-Distro/firmware-nonfree/54bab3d/brcm80211/brcm/brcmfmac43430-sdio.txt"; - sha256 = "19bmdd7w0xzybfassn7x4rb30l70vynnw3c80nlapna2k57xwbw7"; - }; - phases = [ "installPhase" ]; - installPhase = '' - mkdir -p $out/lib/firmware/brcm - cp $src $out/lib/firmware/brcm/brcmfmac43430-sdio.txt - ''; - }) - ]; - networking.wireless.enable = true; - users.extraUsers.root.openssh.authorizedKeys.keys = [ - config.krebs.users.Mic92.pubkey - ]; - -# File systems configuration for using the installer's partition layout - fileSystems = { - "/boot" = { - device = "/dev/disk/by-label/NIXOS_BOOT"; - fsType = "vfat"; - }; - "/" = { - device = "/dev/disk/by-label/NIXOS_SD"; - fsType = "ext4"; - }; - }; } diff --git a/makefu/1systems/cake/hardware-config.nix b/makefu/1systems/cake/hardware-config.nix new file mode 100644 index 000000000..d021f9458 --- /dev/null +++ b/makefu/1systems/cake/hardware-config.nix @@ -0,0 +1,42 @@ +{ pkgs, lib, ... }: +{ + # raspi3 + boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" "console=ttyS1,115200n8" ]; + boot.loader.grub.enable = false; + boot.loader.raspberryPi.enable = true; + boot.loader.raspberryPi.version = 3; + boot.loader.raspberryPi.uboot.enable = true; + boot.loader.raspberryPi.uboot.configurationLimit = 3; + boot.loader.raspberryPi.firmwareConfig = '' + gpu_mem=32 + arm_freq=1350 + core_freq=500 + over_voltage=4 + disable_splash=1 + # bye bye warranty + force_turbo=1 + ''; + boot.loader.generationsDir.enable = lib.mkDefault false; + + boot.tmpOnTmpfs = lib.mkForce false; + boot.cleanTmpDir = true; + hardware.enableRedistributableFirmware = true; + + ## wifi not working, will be fixed with https://github.com/NixOS/nixpkgs/pull/53747 + # boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelPackages = pkgs.linuxPackages_latest; + environment.systemPackages = [ pkgs.raspberrypi-tools ]; + networking.wireless.enable = true; + # File systems configuration for using the installer's partition layout + swapDevices = [ { device = "/var/swap"; size = 2048; } ]; + fileSystems = { + "/boot" = { + device = "/dev/disk/by-label/NIXOS_BOOT"; + fsType = "vfat"; + }; + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + }; + }; +} diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 6024260dc..e274b4bf8 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -22,6 +22,8 @@ in { }; } <stockholm/makefu/2configs/support-nixos.nix> + <stockholm/makefu/2configs/home-manager> + <stockholm/makefu/2configs/home-manager/cli.nix> # <stockholm/makefu/2configs/stats/client.nix> <stockholm/makefu/2configs/stats/netdata-server.nix> @@ -123,7 +125,7 @@ in { #<stockholm/makefu/2configs/nginx/update.connector.one.nix> <stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix> # <stockholm/makefu/2configs/nginx/gold.krebsco.de.nix> - <stockholm/makefu/2configs/nginx/iso.euer.nix> + # <stockholm/makefu/2configs/nginx/iso.euer.nix> <stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix> <stockholm/makefu/2configs/deployment/graphs.nix> diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix index e9670a5a4..542b79fe7 100644 --- a/makefu/1systems/gum/hardware-config.nix +++ b/makefu/1systems/gum/hardware-config.nix @@ -34,7 +34,7 @@ in { prefixLength = external-netmask6; }]; }; - defaultGateway6 = external-gw6; + defaultGateway6 = { address = external-gw6; interface = ext-if; }; defaultGateway = external-gw; }; boot.kernelParams = [ ]; diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix index 1e36c6e87..43586ede4 100644 --- a/makefu/1systems/gum/source.nix +++ b/makefu/1systems/gum/source.nix @@ -2,4 +2,5 @@ name="gum"; torrent = true; clever_kexec = true; + home-manager = true; } diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index 5a4eea2e4..35779507b 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -69,6 +69,7 @@ # Hardware <stockholm/makefu/2configs/hw/tp-x230.nix> <stockholm/makefu/2configs/hw/mceusb.nix> + <stockholm/makefu/2configs/hw/malduino_elite.nix> # <stockholm/makefu/2configs/hw/tpm.nix> # <stockholm/makefu/2configs/hw/rtl8812au.nix> <stockholm/makefu/2configs/hw/network-manager.nix> diff --git a/makefu/2configs/bureautomation/hass.nix b/makefu/2configs/bureautomation/hass.nix index a89a4813f..57184bdf7 100644 --- a/makefu/2configs/bureautomation/hass.nix +++ b/makefu/2configs/bureautomation/hass.nix @@ -3,19 +3,14 @@ let tasmota_plug = name: topic: { platform = "mqtt"; inherit name; - state_topic = "/bam/${topic}/stat/POWER1"; - command_topic = "/bam/${topic}/cmnd/POWER1"; + state_topic = "/bam/${topic}/stat/POWER"; + command_topic = "/bam/${topic}/cmnd/POWER"; availability_topic = "/bam/${topic}/tele/LWT"; payload_on= "ON"; payload_off= "OFF"; payload_available= "Online"; payload_not_available= "Offline"; }; - tasmota_stecki = name: topic: - ( tasmota_plug name topic) // - { state_topic = "/bam/${topic}/stat/POWER"; - command_topic = "/bam/${topic}/cmnd/POWER"; - }; espeasy_dht22 = name: [ { platform = "mqtt"; name = "${name} DHT22 Temperature"; @@ -77,8 +72,8 @@ in { switch = [ (tasmota_plug "Bauarbeiterlampe" "plug") (tasmota_plug "Blitzdings" "plug2") - (tasmota_stecki "Fernseher" "fernseher") - (tasmota_plug "Pluggy" "plug4") + (tasmota_plug "Fernseher" "plug3") + (tasmota_plug "Feuer" "plug4") ]; binary_sensor = [ { platform = "mqtt"; @@ -179,7 +174,7 @@ in { "switch.bauarbeiterlampe" "switch.blitzdings" "switch.fernseher" - "switch.pluggy" + "switch.feuer" ]; camera = [ "camera.Baumarkt" @@ -212,7 +207,7 @@ in { }; action = { service = "homeassistant.turn_on"; - entity_id = [ "switch.fernseher" "switch.blitzdings" ]; + entity_id = [ "switch.fernseher" "switch.feuer" ]; }; } { alias = "Turn off Fernseher 10 minutes after last movement"; @@ -231,7 +226,7 @@ in { ]; action = { service = "homeassistant.turn_off"; - entity_id = [ "switch.fernseher" "switch.blitzdings" ]; + entity_id = [ "switch.fernseher" "switch.feuer" ]; }; condition = { condition = "and"; diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index cbfb4da1c..177114a49 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -84,5 +84,5 @@ with import <stockholm/lib>; SystemMaxUse=1G RuntimeMaxUse=128M ''; - + environment.pathsToLink = [ "/share" ]; } diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix index 6bcd09826..63ce6201a 100644 --- a/makefu/2configs/gui/base.nix +++ b/makefu/2configs/gui/base.nix @@ -28,6 +28,7 @@ in windowManager = { awesome.enable = true; + awesome.noArgb = true; awesome.luaModules = [ pkgs.luaPackages.vicious ]; default = "awesome"; }; diff --git a/makefu/2configs/home-manager/desktop.nix b/makefu/2configs/home-manager/desktop.nix index 40a1c6497..3be020faa 100644 --- a/makefu/2configs/home-manager/desktop.nix +++ b/makefu/2configs/home-manager/desktop.nix @@ -1,8 +1,9 @@ { pkgs, lib, ... }: { - users.users.makefu.packages = with pkgs;[ bat direnv ]; + users.users.makefu.packages = with pkgs;[ bat direnv clipit ]; home-manager.users.makefu = { + systemd.user.services.network-manager-applet.Service.Environment = ''XDG_DATA_DIRS=/run/current-system/sw/share:${pkgs.networkmanagerapplet}/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache''; programs.browserpass = { browsers = [ "firefox" ] ; enable = true; }; programs.firefox.enable = true; programs.obs-studio.enable = true; @@ -36,6 +37,7 @@ }; Service = { + Environment = ''XDG_DATA_DIRS=/run/current-system/sw/share:${pkgs.clipit}/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache''; ExecStart = "${pkgs.clipit}/bin/clipit"; Restart = "on-abort"; }; diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix index dff6d9337..59658e667 100644 --- a/makefu/2configs/home-manager/zsh.nix +++ b/makefu/2configs/home-manager/zsh.nix @@ -56,7 +56,7 @@ ]; } EOF - ${EDITOR:-vim} default.nix + ''${EDITOR:-vim} default.nix fi } eval "$(direnv hook zsh)" diff --git a/makefu/2configs/hw/malduino_elite.nix b/makefu/2configs/hw/malduino_elite.nix new file mode 100644 index 000000000..1af85493f --- /dev/null +++ b/makefu/2configs/hw/malduino_elite.nix @@ -0,0 +1,15 @@ +{ config, lib, pkgs, ... }: + +{ + + services.udev.extraRules = '' + ACTION!="add|change", GOTO="mm_usb_device_blacklist_local_end" + SUBSYSTEM!="usb", GOTO="mm_usb_device_blacklist_local_end" + ENV{DEVTYPE}!="usb_device", GOTO="mm_usb_device_blacklist_local_end" + + ATTRS{idVendor}=="1b4f" ATTRS{idProduct}=="9204", ENV{ID_MM_DEVICE_IGNORE}="1" + ATTRS{idVendor}=="1b4f" ATTRS{idProduct}=="9203", ENV{ID_MM_DEVICE_IGNORE}="1" + + LABEL="mm_usb_device_blacklist_local_end" + ''; +} diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix index fb1a67358..0889ebbc1 100644 --- a/makefu/2configs/printer.nix +++ b/makefu/2configs/printer.nix @@ -6,7 +6,8 @@ in { services.printing = { enable = true; drivers = with pkgs; [ - samsungUnifiedLinuxDriver + # samsungUnifiedLinuxDriver + splix # scx 3200 cups-dymo # dymo labelwriter foo2zjs # magicolor 1690mf cups-zj-58 diff --git a/makefu/2configs/tools/android-pentest.nix b/makefu/2configs/tools/android-pentest.nix index 9dedafdd2..05560db90 100644 --- a/makefu/2configs/tools/android-pentest.nix +++ b/makefu/2configs/tools/android-pentest.nix @@ -1,6 +1,7 @@ { pkgs, ... }: { + nixpkgs.config.android_sdk.accept_license = true; users.users.makefu.packages = with pkgs; [ mitmproxy nmap diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index 09ee63498..f8e3f9f46 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -22,6 +22,7 @@ cdrtools # nix related nix-index + nix-review # git-related tig ]; diff --git a/makefu/5pkgs/baidudl/default.nix b/makefu/5pkgs/baidudl/default.nix new file mode 100644 index 000000000..3c701fd6a --- /dev/null +++ b/makefu/5pkgs/baidudl/default.nix @@ -0,0 +1,23 @@ +{ stdenv, lib, pkgs, curl, jansson ,fetchFromGitHub, autoreconfHook }: +stdenv.mkDerivation rec { + pname = "baidudl"; + version = "2018-01-16"; + name = "${pname}-${version}"; + + src = fetchFromGitHub { + owner = "yzfedora"; + repo = "baidudl"; + rev = "712f2554a5ef7b2eba5c248d6406a6c535ef47b2"; + sha256 = "1nfzalyd9k87q6njdxpg7pa62q6hyfr2vwxwvahaflyp31nlpa0y"; + }; + + + nativeBuildInputs = [ autoreconfHook ]; + buildInputs = [ curl.dev jansson ]; + + meta = { + homepage = https://github.com/yzfedora/baidudl; + description = "This is a multi-thread download tool for pan.baidu.com"; + license = lib.licenses.gpl3; + }; +} diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index 6e86f4264..8ae41427c 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -21,9 +21,19 @@ with super.lib; with builtins; let in { quodlibet = super.pkgs.stdenv.lib.overrideDerivation super.quodlibet (old: { + doCheck = false; # 1 error because of warnings (possibly upstream) patches = [ ./custom/quodlibet/single-digit-discnumber.patch ./custom/quodlibet/remove-override-warning.patch ]; }); + rclone = super.pkgs.stdenv.lib.overrideDerivation super.rclone (old: { + postInstall = old.postInstall + '' + + $bin/bin/rclone genautocomplete zsh _rclone + install -D -m644 _rclone $bin/share/zsh/vendor-completions/_rclone + $bin/bin/rclone genautocomplete bash _rclone + install -D -m644 _rclone $bin/etc/bash_completion.d/rclone + ''; + }); alsa-hdspconf = callPackage ./custom/alsa-tools { alsaToolTarget="hdspconf";}; alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";}; alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";}; diff --git a/makefu/krops.nix b/makefu/krops.nix index 30db07667..57a3b3bbf 100644 --- a/makefu/krops.nix +++ b/makefu/krops.nix @@ -74,7 +74,7 @@ (lib.mkIf ( host-src.home-manager ) { home-manager.git = { url = https://github.com/rycee/home-manager; - ref = "f947faf"; + ref = "4aa07c3"; }; }) ]; diff --git a/makefu/nixpkgs.json b/makefu/nixpkgs.json index ae35f9e76..d62fd65ca 100644 --- a/makefu/nixpkgs.json +++ b/makefu/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/makefu/nixpkgs", - "rev": "9728b2e83406c76efc734ebb1923f23b8e687819", - "date": "2018-11-19T20:36:35+01:00", - "sha256": "0nk75ldppjr6x04hgghgg9vanr1cw4k5xhg699d38g2rpxviz5bp", + "rev": "125873064a6eabd2896833d00aede7778a453fdf", + "date": "2019-01-11T14:24:21+01:00", + "sha256": "1ki50426m9simqvxdzckfgycibz5rdhwl6hzi31i72dqiafl8j6s", "fetchSubmodules": false } |