diff options
35 files changed, 893 insertions, 38 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 69613d4c3..ea1894709 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -14,6 +14,7 @@ let ./iptables.nix ./nginx.nix ./Reaktor.nix + ./realwallpaper.nix ./retiolum.nix ./urlwatch.nix ]; diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index aa071270c..9dbc597ed 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -34,9 +34,11 @@ with import ../../4lib { inherit lib; }; ''; }; }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL21QDOEFdODFh6WAfNp6odrXo15pEsDQuGJfMu/cKzK"; }; fastpoke = { - dc = "lass"; #dc = "cac"; + dc = "lass"; nets = rec { internet = { addrs4 = ["193.22.164.36"]; @@ -95,6 +97,8 @@ with import ../../4lib { inherit lib; }; ''; }; }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN7oYx7Lbkc0wPYNp92LQF93DCtxsGzOkVD91FJQzVZl"; }; uriel = { cores = 1; @@ -119,6 +123,8 @@ with import ../../4lib { inherit lib; }; ''; }; }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBryIo/Waw8SWvlQ0+5I+Bd/dJgcMd6iPXtELS6gQXoc"; secure = true; }; mors = { @@ -145,6 +151,8 @@ with import ../../4lib { inherit lib; }; }; }; secure = true; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAMPlIG+6u75GJ3kvsPF6OoIZsU+u8ZQ+rdviv5fNMD"; }; }; diff --git a/lass/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index 85dd35233..7e02538f5 100644 --- a/lass/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -8,12 +8,10 @@ let mkIf ; - lpkgs = import ../5pkgs { inherit pkgs; }; - - cfg = config.lass.realwallpaper; + cfg = config.krebs.realwallpaper; out = { - options.lass.realwallpaper = api; + options.krebs.realwallpaper = api; config = mkIf cfg.enable imp; }; @@ -57,13 +55,13 @@ let imp = { systemd.timers.realwallpaper = { description = "real wallpaper generator timer"; + wantedBy = [ "timers.target" ]; timerConfig = cfg.timerConfig; }; systemd.services.realwallpaper = { description = "real wallpaper generator"; - wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; path = with pkgs; [ @@ -85,7 +83,7 @@ let serviceConfig = { Type = "simple"; - ExecStart = "${lpkgs.realwallpaper}/realwallpaper.sh"; + ExecStart = "${pkgs.realwallpaper}/realwallpaper.sh"; User = "realwallpaper"; }; }; diff --git a/krebs/5pkgs/Reaktor/default.nix b/krebs/5pkgs/Reaktor/default.nix index 524782081..c38aa6423 100644 --- a/krebs/5pkgs/Reaktor/default.nix +++ b/krebs/5pkgs/Reaktor/default.nix @@ -2,14 +2,14 @@ python3Packages.buildPythonPackage rec { name = "Reaktor-${version}"; - version = "0.4.3"; + version = "0.5.0"; propagatedBuildInputs = with pkgs;[ python3Packages.docopt python3Packages.requests2 ]; src = fetchurl { url = "https://pypi.python.org/packages/source/R/Reaktor/Reaktor-${version}.tar.gz"; - sha256 = "1rvfw9vg7i7z2ah7m5k3zik2b92d3xdaqa8am62qw6vgvmxcmfp4"; + sha256 = "1npag52xmnyqv56z0anyf6xf00q0smfzsippal0xdbxrfj7s8qim"; }; meta = { homepage = http://krebsco.de/; diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 47e9341cc..c48c3dee8 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -21,7 +21,9 @@ rec { nq = callPackage ./nq {}; posix-array = callPackage ./posix-array {}; pssh = callPackage ./pssh {}; + passwdqc-utils = callPackage ./passwdqc-utils {}; Reaktor = callPackage ./Reaktor {}; + realwallpaper = callPackage ./realwallpaper.nix {}; youtube-tools = callPackage ./youtube-tools {}; execve = name: { filename, argv, envp ? {}, destination ? "" }: diff --git a/krebs/5pkgs/passwdqc-utils/default.nix b/krebs/5pkgs/passwdqc-utils/default.nix new file mode 100644 index 000000000..0299715ba --- /dev/null +++ b/krebs/5pkgs/passwdqc-utils/default.nix @@ -0,0 +1,27 @@ +{stdenv,pam,fetchurl,...}: + +stdenv.mkDerivation rec { + name = "passwdqc-utils-${version}"; + version = "1.3.0"; + buildInputs = [ pam ]; + src = fetchurl { + url = "http://www.openwall.com/passwdqc/passwdqc-${version}.tar.gz"; + sha256 = "0l3zbrp4pvah0dz33m48aqlz9nx663cc1fqhnlwr0p853b10la93"; + }; + buildTargets = "utils"; + installFlags= [ "BINDIR=$(out)/bin" + "CONFDIR=$(out)/etc" + "SHARED_LIBDIR=$(out)/lib" + "DEVEL_LIBDIR=$(out)/lib" + "SECUREDIR=$(out)/lib/security" + "INCLUDEDIR=$(out)/include" + "MANDIR=$(out)/man"]; + installTargets = "install_lib install_utils"; + + meta = { + description = "passwdqc utils (pwqgen,pwqcheck) and library"; + license = stdenv.lib.licenses.bsd3; + maintainers = [ stdenv.lib.maintainers.makefu ]; + patforms = stdenv.lib.platforms.linux; # more installFlags must be set for Darwin,Solaris + }; +} diff --git a/lass/5pkgs/realwallpaper.nix b/krebs/5pkgs/realwallpaper.nix index 4fea977ec..4fea977ec 100644 --- a/lass/5pkgs/realwallpaper.nix +++ b/krebs/5pkgs/realwallpaper.nix diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix index 45f7ebd70..1320e0782 100644 --- a/lass/1systems/echelon.nix +++ b/lass/1systems/echelon.nix @@ -13,6 +13,10 @@ in { ../2configs/retiolum.nix ../2configs/realwallpaper-server.nix ../2configs/privoxy-retiolum.nix + ../2configs/git.nix + ../2configs/redis.nix + ../2configs/go.nix + ../2configs/ircd.nix { networking.interfaces.enp2s1.ip4 = [ { @@ -43,6 +47,6 @@ in { }; }; - networking.hostName = "echelon"; + networking.hostName = config.krebs.build.host.name; } diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 5cc03501f..c0c33828b 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -24,6 +24,7 @@ ../2configs/bitlbee.nix ../2configs/firefoxPatched.nix ../2configs/realwallpaper.nix + ../2configs/skype.nix ]; krebs.build = { diff --git a/lass/2configs/desktop-base.nix b/lass/2configs/desktop-base.nix index ed84edefa..4e693997d 100644 --- a/lass/2configs/desktop-base.nix +++ b/lass/2configs/desktop-base.nix @@ -28,14 +28,14 @@ in { environment.systemPackages = with pkgs; [ powertop + sxiv + much #window manager stuff haskellPackages.xmobar haskellPackages.yeganesh dmenu2 xlibs.fontschumachermisc - - sxiv ]; fonts.fonts = [ diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 78e6f0baa..d63705ab6 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -31,6 +31,7 @@ let }; wai-middleware-time = {}; web-routes-wai-custom = {}; + go = {}; }; restricted-repos = mapAttrs make-restricted-repo ( @@ -51,7 +52,7 @@ let nick = config.krebs.build.host.name; channel = "#retiolum"; server = "cd.retiolum"; - verbose = config.krebs.build.host.name == "cloudkrebs"; + verbose = config.krebs.build.host.name == "echelon"; }; }; }; diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix new file mode 100644 index 000000000..30d3e6ae5 --- /dev/null +++ b/lass/2configs/go.nix @@ -0,0 +1,16 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ../3modules/go.nix + ]; + environment.systemPackages = [ + pkgs.go + ]; + lass.go = { + enable = true; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 1337"; target = "ACCEPT"; } + ]; +} diff --git a/lass/2configs/ircd.nix b/lass/2configs/ircd.nix index f71b769fd..e48bbfd3e 100644 --- a/lass/2configs/ircd.nix +++ b/lass/2configs/ircd.nix @@ -1,12 +1,16 @@ { config, pkgs, ... }: { - config.services.charybdis = { + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 6667"; target = "ACCEPT"; } + ]; + + services.charybdis = { enable = true; config = '' serverinfo { - name = "ire.irc.retiolum"; - sid = "4z3"; + name = "${config.krebs.build.host.name}.irc.retiolum"; + sid = "1as"; description = "miep!"; network_name = "irc.retiolum"; network_desc = "Retiolum IRC Network"; diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix index f1c8861e1..c69cb1660 100644 --- a/lass/2configs/realwallpaper.nix +++ b/lass/2configs/realwallpaper.nix @@ -1,9 +1,5 @@ { config, ... }: { - imports = [ - ../3modules/realwallpaper.nix - ]; - - lass.realwallpaper.enable = true; + krebs.realwallpaper.enable = true; } diff --git a/lass/2configs/redis.nix b/lass/2configs/redis.nix new file mode 100644 index 000000000..8dd8df5c3 --- /dev/null +++ b/lass/2configs/redis.nix @@ -0,0 +1,8 @@ +{ config, ... }: + +{ + config.services.redis = { + enable = true; + bind = "127.0.0.1"; + }; +} diff --git a/lass/2configs/skype.nix b/lass/2configs/skype.nix new file mode 100644 index 000000000..7e4618a7b --- /dev/null +++ b/lass/2configs/skype.nix @@ -0,0 +1,30 @@ +{ config, pkgs, ... }: + +let + mainUser = config.users.extraUsers.mainUser; + +in { + imports = [ + ../3modules/per-user.nix + ]; + + users.extraUsers = { + skype = { + name = "skype"; + uid = 2259819492; #genid skype + description = "user for running skype"; + home = "/home/skype"; + useDefaultShell = true; + extraGroups = [ "audio" "video" ]; + createHome = true; + }; + }; + + lass.per-user.skype.packages = [ + pkgs.skype + ]; + + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(skype) NOPASSWD: ALL + ''; +} diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 9b6211278..9de987bf3 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -3,6 +3,5 @@ _: { imports = [ ./xresources.nix - ./realwallpaper.nix ]; } diff --git a/lass/3modules/go.nix b/lass/3modules/go.nix new file mode 100644 index 000000000..aa900f118 --- /dev/null +++ b/lass/3modules/go.nix @@ -0,0 +1,61 @@ +{ config, lib, pkgs, ... }: + +with builtins; +with lib; + +let + cfg = config.lass.go; + + out = { + options.lass.go = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "Enable go url shortener"; + port = mkOption { + type = types.str; + default = "1337"; + description = "on which port go should run on"; + }; + redisKeyPrefix = mkOption { + type = types.str; + default = "go:"; + description = "change the Redis key prefix which defaults to `go:`"; + }; + }; + + imp = { + users.extraUsers.go = { + name = "go"; + uid = 42774411; #genid go + description = "go url shortener user"; + home = "/var/lib/go"; + createHome = true; + }; + + systemd.services.go = { + description = "go url shortener"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + path = with pkgs; [ + go + ]; + + environment = { + PORT = cfg.port; + REDIS_KEY_PREFIX = cfg.redisKeyPrefix; + }; + + restartIfChanged = true; + + serviceConfig = { + User = "go"; + Restart = "always"; + ExecStart = "${pkgs.go}/bin/go"; + }; + }; + }; + +in out diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index 6954c6a2c..e3e49e37e 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -13,5 +13,5 @@ rec { ublock = callPackage ./firefoxPlugins/ublock.nix {}; vimperator = callPackage ./firefoxPlugins/vimperator.nix {}; }; - realwallpaper = callPackage ./realwallpaper.nix {}; + go = callPackage ./go/default.nix {}; } diff --git a/lass/5pkgs/go/default.nix b/lass/5pkgs/go/default.nix new file mode 100644 index 000000000..9dd166adc --- /dev/null +++ b/lass/5pkgs/go/default.nix @@ -0,0 +1,57 @@ +{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodePackages, nodejs }: + +with lib; + +let + np = nodePackages.override { + generated = ./packages.nix; + self = np; + }; + + node_env = buildEnv { + name = "node_env"; + paths = [ + np.redis + np."formidable" + ]; + pathsToLink = [ "/lib" ]; + ignoreCollisions = true; + }; + +in nodePackages.buildNodePackage { + name = "go"; + + src = fetchgit { + url = "http://cgit.echelon/go/"; + rev = "05d02740e0adbb36cc461323647f0c1e7f493156"; + sha256 = "6015c9a93317375ae8099c7ab982df0aa93a59ec2b48972e253887bb6ca0004f"; + }; + + phases = [ + "unpackPhase" + "installPhase" + ]; + + deps = (filter (v: nixType v == "derivation") (attrValues np)); + + buildInputs = [ + nodejs + makeWrapper + ]; + + installPhase = '' + mkdir -p $out/bin + + cp index.js $out/ + cat > $out/go << EOF + ${nodejs}/bin/node $out/index.js + EOF + chmod +x $out/go + + wrapProgram $out/go \ + --prefix NODE_PATH : ${node_env}/lib/node_modules + + ln -s $out/go /$out/bin/go + ''; + +} diff --git a/lass/5pkgs/go/packages.nix b/lass/5pkgs/go/packages.nix new file mode 100644 index 000000000..9acfd7658 --- /dev/null +++ b/lass/5pkgs/go/packages.nix @@ -0,0 +1,44 @@ +{ self, fetchurl, fetchgit ? null, lib }: + +{ + by-spec."formidable"."*" = + self.by-version."formidable"."1.0.17"; + by-version."formidable"."1.0.17" = self.buildNodePackage { + name = "formidable-1.0.17"; + version = "1.0.17"; + bin = false; + src = fetchurl { + url = "http://registry.npmjs.org/formidable/-/formidable-1.0.17.tgz"; + name = "formidable-1.0.17.tgz"; + sha1 = "ef5491490f9433b705faa77249c99029ae348559"; + }; + deps = { + }; + optionalDependencies = { + }; + peerDependencies = []; + os = [ ]; + cpu = [ ]; + }; + "formidable" = self.by-version."formidable"."1.0.17"; + by-spec."redis"."*" = + self.by-version."redis"."2.1.0"; + by-version."redis"."2.1.0" = self.buildNodePackage { + name = "redis-2.1.0"; + version = "2.1.0"; + bin = false; + src = fetchurl { + url = "http://registry.npmjs.org/redis/-/redis-2.1.0.tgz"; + name = "redis-2.1.0.tgz"; + sha1 = "38acb208f90750250f9451219b73ff08ae907f94"; + }; + deps = { + }; + optionalDependencies = { + }; + peerDependencies = []; + os = [ ]; + cpu = [ ]; + }; + "redis" = self.by-version."redis"."2.1.0"; +} diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix index 7698ea14d..e7ceca60d 100644 --- a/makefu/1systems/pnp.nix +++ b/makefu/1systems/pnp.nix @@ -23,7 +23,9 @@ ## \/ are only plugins, must enable Reaktor explicitly ../2configs/Reaktor/stockholmLentil.nix ../2configs/Reaktor/simpleExtend.nix + ../2configs/Reaktor/random-emoji.nix ../2configs/Reaktor/titlebot.nix + ../2configs/Reaktor/shack-correct.nix ../2configs/exim-retiolum.nix ../2configs/urlwatch.nix @@ -34,7 +36,7 @@ krebs.Reaktor.debug = true; krebs.Reaktor.nickname = "Reaktor|bot"; krebs.Reaktor.extraEnviron = { - REAKTOR_CHANNELS = "#krebs,#binaergewitter"; + REAKTOR_CHANNELS = "#krebs,#binaergewitter,#shackspace"; }; krebs.build.host = config.krebs.hosts.pnp; diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix index d43f89a03..d208e5112 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/pornocauster.nix @@ -42,7 +42,7 @@ krebs.build.user = config.krebs.users.makefu; krebs.build.target = "root@pornocauster"; - + environment.systemPackages = with pkgs;[ get]; networking.firewall.allowedTCPPorts = [ 25 ]; diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index 9368f1ae5..819a208ac 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -32,8 +32,8 @@ in { makefu.tinc_graphs.enable = true; makefu.tinc_graphs.krebsNginx = { enable = true; - hostnames_complete = [ "graphs.wry" "graphs.wry.retiolum" ]; - # TODO: remove hard-coded path + # TODO: remove hard-coded hostname + hostnames_complete = [ "graphs.wry" ]; hostnames_anonymous = [ "graphs.krebsco.de" ]; }; networking.firewall.allowedTCPPorts = [80]; diff --git a/makefu/2configs/Reaktor/random-emoji.nix b/makefu/2configs/Reaktor/random-emoji.nix new file mode 100644 index 000000000..b2d99b36b --- /dev/null +++ b/makefu/2configs/Reaktor/random-emoji.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, ... }: + +with pkgs; +let + rpkg = pkgs.substituteAll( { + name="random-emoji"; + dir= "bin"; + isExecutable=true; + src= ./random-emoji.sh; + }); + rpkg-path = lib.makeSearchPath "bin" (with pkgs; [ + coreutils + gnused + gnugrep + curl]); +in { + # TODO: make origin a variable, <- module is generic enough to handle different origins, not only stockholm + krebs.Reaktor.extraConfig = '' + public_commands.insert(0,{ + 'capname' : "emoji", + 'pattern' : indirect_pattern.format("emoji"), + 'argv' : ["${rpkg}/bin/random-emoji"], + 'env' : { 'PATH':'${rpkg-path}' } }) + ''; +} diff --git a/makefu/2configs/Reaktor/random-emoji.sh b/makefu/2configs/Reaktor/random-emoji.sh new file mode 100644 index 000000000..913d615be --- /dev/null +++ b/makefu/2configs/Reaktor/random-emoji.sh @@ -0,0 +1,5 @@ +#!/bin/sh +curl http://emojicons.com/random -s | \ + grep data-text | \ + sed -n 's/.*>\(.*\)<\/textarea>/\1/p' | \ + head -n 1 diff --git a/makefu/2configs/Reaktor/shack-correct.nix b/makefu/2configs/Reaktor/shack-correct.nix new file mode 100644 index 000000000..8f30807f1 --- /dev/null +++ b/makefu/2configs/Reaktor/shack-correct.nix @@ -0,0 +1,20 @@ +{ config, lib, pkgs, ... }: + +with pkgs; +let + script = pkgs.substituteAll ( { + name="shack-correct"; + isExecutable=true; + dir = ""; + src = ./shack-correct.sh; + }); +in { + krebs.Reaktor.extraConfig = '' + public_commands.insert(0,{ + 'capname' : "shack-correct", + 'pattern' : '^(?P<args>.*Shack.*)$$', + 'argv' : ["${script}"], + 'env' : { }}) + ''; +} + diff --git a/makefu/2configs/Reaktor/shack-correct.sh b/makefu/2configs/Reaktor/shack-correct.sh new file mode 100644 index 000000000..3b4d04f80 --- /dev/null +++ b/makefu/2configs/Reaktor/shack-correct.sh @@ -0,0 +1,6 @@ +#! /bin/sh +set -eu +printf "Sie meinten wohl \"" +echo -n $@ | sed 's/Shack/shack/g' +echo "\"" +echo "${_from}--" diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix index 6896a66dc..30e4c735e 100644 --- a/makefu/2configs/base-gui.nix +++ b/makefu/2configs/base-gui.nix @@ -13,6 +13,7 @@ with lib; let mainUser = config.krebs.build.user.name; + awesomecfg = pkgs.awesomecfg.full; in { imports = [ ]; @@ -32,6 +33,13 @@ in displayManager.auto.user = mainUser; desktopManager.xterm.enable = false; }; + nixpkgs.config.packageOverrides = pkgs: rec { + awesome = pkgs.stdenv.lib.overrideDerivation pkgs.awesome (oldAttrs : { + postInstall = '' + cp ${awesomecfg} $out/etc/xdg/awesome/rc.lua + ''; + }); + }; i18n.consoleFont = "Lat2-Terminus16"; diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 40b51e601..1277a014e 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -29,6 +29,7 @@ let hooks = { post-receive = git.irc-announce { nick = config.networking.hostName; + verbose = config.krebs.build.host.name == "pnp"; channel = "#retiolum"; # TODO remove the hardcoded hostname server = "cd.retiolum"; diff --git a/makefu/3modules/tinc_graphs.nix b/makefu/3modules/tinc_graphs.nix index 10f1b23a0..62d607527 100644 --- a/makefu/3modules/tinc_graphs.nix +++ b/makefu/3modules/tinc_graphs.nix @@ -24,21 +24,22 @@ let # configure krebs nginx to serve the new graphs enable = mkEnableOption "tinc_graphs nginx"; - hostnames_complete = { + hostnames_complete = mkOption { #TODO: this is not a secure way to serve these graphs,better listen to # the correct interface, krebs.nginx does not support this yet type = with types; listOf str; description = "hostname which serves complete graphs"; - default = config.krebs.build.host.name; + default = [ "graphs.${config.krebs.build.host.name}" ]; }; - hostnames_anonymous = { + hostnames_anonymous = mkOption { type = with types; listOf str; description = '' hostname which serves anonymous graphs must be different from hostname_complete ''; + default = [ "anongraphs.${config.krebs.build.host.name}" ]; }; }; @@ -63,29 +64,38 @@ let environment.systemPackages = [ pkgs.tinc_graphs]; systemd.timers.tinc_graphs = { description = "Build Tinc Graphs via via timer"; - + wantedBy = [ "timers.target"]; timerConfig = cfg.timerConfig; }; systemd.services.tinc_graphs = { description = "Build Tinc Graphs"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; environment = { EXTERNAL_FOLDER = external_dir; INTERNAL_FOLDER = internal_dir; GEODB = cfg.geodbPath; + TINC_HOSTPATH=config.krebs.retiolum.hosts; }; restartIfChanged = true; serviceConfig = { Type = "simple"; + ExecStartPre = pkgs.writeScript "tinc_graphs-init" '' #!/bin/sh mkdir -p "${external_dir}" "${internal_dir}" ''; + ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs"; - User = "root"; # tinc cannot be queried as user, + + ExecStartPost = pkgs.writeScript "tinc_graphs-post" '' + #!/bin/sh + # TODO: this may break if workingDir is set to something stupid + # this is needed because homedir is created with 700 + chmod 755 "${cfg.workingDir}" + ''; + + User = "root"; # tinc cannot be queried as user, # seems to be a tinc-pre issue privateTmp = true; }; @@ -93,7 +103,7 @@ let users.extraUsers.tinc_graphs = { uid = 3925439960; #genid tinc_graphs - home = "/var/cache/tinc_graphs"; + home = "/var/spool/tinc_graphs"; createHome = true; }; @@ -102,15 +112,16 @@ let server-names = cfg.krebsNginx.hostnames_complete; locations = [ (nameValuePair "/" '' + autoindex on; root ${internal_dir}; '') ]; }; tinc_graphs_anonymous = { server-names = cfg.krebsNginx.hostnames_anonymous; - #server-names = [ "dick" ]; locations = [ (nameValuePair "/" '' + autoindex on; root ${external_dir}; '') ]; diff --git a/makefu/5pkgs/awesomecfg/default.nix b/makefu/5pkgs/awesomecfg/default.nix new file mode 100644 index 000000000..32f831cf7 --- /dev/null +++ b/makefu/5pkgs/awesomecfg/default.nix @@ -0,0 +1,5 @@ +_: + +{ + full = ./full.cfg; +} diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg new file mode 100644 index 000000000..b3f94e655 --- /dev/null +++ b/makefu/5pkgs/awesomecfg/full.cfg @@ -0,0 +1,514 @@ +-- Standard awesome library +local gears = require("gears") +local awful = require("awful") +local vicious = require("vicious") +awful.rules = require("awful.rules") +require("awful.autofocus") +-- Widget and layout library +local wibox = require("wibox") +-- Theme handling library +local beautiful = require("beautiful") +-- Notification library +local naughty = require("naughty") +local menubar = require("menubar") + +-- {{{ Error handling +-- Check if awesome encountered an error during startup and fell back to +-- another config (This code will only ever execute for the fallback config) +if awesome.startup_errors then + naughty.notify({ preset = naughty.config.presets.critical, + title = "Oops, there were errors during startup!", + text = awesome.startup_errors }) +end + +-- Handle runtime errors after startup +do + local in_error = false + awesome.connect_signal("debug::error", function (err) + -- Make sure we don't go into an endless error loop + if in_error then return end + in_error = true + + naughty.notify({ preset = naughty.config.presets.critical, + title = "Oops, an error happened!", + text = err }) + in_error = false + end) +end +-- }}} +volwidget = wibox.widget.textbox() +vicious.register(volwidget, vicious.widgets.volume, " $1% ", 2, "Master") + +-- {{{ Mails widget type +local function worker(format,warg) + local ncount = 0 + for line in io.popen("ls "..warg..'/new'):lines() do + ncount = ncount +1 + end + local count = 2 + --for line in io.popen("ls "..warg..'/new'):lines() do + -- count = count +1 + --end + return {ncount,count} +end + +vicious_mails = setmetatable({}, { __call = function(_, ...) return worker(...) end }) +mailwidget = wibox.widget.textbox() + +local function only_new (widget,args) + if args[1] > 0 then + return string.format("%s new",args[1]) + else + return "" + end +end + +vicious.register(mailwidget, vicious_mails,only_new ,60,"~/Mail/localhost") + +--mdirwidget = wibox.widget.textbox() +--vicious.register(mdirwidget, vicious.widgets.mdir, ) + +cpuwidget = awful.widget.graph() +-- Graph properties +cpuwidget:set_width(50) +cpuwidget:set_background_color("#494B4F") +cpuwidget:set_color({ type = "linear", from = { 0, 0 }, to = { 10,0 }, stops = { {0, "#FF5656"}, {0.5, "#88A175"}, + {1, "#AECF96" }}}) +vicious.register(cpuwidget, vicious.widgets.cpu, "$1") + +-- Register widget +batwidget = wibox.widget.textbox() +vicious.register(batwidget, vicious.widgets.bat, "$2%", 61, "BAT0") + +-- {{{ Variable definitions +-- Themes define colours, icons, and wallpapers +-- beautiful.init("/usr/share/awesome/themes/default/theme.lua") +-- ./qbx8r72yzaxpz41zq00902zwajl31b5h-awesome-3.5.6/share/awesome/lib/beautiful.lua +-- +-- Find the default theme + +-- +-- beautiful.init("/nix/store/qbx8r72yzaxpz41zq00902zwajl31b5h-awesome-3.5.6/share/awesome/themes/default/theme.lua") + +-- This is used later as the default terminal and editor to run. +terminal = "urxvt" +editor = os.getenv("EDITOR") or "vim" +editor_cmd = terminal .. " -e " .. editor +browser = "firefox" + +-- Default modkey. +-- Usually, Mod4 is the key with a logo between Control and Alt. +-- If you do not like this or do not have such a key, +-- I suggest you to remap Mod4 to another key using xmodmap or other tools. +-- However, you can use another modifier like Mod1, but it may interact with others. +modkey = "Mod4" + +-- Table of layouts to cover with awful.layout.inc, order matters. +local layouts = +{ + awful.layout.suit.tile, +-- awful.layout.suit.tile.left, + awful.layout.suit.tile.bottom, + awful.layout.suit.floating, +-- awful.layout.suit.tile.top, + awful.layout.suit.fair, +-- awful.layout.suit.fair.horizontal, +-- awful.layout.suit.spiral, +-- awful.layout.suit.spiral.dwindle, + awful.layout.suit.max, + awful.layout.suit.max.fullscreen +-- awful.layout.suit.magnifier +} +-- }}} + +-- {{{ Wallpaper +if beautiful.wallpaper then + for s = 1, screen.count() do + gears.wallpaper.maximized(beautiful.wallpaper, s, true) + end +end +-- }}} + +-- {{{ Tags +-- Define a tag table which hold all screen tags. +tags = {} +for s = 1, screen.count() do + -- Each screen has its own tag table. + tags[s] = awful.tag({ "tmp", "news", "www", "im", "work1","work2","net","misc","remote" }, s, layouts[1]) +end +-- }}} + +-- {{{ Menu +-- Create a laucher widget and a main menu +myawesomemenu = { + { "manual", terminal .. " -e man awesome" }, + { "edit config", editor_cmd .. " " .. awesome.conffile }, + { "restart", awesome.restart }, + { "quit", awesome.quit } +} + +mymainmenu = awful.menu({ items = { { "awesome", myawesomemenu, beautiful.awesome_icon }, + { "open terminal", terminal }, + { "pcmanfm", "pcmanfm"} + } + }) + +mylauncher = awful.widget.launcher({ image = beautiful.awesome_icon, + menu = mymainmenu }) + +-- Menubar configuration +menubar.utils.terminal = terminal -- Set the terminal for applications that require it +-- }}} + +-- {{{ Wibox +-- Create a textclock widget +mytextclock = awful.widget.textclock() + +-- Create a wibox for each screen and add it +mywibox = {} +mypromptbox = {} +mylayoutbox = {} +mytaglist = {} +mytaglist.buttons = awful.util.table.join( + awful.button({ }, 1, awful.tag.viewonly), + awful.button({ modkey }, 1, awful.client.movetotag), + awful.button({ }, 3, awful.tag.viewtoggle), + awful.button({ modkey }, 3, awful.client.toggletag), + awful.button({ }, 4, function(t) awful.tag.viewnext(awful.tag.getscreen(t)) end), + awful.button({ }, 5, function(t) awful.tag.viewprev(awful.tag.getscreen(t)) end) + ) +mytasklist = {} +mytasklist.buttons = awful.util.table.join( + awful.button({ }, 1, function (c) + if c == client.focus then + c.minimized = true + else + -- Without this, the following + -- :isvisible() makes no sense + c.minimized = false + if not c:isvisible() then + awful.tag.viewonly(c:tags()[1]) + end + -- This will also un-minimize + -- the client, if needed + client.focus = c + c:raise() + end + end), + awful.button({ }, 3, function () + if instance then + instance:hide() + instance = nil + else + instance = awful.menu.clients({ width=250 }) + end + end), + awful.button({ }, 4, function () + awful.client.focus.byidx(1) + if client.focus then client.focus:raise() end + end), + awful.button({ }, 5, function () + awful.client.focus.byidx(-1) + if client.focus then client.focus:raise() end + end)) + +for s = 1, screen.count() do + -- Create a promptbox for each screen + mypromptbox[s] = awful.widget.prompt() + -- Create an imagebox widget which will contains an icon indicating which layout we're using. + -- We need one layoutbox per screen. + mylayoutbox[s] = awful.widget.layoutbox(s) + mylayoutbox[s]:buttons(awful.util.table.join( + awful.button({ }, 1, function () awful.layout.inc(layouts, 1) end), + awful.button({ }, 3, function () awful.layout.inc(layouts, -1) end), + awful.button({ }, 4, function () awful.layout.inc(layouts, 1) end), + awful.button({ }, 5, function () awful.layout.inc(layouts, -1) end))) + -- Create a taglist widget + mytaglist[s] = awful.widget.taglist(s, awful.widget.taglist.filter.all, mytaglist.buttons) + + -- Create a tasklist widget + mytasklist[s] = awful.widget.tasklist(s, awful.widget.tasklist.filter.currenttags, mytasklist.buttons) + + -- Create the wibox + mywibox[s] = awful.wibox({ position = "top", screen = s }) + + -- Widgets that are aligned to the left + local left_layout = wibox.layout.fixed.horizontal() + left_layout:add(mylauncher) + left_layout:add(mytaglist[s]) + left_layout:add(mypromptbox[s]) + + -- Widgets that are aligned to the right + local right_layout = wibox.layout.fixed.horizontal() + right_layout:add(mailwidget) + if s == 1 then right_layout:add(wibox.widget.systray()) end + right_layout:add(volwidget) + right_layout:add(cpuwidget) + right_layout:add(batwidget) + right_layout:add(mytextclock) + right_layout:add(mylayoutbox[s]) + + -- Now bring it all together (with the tasklist in the middle) + local layout = wibox.layout.align.horizontal() + layout:set_left(left_layout) + layout:set_middle(mytasklist[s]) + layout:set_right(right_layout) + + mywibox[s]:set_widget(layout) +end +-- }}} + +-- {{{ Mouse bindings +root.buttons(awful.util.table.join( + awful.button({ }, 3, function () mymainmenu:toggle() end), + awful.button({ }, 4, awful.tag.viewnext), + awful.button({ }, 5, awful.tag.viewprev) +)) +-- }}} + +-- {{{ Key bindings +globalkeys = awful.util.table.join( + awful.key({ modkey, }, "Left", awful.tag.viewprev ), + awful.key({ modkey, }, "Right", awful.tag.viewnext ), + awful.key({ modkey, }, "Escape", awful.tag.history.restore), + + awful.key({ modkey, }, "j", + function () + awful.client.focus.byidx( 1) + if client.focus then client.focus:raise() end + end), + awful.key({ modkey, }, "k", + function () + awful.client.focus.byidx(-1) + if client.focus then client.focus:raise() end + end), + awful.key({ modkey, }, "w", function () mymainmenu:show() end), + + -- Layout manipulation + awful.key({ modkey, "Shift" }, "j", function () awful.client.swap.byidx( 1) end), + awful.key({ modkey, "Shift" }, "k", function () awful.client.swap.byidx( -1) end), + awful.key({ modkey, "Control" }, "j", function () awful.screen.focus_relative( 1) end), + awful.key({ modkey, "Control" }, "k", function () awful.screen.focus_relative(-1) end), + awful.key({ modkey, }, "u", awful.client.urgent.jumpto), + awful.key({ modkey, }, "Tab", + function () + awful.client.focus.history.previous() + if client.focus then + client.focus:raise() + end + end), + + -- Standard program + awful.key({ modkey, }, "Return", function () awful.util.spawn(terminal) end), + awful.key({ modkey, "Control" }, "r", awesome.restart), + awful.key({ modkey, "Shift" }, "q", awesome.quit), + + awful.key({ modkey, }, "l", function () awful.tag.incmwfact( 0.05) end), + awful.key({ modkey, }, "h", function () awful.tag.incmwfact(-0.05) end), + awful.key({ modkey, "Shift" }, "h", function () awful.tag.incnmaster( 1) end), + awful.key({ modkey, "Shift" }, "l", function () awful.tag.incnmaster(-1) end), + awful.key({ modkey, "Control" }, "h", function () awful.tag.incncol( 1) end), + awful.key({ modkey, "Control" }, "l", function () awful.tag.incncol(-1) end), + awful.key({ modkey, }, "space", function () awful.layout.inc(layouts, 1) end), + awful.key({ modkey, "Shift" }, "space", function () awful.layout.inc(layouts, -1) end), + + awful.key({ modkey, "Control" }, "n", awful.client.restore), + awful.key({ }, "XF86AudioRaiseVolume", function () + awful.util.spawn("amixer set Master 5%+", false) end), + awful.key({ }, "XF86AudioLowerVolume", function () + awful.util.spawn("amixer set Master 5%-", false) end), + awful.key({ }, "XF86AudioMute", function () + awful.util.spawn("amixer -q -D default sset Master toggle", false) end), + + -- Prompt + awful.key({ modkey }, "r", function () mypromptbox[mouse.screen]:run() end), + -- awful.key({ modkey }, "r", function () awful.util.spawn( "dmenu_run" ) end ), + awful.key({ modkey,"Control" }, "BackSpace", function () awful.util.spawn("xlock -mode blank") end), + awful.key({ }, "XF86ScreenSaver", function () awful.util.spawn("xlock -mode blank") end), + + awful.key({ modkey }, "x", + function () + awful.prompt.run({ prompt = "Run Lua code: " }, + mypromptbox[mouse.screen].widget, + awful.util.eval, nil, + awful.util.getdir("cache") .. "/history_eval") + end), + -- Menubar + awful.key({ modkey }, "p", function() menubar.show() end) +) + +clientkeys = awful.util.table.join( + awful.key({ modkey, }, "f", function (c) c.fullscreen = not c.fullscreen end), + awful.key({ modkey, "Shift" }, "c", function (c) c:kill() end), + awful.key({ modkey, "Control" }, "space", awful.client.floating.toggle ), + awful.key({ modkey, "Control" }, "Return", function (c) c:swap(awful.client.getmaster()) end), + awful.key({ modkey, }, "o", awful.client.movetoscreen ), + awful.key({ modkey, }, "t", function (c) c.ontop = not c.ontop end), + awful.key({ modkey, }, "n", + function (c) + -- The client currently has the input focus, so it cannot be + -- minimized, since minimized clients can't have the focus. + c.minimized = true + end), + awful.key({ modkey, }, "m", + function (c) + c.maximized_horizontal = not c.maximized_horizontal + c.maximized_vertical = not c.maximized_vertical + end) +) + +-- Compute the maximum number of digit we need, limited to 9 +keynumber = 0 +for s = 1, screen.count() do + keynumber = math.min(9, math.max(#tags[s], keynumber)) +end + +-- Bind all key numbers to tags. +-- Be careful: we use keycodes to make it works on any keyboard layout. +-- This should map on the top row of your keyboard, usually 1 to 9. +for i = 1, keynumber do + globalkeys = awful.util.table.join(globalkeys, + awful.key({ modkey }, "#" .. i + 9, + function () + local screen = mouse.screen + if tags[screen][i] then + awful.tag.viewonly(tags[screen][i]) + end + end), + awful.key({ modkey, "Control" }, "#" .. i + 9, + function () + local screen = mouse.screen + if tags[screen][i] then + awful.tag.viewtoggle(tags[screen][i]) + end + end), + awful.key({ modkey, "Shift" }, "#" .. i + 9, + function () + if client.focus and tags[client.focus.screen][i] then + awful.client.movetotag(tags[client.focus.screen][i]) + end + end), + awful.key({ modkey, "Control", "Shift" }, "#" .. i + 9, + function () + if client.focus and tags[client.focus.screen][i] then + awful.client.toggletag(tags[client.focus.screen][i]) + end + end)) +end + +clientbuttons = awful.util.table.join( + awful.button({ }, 1, function (c) client.focus = c; c:raise() end), + awful.button({ modkey }, 1, awful.mouse.client.move), + awful.button({ modkey }, 3, awful.mouse.client.resize)) + +-- Set keys +root.keys(globalkeys) +-- }}} + +-- {{{ Rules +awful.rules.rules = { + -- All clients will match this rule. + { rule = { }, + properties = { border_width = beautiful.border_width, + border_color = beautiful.border_normal, + focus = awful.client.focus.filter, + keys = clientkeys, + buttons = clientbuttons } }, + { rule = { class = "MPlayer" }, + properties = { floating = true } }, + { rule = { class = "pinentry" }, + properties = { floating = true } }, + { rule = { class = "gimp" }, + properties = { floating = true } }, + { rule = { class = "Anamnesis" }, + properties = { floating = true } }, + -- Set Firefox to always map on tags number 2 of screen 1. + -- { rule = { class = "Firefox" }, + -- properties = { tag = tags[1][2] } }, +} +-- }}} + +-- {{{ Signals +-- Signal function to execute when a new client appears. +client.connect_signal("manage", function (c, startup) + -- Enable sloppy focus + c:connect_signal("mouse::enter", function(c) + if awful.layout.get(c.screen) ~= awful.layout.suit.magnifier + and awful.client.focus.filter(c) then + client.focus = c + end + end) + + if not startup then + -- Set the windows at the slave, + -- i.e. put it at the end of others instead of setting it master. + -- awful.client.setslave(c) + + -- Put windows in a smart way, only if they does not set an initial position. + if not c.size_hints.user_position and not c.size_hints.program_position then + awful.placement.no_overlap(c) + awful.placement.no_offscreen(c) + end + end + + local titlebars_enabled = false + if titlebars_enabled and (c.type == "normal" or c.type == "dialog") then + -- Widgets that are aligned to the left + local left_layout = wibox.layout.fixed.horizontal() + left_layout:add(awful.titlebar.widget.iconwidget(c)) + + -- Widgets that are aligned to the right + local right_layout = wibox.layout.fixed.horizontal() + right_layout:add(awful.titlebar.widget.floatingbutton(c)) + right_layout:add(awful.titlebar.widget.maximizedbutton(c)) + right_layout:add(awful.titlebar.widget.stickybutton(c)) + right_layout:add(awful.titlebar.widget.ontopbutton(c)) + right_layout:add(awful.titlebar.widget.closebutton(c)) + + -- The title goes in the middle + local title = awful.titlebar.widget.titlewidget(c) + title:buttons(awful.util.table.join( + awful.button({ }, 1, function() + client.focus = c + c:raise() + awful.mouse.client.move(c) + end), + awful.button({ }, 3, function() + client.focus = c + c:raise() + awful.mouse.client.resize(c) + end) + )) + + -- Now bring it all together + local layout = wibox.layout.align.horizontal() + layout:set_left(left_layout) + layout:set_right(right_layout) + layout:set_middle(title) + + awful.titlebar(c):set_widget(layout) + end +end) +local setmetatable = setmetatable +local os = { + date = os.date, + time = os.time +} +-- }}} + + + +function find_default_theme() + -- find the default lua theme in the package path + for path in package.path:gmatch('([^;]+);') do + if path:match('awesome.*share') then + theme_path = path:match('^([^?]*)') .. '../themes/default/theme.lua' + if awful.util.file_readable(theme_path) then return theme_path end + end + end +end + +beautiful.init(find_default_theme()) +client.connect_signal("focus", function(c) c.border_color = beautiful.border_focus end) +client.connect_signal("unfocus", function(c) c.border_color = beautiful.border_normal end) +-- }}} diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index b78183a2a..7945b6ebd 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -8,4 +8,5 @@ in alsa-hdspconf = callPackage ./alsa-tools { alsaToolTarget="hdspconf";}; alsa-hdsploader = callPackage ./alsa-tools { alsaToolTarget="hdsploader";}; tinc_graphs = callPackage ./tinc_graphs {}; + awesomecfg = callPackage ./awesomecfg {}; } diff --git a/makefu/5pkgs/tinc_graphs/default.nix b/makefu/5pkgs/tinc_graphs/default.nix index 95f096a30..5bc974157 100644 --- a/makefu/5pkgs/tinc_graphs/default.nix +++ b/makefu/5pkgs/tinc_graphs/default.nix @@ -2,14 +2,14 @@ python3Packages.buildPythonPackage rec { name = "tinc_graphs-${version}"; - version = "0.2.9"; + version = "0.2.12"; propagatedBuildInputs = with pkgs;[ python3Packages.pygeoip ## ${geolite-legacy}/share/GeoIP/GeoIPCity.dat ]; src = fetchurl { url = "https://pypi.python.org/packages/source/t/tinc_graphs/tinc_graphs-${version}.tar.gz"; - sha256 = "0fm063qhjlb8g1xahwcqqrd2dxgd38wwi55rhl1k5chr7zajsqfz"; + sha256 = "03jxvxahpcbpnz4668x32b629dwaaz5jcjkyaijm0zzpgcn4cbgp"; }; preFixup = with pkgs;'' wrapProgram $out/bin/build-graphs --prefix PATH : "$out/bin" |