diff options
Diffstat (limited to 'lass')
| -rw-r--r-- | lass/1systems/cabal/config.nix | 5 | ||||
| -rw-r--r-- | lass/1systems/mors/config.nix | 6 | ||||
| -rw-r--r-- | lass/1systems/prism/config.nix | 30 | ||||
| -rw-r--r-- | lass/2configs/baseX.nix | 4 | ||||
| -rw-r--r-- | lass/2configs/blue-host.nix | 1 | ||||
| -rw-r--r-- | lass/2configs/dcso-dev.nix | 7 | ||||
| -rw-r--r-- | lass/2configs/dunst.nix | 6 | ||||
| -rw-r--r-- | lass/2configs/git.nix | 4 | ||||
| -rw-r--r-- | lass/2configs/logf.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/mc.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/reaktor-coders.nix | 8 | ||||
| -rw-r--r-- | lass/2configs/repo-sync.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/starcraft.nix | 53 | ||||
| -rw-r--r-- | lass/2configs/urxvt.nix | 8 | ||||
| -rw-r--r-- | lass/2configs/virtualbox.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/websites/lassulus.nix | 16 | ||||
| -rw-r--r-- | lass/2configs/websites/util.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/wine.nix | 1 | ||||
| -rw-r--r-- | lass/3modules/usershadow.nix | 2 | ||||
| -rw-r--r-- | lass/3modules/xjail.nix | 12 | ||||
| -rw-r--r-- | lass/5pkgs/custom/xmonad-lass/default.nix | 28 | ||||
| -rw-r--r-- | lass/5pkgs/dpass/default.nix | 4 | ||||
| -rw-r--r-- | lass/5pkgs/xephyrify/default.nix | 4 | ||||
| -rw-r--r-- | lass/source.nix | 1 |
24 files changed, 181 insertions, 29 deletions
diff --git a/lass/1systems/cabal/config.nix b/lass/1systems/cabal/config.nix index 64c179e67..6a8040c9d 100644 --- a/lass/1systems/cabal/config.nix +++ b/lass/1systems/cabal/config.nix @@ -8,11 +8,6 @@ <stockholm/lass/2configs/retiolum.nix> <stockholm/lass/2configs/exim-retiolum.nix> <stockholm/lass/2configs/baseX.nix> - <stockholm/lass/2configs/browsers.nix> - <stockholm/lass/2configs/programs.nix> - <stockholm/lass/2configs/fetchWallpaper.nix> - <stockholm/lass/2configs/games.nix> - <stockholm/lass/2configs/bitcoin.nix> <stockholm/lass/2configs/AP.nix> <stockholm/lass/2configs/blue-host.nix> ]; diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 97e69146e..065ab2396 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -29,6 +29,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/c-base.nix> <stockholm/lass/2configs/br.nix> <stockholm/lass/2configs/ableton.nix> + <stockholm/lass/2configs/starcraft.nix> <stockholm/lass/2configs/dunst.nix> <stockholm/lass/2configs/rtl-sdr.nix> <stockholm/lass/2configs/backup.nix> @@ -179,4 +180,9 @@ with import <stockholm/lib>; }; }); virtualisation.libvirtd.enable = true; + + services.earlyoom = { + enable = true; + freeMemThreshold = 5; + }; } diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 9a0bb49e9..2626ebf33 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -195,6 +195,16 @@ with import <stockholm/lib>; jeschli-bolide jeschli-brauerei ]; + repo = [ config.krebs.git.repos.xmonad-stockholm ]; + perm = with git; push "refs/heads/jeschli*" [ fast-forward non-fast-forward create delete merge ]; + } + { + user = with config.krebs.users; [ + jeschli + jeschli-bln + jeschli-bolide + jeschli-brauerei + ]; repo = [ config.krebs.git.repos.stockholm ]; perm = with git; push "refs/heads/staging/jeschli*" [ fast-forward non-fast-forward create delete merge ]; } @@ -281,6 +291,18 @@ with import <stockholm/lib>; ]; } { + services.nginx = { + enable = true; + virtualHosts."radio.lassul.us" = { + forceSSL = true; + enableACME = true; + locations."/".extraConfig = '' + proxy_pass http://localhost:8000; + ''; + }; + }; + } + { lass.nichtparasoup.enable = true; services.nginx = { enable = true; @@ -341,6 +363,14 @@ with import <stockholm/lib>; { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} ]; } + { + services.murmur.enable = true; + services.murmur.registerName = "lassul.us"; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 64738"; target = "ACCEPT";} + ]; + + } ]; krebs.build.host = config.krebs.hosts.prism; diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index afdefaa45..7d04827f0 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -71,8 +71,10 @@ in { ag bank cabal2nix + cholerab dic dmenu + font-size gi gitAndTools.qgit git-preview @@ -81,6 +83,7 @@ in { mpv-poll much ncdu + nix-index nix-repl nmap pavucontrol @@ -91,7 +94,6 @@ in { sxiv taskwarrior termite - thesauron timewarrior xclip xephyrify diff --git a/lass/2configs/blue-host.nix b/lass/2configs/blue-host.nix index 657234bc1..83c235f3e 100644 --- a/lass/2configs/blue-host.nix +++ b/lass/2configs/blue-host.nix @@ -5,6 +5,7 @@ with import <stockholm/lib>; imports = [ <stockholm/lass/2configs/container-networking.nix> ]; + systemd.services."container@blue".reloadIfChanged = mkForce false; containers.blue = { config = { ... }: { environment.systemPackages = [ pkgs.git ]; diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix index b985b67b3..0996d21c1 100644 --- a/lass/2configs/dcso-dev.nix +++ b/lass/2configs/dcso-dev.nix @@ -9,7 +9,7 @@ in { dev = { name = "dev"; uid = genid "dev"; - extraGroups = [ "docker" ]; + extraGroups = [ "docker" "vboxusers" ]; description = "user for collaborative development"; home = "/home/dev"; useDefaultShell = true; @@ -54,10 +54,13 @@ in { krebs.per-user.dev.packages = [ pkgs.go ]; + environment.variables.GOPATH = "$HOME/go"; security.sudo.extraConfig = '' ${mainUser.name} ALL=(dev) NOPASSWD: ALL ''; - services.minio.enable = true; + networking.interfaces.et0.ipv4.addresses = [ + { address = "10.99.23.1"; prefixLength = 24; } + ]; } diff --git a/lass/2configs/dunst.nix b/lass/2configs/dunst.nix index 6d3d839bc..18a22e1da 100644 --- a/lass/2configs/dunst.nix +++ b/lass/2configs/dunst.nix @@ -188,21 +188,21 @@ let foreground = "#3B7C87" background = "#191311" #background = "#2B313C" - timeout = 0 + timeout = 1 [urgency_normal] frame_color = "#5B8234" foreground = "#5B8234" background = "#191311" #background = "#2B313C" - timeout = 0 + timeout = 1 [urgency_critical] frame_color = "#B7472A" foreground = "#B7472A" background = "#191311" #background = "#2B313C" - timeout = 0 + timeout = 1 # Every section that isn't one of the above is interpreted as a rules to diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 72cfd5e75..707796dd9 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -61,6 +61,10 @@ let cgit.desc = "krebs deployment"; cgit.section = "software"; }; + xmonad-stockholm = { + cgit.desc = "krebs xmonad modules"; + cgit.section = "configuration"; + }; } // mapAttrs make-public-repo-silent { nixos-aws = { collaborators = [ { diff --git a/lass/2configs/logf.nix b/lass/2configs/logf.nix index 24b806efa..f141a94f5 100644 --- a/lass/2configs/logf.nix +++ b/lass/2configs/logf.nix @@ -11,7 +11,7 @@ let cloudkrebs = "119"; }; urgent = [ - "\\blass@mors\\b" + "\\blass@blue\\b" ]; in { environment.systemPackages = [ diff --git a/lass/2configs/mc.nix b/lass/2configs/mc.nix index 3bd1852a8..eb457b7d3 100644 --- a/lass/2configs/mc.nix +++ b/lass/2configs/mc.nix @@ -326,7 +326,7 @@ in { name = "mc"; paths = [ (pkgs.writeDashBin "mc" '' - export MC_DATADIR=${pkgs.writeOut "mc-ext" { + export MC_DATADIR=${pkgs.write "mc-ext" { "/mc.ext".link = mcExt; "/sfs.ini".text = ""; }}; diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix index 5a39f7115..86877df7a 100644 --- a/lass/2configs/reaktor-coders.nix +++ b/lass/2configs/reaktor-coders.nix @@ -65,7 +65,7 @@ with import <stockholm/lib>; }) (buildSimpleReaktorPlugin "random-unicorn-porn" { pattern = "^!rup$$"; - script = pkgs.writePython2 [] "rup" '' + script = pkgs.writePython2 "rup" [] '' t1 = """ _. ;=',_ () @@ -100,6 +100,12 @@ with import <stockholm/lib>; exec echo 'DID SOMEBODY SAY BLOCKCHAIN? https://paste.krebsco.de/r99pMoQq/+inline' ''; }) + (buildSimpleReaktorPlugin "shrug" { + pattern = "^!shrug$"; + script = pkgs.writeDash "shrug" '' + exec echo '¯\_(ツ)_/¯' + ''; + }) ]; }; } diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index 615f5a728..6a07172fe 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -27,6 +27,7 @@ let user = with config.krebs.users; [ config.krebs.users."${config.networking.hostName}-repo-sync" lass + lass-mors lass-shodan ]; repo = [ repo ]; @@ -136,5 +137,6 @@ in { (sync-retiolum "stockholm") (sync-retiolum "wai-middleware-time") (sync-retiolum "xmonad-stockholm") + (sync-retiolum "nix-writers") ]; } diff --git a/lass/2configs/starcraft.nix b/lass/2configs/starcraft.nix new file mode 100644 index 000000000..742b877e8 --- /dev/null +++ b/lass/2configs/starcraft.nix @@ -0,0 +1,53 @@ +{ config, pkgs, ... }: let + mainUser = config.users.extraUsers.mainUser; + newWine = pkgs.wineStaging; + #newWine = pkgs.wineStaging.overrideAttrs (old: { + # name = "wine-3.7"; + # buildInputs = old.buildInputs ++ [ + # pkgs.libuuid.bin + # pkgs.autoconf.out + # ]; + # src = pkgs.fetchurl { + # url = "https://dl.winehq.org/wine/source/3.x/wine-3.7.tar.xz"; + # sha256 = "1drbzk3y0m14lkq3vzwwkvain5shykgcbmyzh6gcb5r4sxh3givn"; + # }; + # postPatch = old.postPatch or "" + '' + # patchShebangs tools + # cp -r ${pkgs.fetchFromGitHub { + # sha256 = "0kam73jqhah7bzji5csxxhhfdp6byhzpcph6xnzjqz2aic5xk7xi"; + # owner = "wine-staging"; + # repo = "wine-staging"; + # rev = "v3.7"; + # }}/patches . + # chmod +w patches + # cd patches + # patchShebangs gitapply.sh + # ./patchinstall.sh DESTDIR="$PWD/.." --all + # cd .. + # ''; + + #}); + #newWine = (import (builtins.fetchGit { + # url = "https://github.com/NixOS/nixpkgs"; + # rev = "696c6bed4e8e2d9fd9b956dea7e5d49531e9d13f"; + #}) {}).wineStaging; +in { + users.users= { + starcraft = { + isNormalUser = true; + extraGroups = [ + "audio" + "video" + ]; + packages = [ + newWine + pkgs.winetricks + pkgs.mpg123 + ]; + }; + }; + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(starcraft) NOPASSWD: ALL + ''; +} + diff --git a/lass/2configs/urxvt.nix b/lass/2configs/urxvt.nix index fc4537140..90d28d650 100644 --- a/lass/2configs/urxvt.nix +++ b/lass/2configs/urxvt.nix @@ -5,7 +5,7 @@ with import <stockholm/lib>; services.urxvtd.enable = true; krebs.xresources.resources.urxvt = '' - URxvt*SaveLines: 4096 + URxvt*SaveLines: 1000000 URxvt*scrollBar: false URxvt*urgentOnBell: true URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select @@ -19,6 +19,12 @@ with import <stockholm/lib>; URxvt.keysym.M-Escape: perl:keyboard-select:activate URxvt.keysym.M-s: perl:keyboard-select:search + URxvt.keysym.M-F1: command:\033]710;-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1\007\033]711;-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1\007 + URxvt.keysym.M-F2: command:\033]710;xft:Monospace:size=15\007\033]711;xft:Monospace:size=15:bold\007 + URxvt.keysym.M-F3: command:\033]710;xft:Monospace:size=20\007\033]711;xft:Monospace:size=20:bold\007 + URxvt.keysym.M-F4: command:\033]710;xft:Monospace:size=25\007\033]711;xft:Monospace:size=25:bold\007 + URxvt.keysym.M-F5: command:\033]710;xft:Monospace:size=30\007\033]711;xft:Monospace:size=30:bold\007 + URxvt.intensityStyles: false URxvt*background: #000000 diff --git a/lass/2configs/virtualbox.nix b/lass/2configs/virtualbox.nix index 8171def2d..cfb835d78 100644 --- a/lass/2configs/virtualbox.nix +++ b/lass/2configs/virtualbox.nix @@ -15,7 +15,7 @@ in { description = "user for running VirtualBox"; home = "/home/virtual"; useDefaultShell = true; - extraGroups = [ "vboxusers" "audio" ]; + extraGroups = [ "vboxusers" "audio" "video" ]; createHome = true; }; }; diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 53f1eea5c..f60a66952 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -66,6 +66,22 @@ in { locations."/tinc".extraConfig = '' alias ${config.krebs.tinc_graphs.workingDir}/external; ''; + locations."/urlaubyay2018".extraConfig = '' + autoindex on; + alias /srv/http/lassul.us-media/india2018; + auth_basic "Restricted Content"; + auth_basic_user_file ${pkgs.writeText "pics-user-pass" '' + paolo:$apr1$aQ6mYNR3$ho.aJ7icqSO.y.xKo3GQf0 + ''}; + ''; + locations."/heilstadt".extraConfig = '' + autoindex on; + alias /srv/http/lassul.us-media/grabowsee2018; + auth_basic "Restricted Content"; + auth_basic_user_file ${pkgs.writeText "pics-user-pass" '' + c-base:$apr1$aQ6mYNR3$ho.aJ7icqSO.y.xKo3GQf0 + ''}; + ''; # TODO make this work! locations."= /ddate".extraConfig = let script = pkgs.writeBash "test" '' diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix index 816449c14..a807f7160 100644 --- a/lass/2configs/websites/util.nix +++ b/lass/2configs/websites/util.nix @@ -194,7 +194,7 @@ rec { in { services.nginx.virtualHosts."${domain}" = { enableACME = true; - addSSL = true; + forceSSL = true; serverAliases = domains; extraConfig = '' root /srv/http/${domain}/; diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix index dd82b34eb..71a5cdda9 100644 --- a/lass/2configs/wine.nix +++ b/lass/2configs/wine.nix @@ -17,6 +17,7 @@ in { createHome = true; packages = [ pkgs.wine + pkgs.winetricks ]; }; }; diff --git a/lass/3modules/usershadow.nix b/lass/3modules/usershadow.nix index fc9e63e31..cb2890969 100644 --- a/lass/3modules/usershadow.nix +++ b/lass/3modules/usershadow.nix @@ -45,7 +45,7 @@ "pwstore-fast" "bytestring" ]; - body = pkgs.writeHaskell "passwords" { + body = pkgs.writeHaskellPackage "passwords" { executables.verify_pam = { extra-depends = deps; text = '' diff --git a/lass/3modules/xjail.nix b/lass/3modules/xjail.nix index 325ebcc99..8f5f05bc2 100644 --- a/lass/3modules/xjail.nix +++ b/lass/3modules/xjail.nix @@ -41,10 +41,14 @@ with import <stockholm/lib>; type = types.path; default = pkgs.writeScript "echo_lol" "echo lol"; }; + vglrun = mkOption { + type = types.bool; + default = false; + }; wm = mkOption { #TODO find type type = types.string; - default = "${pkgs.writeHaskell "xephyrify-xmonad" { + default = "${pkgs.writeHaskellPackage "xephyrify-xmonad" { executables.xmonad = { extra-depends = [ "containers" @@ -116,9 +120,11 @@ with import <stockholm/lib>; ${pkgs.coreutils}/bin/kill $WM_PID ${pkgs.coreutils}/bin/kill $XEPHYR_PID ''; - sudo_ = pkgs.writeDash "${cfg.name}-sudo" '' + sudo_ = pkgs.writeDash "${cfg.name}-sudo" (if cfg.vglrun then '' /var/run/wrappers/bin/sudo -u ${cfg.name} -i ${vglrun_} "$@" - ''; + '' else '' + /var/run/wrappers/bin/sudo -u ${cfg.name} -i env DISPLAY=:${cfg.display} ${cfg.script} "$@" + ''); vglrun_ = pkgs.writeDash "${cfg.name}-vglrun" '' DISPLAY=:${cfg.display} ${pkgs.virtualgl}/bin/vglrun ${cfg.extraVglrunArgs} ${cfg.script} "$@" ''; diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix index 868c1072a..694f3c033 100644 --- a/lass/5pkgs/custom/xmonad-lass/default.nix +++ b/lass/5pkgs/custom/xmonad-lass/default.nix @@ -1,5 +1,5 @@ { config, pkgs, ... }: -pkgs.writeHaskell "xmonad-lass" { +pkgs.writeHaskellPackage "xmonad-lass" { executables.xmonad = { extra-depends = [ "containers" @@ -48,7 +48,8 @@ import XMonad.Util.EZConfig (additionalKeysP) import XMonad.Util.NamedWindows (getName) import XMonad.Util.Run (safeSpawn) -import XMonad.Stockholm.Shutdown +import XMonad.Stockholm.Shutdown (handleShutdownEvent, sendShutdownEvent) +import XMonad.Stockholm.Pager (defaultWindowColors, pager, MatchMethod(MatchPrefix), PagerConfig(..)) data LibNotifyUrgencyHook = LibNotifyUrgencyHook deriving (Read, Show) @@ -129,8 +130,8 @@ myKeyMap = , ("M4-f", floatNext True) , ("M4-b", sendMessage ToggleStruts) - , ("M4-v", withWorkspace autoXPConfig (windows . W.greedyView)) - , ("M4-S-v", withWorkspace autoXPConfig (windows . W.shift)) + , ("M4-v", gets windowset >>= allWorkspaceNames >>= pager pagerConfig (windows . W.view) ) + , ("M4-S-v", gets windowset >>= allWorkspaceNames >>= pager pagerConfig (windows . W.shift) ) , ("M4-C-v", withWorkspace autoXPConfig (windows . copy)) , ("M4-m", withFocused minimizeWindow) @@ -183,6 +184,21 @@ infixAutoXPConfig = autoXPConfig { searchPredicate = isInfixOf } +pagerConfig :: PagerConfig +pagerConfig = def + { pc_font = myFont + , pc_cellwidth = 64 + , pc_matchmethod = MatchPrefix + , pc_windowColors = windowColors + } + where + windowColors _ _ _ True _ = ("#ef4242","#ff2323") + windowColors wsf m c u wf = do + let y = defaultWindowColors wsf m c u wf + if m == False && wf == True + then ("#402020", snd y) + else y + gridConfig :: GSConfig WorkspaceId gridConfig = def { gs_cellwidth = 100 @@ -191,6 +207,10 @@ gridConfig = def , gs_navigate = navNSearch , gs_font = myFont } + +allWorkspaceNames :: W.StackSet i l a sid sd -> X [i] +allWorkspaceNames ws = + return $ map W.tag (W.hidden ws) ++ [W.tag $ W.workspace $ W.current ws] ''; }; } diff --git a/lass/5pkgs/dpass/default.nix b/lass/5pkgs/dpass/default.nix index 7e75d50c7..c1e803bcb 100644 --- a/lass/5pkgs/dpass/default.nix +++ b/lass/5pkgs/dpass/default.nix @@ -1,6 +1,6 @@ -{ pass, writeOut, writeDash, ... }: +{ pass, write, writeDash, ... }: -writeOut "dsco-pass" { +write "dsco-pass" { "/bin/dpass".link = writeDash "dpass" '' PASSWORD_STORE_DIR=$HOME/.dpasswordstore \ exec ${pass}/bin/pass $@ diff --git a/lass/5pkgs/xephyrify/default.nix b/lass/5pkgs/xephyrify/default.nix index 8d6036843..20c546dbb 100644 --- a/lass/5pkgs/xephyrify/default.nix +++ b/lass/5pkgs/xephyrify/default.nix @@ -1,8 +1,8 @@ -{ writeDashBin, writeHaskell, coreutils, xorg, virtualgl, ... }: +{ writeDashBin, writeHaskellPackage, coreutils, xorg, virtualgl, ... }: let - xephyrify-xmonad = writeHaskell "xephyrify-xmonad" { + xephyrify-xmonad = writeHaskellPackage "xephyrify-xmonad" { executables.xmonad = { extra-depends = [ "containers" diff --git a/lass/source.nix b/lass/source.nix index e7991da2a..49f919faf 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -7,6 +7,7 @@ host@{ name, secure ? false, override ? {} }: let pkgs = import <nixpkgs> { overlays = map import [ <stockholm/krebs/5pkgs> + <stockholm/submodules/nix-writers/pkgs> ]; }; in |