diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 371a7052d..6e3c3bec8 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }:
# bln config file
{
- imports = [
+ imports = [
./hardware-configuration.nix
<stockholm/jeschli>
<stockholm/jeschli/2configs/virtualbox.nix>
@@ -9,6 +9,8 @@
<stockholm/jeschli/2configs/emacs.nix>
<stockholm/jeschli/2configs/xdg.nix>
<stockholm/jeschli/2configs/xserver>
+# <stockholm/jeschli/1systems/bln/dcso-vpn.nix>
+ <stockholm/jeschli/2configs/officevpn.nix>
];
# boot.loader.systemd-boot.enable = true;
@@ -94,6 +96,8 @@
vagrant
# document viewer
zathura
+
+ samba
];
@@ -161,4 +165,9 @@
hardware.bluetooth.enable = true;
krebs.build.host = config.krebs.hosts.bln;
+
+ networking.interfaces.enp0s31f6.ipv4.addresses = [
+ { address = "10.99.23.2"; prefixLength = 24; }
+ ];
+
}
diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix
index 5a6ad7652..e200cbcd4 100644
--- a/jeschli/1systems/brauerei/config.nix
+++ b/jeschli/1systems/brauerei/config.nix
@@ -25,21 +25,11 @@
preLVM = true;
allowDiscards = true;
} ];
-# networking.hostName = "brauerei";
- # Define your hostname.
-# networking.wireless.enable = true;
networking.networkmanager.enable = true;
- # Enables wireless support via wpa_supplicant.
- # Select internationalisation properties.
- # i18n = {
- # consoleFont = "Lat2-Terminus16";
- # consoleKeyMap = "us";
- # defaultLocale = "en_US.UTF-8";
- # };
- # Set your time zone. #
time.timeZone = "Europe/Amsterdam";
+
nixpkgs.config.allowUnfree = true;
- # List packages installed in system profile. To search by name, run: # $ nix-env -qaP | grep wget
+
environment.shellAliases = {
n = "nix-shell";
stocki = pkgs.writeDash "deploy" ''
@@ -47,6 +37,7 @@
exec nix-shell -I stockholm="$PWD" --run 'deploy --system="brauerei"'
'';
};
+
environment.systemPackages = with pkgs; [
# system helper
ag
@@ -103,6 +94,7 @@
zathura
# xorg
xorg.xbacklight
+ taskwarrior
];
# Some programs need SUID wrappers, can be configured further or are
@@ -126,7 +118,7 @@
display = 11;
tty = 11;
- dpi = 96;
+ dpi = 144;
# videoDrivers = [ "nvidia" ];
synaptics = {
@@ -138,7 +130,7 @@
users.extraUsers.jeschli = { # TODO: define as krebs.users
isNormalUser = true;
- extraGroups = ["docker" "vboxusers"];
+ extraGroups = ["docker" "vboxusers" "audio"];
uid = 1000;
};
users.extraUsers.jamie = {
diff --git a/jeschli/1systems/brauerei/hardware-configuration.nix b/jeschli/1systems/brauerei/hardware-configuration.nix
index 75fdb89fd..2cb3e6661 100644
--- a/jeschli/1systems/brauerei/hardware-configuration.nix
+++ b/jeschli/1systems/brauerei/hardware-configuration.nix
@@ -29,5 +29,6 @@
swapDevices = [ ];
+ hardware.pulseaudio.enable = true;
nix.maxJobs = lib.mkDefault 4;
}
diff --git a/jeschli/2configs/IM.nix b/jeschli/2configs/IM.nix
index 171b78242..288134fa2 100644
--- a/jeschli/2configs/IM.nix
+++ b/jeschli/2configs/IM.nix
@@ -30,7 +30,7 @@ in {
jeschli-bln.pubkey
jeschli-brauerei.pubkey
];
- packages = [ tmux ];
+ packages = [ tmux ];
};
diff --git a/jeschli/2configs/emacs.nix b/jeschli/2configs/emacs.nix
index 4c52432d3..3bd2dbfc4 100644
--- a/jeschli/2configs/emacs.nix
+++ b/jeschli/2configs/emacs.nix
@@ -17,18 +17,19 @@ let
'';
evilMode = ''
;; Evil Mode
- (add-to-list 'load-path "~/.emacs.d/evil")
(require 'evil)
(evil-mode 1)
- (require 'evil-org)
- (add-hook 'org-mode-hook 'evil-org-mode)
- (evil-org-set-key-theme '(navigation insert textobjects additional calendar))
- (require 'evil-org-agenda)
- (evil-org-agenda-set-keys)
+ ;; (require 'evil-org)
+ ;; (add-hook 'org-mode-hook 'evil-org-mode)
+ ;; (evil-org-set-key-theme '(navigation insert textobjects additional calendar))
+ ;; (require 'evil-org-agenda)
+ ;; (evil-org-agenda-set-keys)
'';
windowCosmetics = ''
+ (menu-bar-mode -1)
(tool-bar-mode -1) ; Disable the button bar atop screen
(scroll-bar-mode -1) ; Disable scroll bar
+ (toggle-scroll-bar -1)
(setq inhibit-startup-screen t) ; Disable startup screen with graphics
(setq-default indent-tabs-mode nil) ; Use spaces instead of tabs
(setq default-tab-width 2) ; Two spaces is a tab
@@ -41,28 +42,36 @@ let
(global-set-key "\C-cl" 'org-store-link)
(global-set-key "\C-ca" 'org-agenda)
(global-set-key "\C-cb" 'org-iswitchb)
+ (setq org-link-frame-setup '((file . find-file))) ; open link in same frame.
(if (boundp 'org-user-agenda-files)
(setq org-agenda-files org-user-agenda-files)
(setq org-agenda-files (quote ("~/projects/notes")))
)
'';
+ theme = ''
+ (load-theme 'monokai-alt)
+ '';
recentFiles = ''
(recentf-mode 1)
(setq recentf-max-menu-items 25)
(global-set-key "\C-x\ \C-r" 'recentf-open-files)
'';
dotEmacs = pkgs.writeText "dot-emacs" ''
+ ${evilMode}
${packageRepos}
${orgMode}
${recentFiles}
+ ${theme}
${windowCosmetics}
'';
emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [
+ epkgs.melpaPackages.evil
epkgs.melpaStablePackages.magit
epkgs.melpaPackages.mmm-mode
epkgs.melpaPackages.nix-mode
epkgs.melpaPackages.go-mode
epkgs.melpaPackages.google-this
+ epkgs.melpaPackages.monokai-alt-theme
]);
myEmacs = pkgs.writeDashBin "my-emacs" ''
exec ${emacsWithCustomPackages}/bin/emacs -q -l ${dotEmacs} "$@"
diff --git a/jeschli/2configs/officevpn.nix b/jeschli/2configs/officevpn.nix
new file mode 100644
index 000000000..eb0477d51
--- /dev/null
+++ b/jeschli/2configs/officevpn.nix
@@ -0,0 +1,19 @@
+{ config, pkgs, ... }:
+
+{
+ nixpkgs.config.packageOverrides = pkgs: {
+ openvpn = pkgs.openvpn.override { pkcs11Support = true; useSystemd = false;};
+ };
+
+ environment.systemPackages = with pkgs; [
+ opensc
+ openvpn
+ yubikey-manager
+ ];
+
+ services.pcscd.enable = true;
+
+ # To start the vpn manually execute
+ # $ openvpn --config clien.ovpn
+}
+
diff --git a/jeschli/2configs/urxvt.nix b/jeschli/2configs/urxvt.nix
index 014918748..4049a47a3 100644
--- a/jeschli/2configs/urxvt.nix
+++ b/jeschli/2configs/urxvt.nix
@@ -29,11 +29,11 @@ with import <stockholm/lib>;
*color13: rgb:fc/54/fc
*color14: rgb:54/fc/fc
*color15: rgb:fc/fc/fc
-
+
URxvt*scrollBar: false
URxvt*urgentOnBell: true
URxvt*font: xft:DejaVu Sans Mono:pixelsize=${toString config.jeschliFontSize}
URXvt*faceSize: ${toString config.jeschliFontSize}
'';
- };
+ };
}
diff --git a/jeschli/2configs/xserver/Xresources.nix b/jeschli/2configs/xserver/Xresources.nix
index e8154912c..ebe7159ff 100644
--- a/jeschli/2configs/xserver/Xresources.nix
+++ b/jeschli/2configs/xserver/Xresources.nix
@@ -4,8 +4,7 @@ with import <stockholm/lib>;
pkgs.writeText "Xresources" /* xdefaults */ ''
Xcursor.theme: aero-large-drop
- Xcursor.size: 128
- Xft.dpi: 144
+ Xcursor.size: 128
URxvt*cutchars: "\\`\"'&()*,;<=>?@[]^{|}‘’"
URxvt*eightBitInput: false
@@ -22,7 +21,8 @@ pkgs.writeText "Xresources" /* xdefaults */ ''
URxvt*charClass: 33:48,37:48,45-47:48,64:48,38:48,61:48,63:48
URxvt*cutNewline: False
URxvt*cutToBeginningOfLine: False
-
+ URxvt*font: xft:Monospace:size=12
+ URxvt*font: xft:Monospace:size=12:bold
URxvt*color0: #232342
URxvt*color3: #c07000
URxvt*color4: #4040c0
diff --git a/jeschli/5pkgs/simple/xmonad-jeschli/default.nix b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix
index 5aa3c2f96..88856021c 100644
--- a/jeschli/5pkgs/simple/xmonad-jeschli/default.nix
+++ b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix
@@ -90,7 +90,7 @@ mainNoArgs = do
, startupHook = do
setWMName "LG3D"
whenJustM (liftIO (lookupEnv "XMONAD_STARTUP_HOOK"))
- (\path -> forkFile path [] Nothing) <+> setWMName "LG3D"
+ (\path -> forkFile path [] Nothing) <+> setWMName "LG3D"
, normalBorderColor = "#1c1c1c"
, focusedBorderColor = "#f000b0"
, handleEventHook = handleShutdownEvent
@@ -150,7 +150,7 @@ myKeys conf = Map.fromList $
, ((_S , xK_Print ), gets windowset >>= allWorkspaceNames >>= pager pagerConfig (windows . W.shift) )
, ((_C , xK_Print ), toggleWS)
, ((_4 , xK_Print ), rhombus horseConfig (liftIO . hPutStrLn stderr) ["Correct", "Horse", "Battery", "Staple", "Stuhl", "Tisch"] )
-
+
-- %! Rotate through the available layout algorithms
, ((_4 , xK_space ), sendMessage NextLayout)
, ((_4S , xK_space ), setLayout $ XMonad.layoutHook conf) -- reset layout
@@ -222,7 +222,7 @@ myKeys conf = Map.fromList $
pagerConfig :: PagerConfig
pagerConfig = def
{ pc_font = myFont
- , pc_cellwidth = 256
+ , pc_cellwidth = 256
--, pc_cellheight = 36 -- TODO automatically keep screen aspect
--, pc_borderwidth = 1
--, pc_matchcolor = "#f0b000"
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 18b751a7e..0a848426c 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -15,6 +15,7 @@
<stockholm/krebs/2configs/ircd.nix>
<stockholm/krebs/2configs/reaktor-retiolum.nix>
<stockholm/krebs/2configs/reaktor-krebs.nix>
+ <stockholm/krebs/2configs/repo-sync.nix>
];
krebs.build.host = config.krebs.hosts.hotdog;
diff --git a/krebs/1systems/onebutton/source.nix b/krebs/1systems/onebutton/source.nix
index 6842bfaab..91a998de7 100644
--- a/krebs/1systems/onebutton/source.nix
+++ b/krebs/1systems/onebutton/source.nix
@@ -1,11 +1,8 @@
with import <stockholm/lib>;
let
pkgs = import <nixpkgs> {};
- nixpkgs = pkgs.fetchFromGitHub {
- owner = "nixos";
- repo = "nixpkgs-channels";
- rev = "nixos-unstable"; # only binary cache for unstable arm6
- sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd";
+ nixpkgs = builtins.fetchTarball {
+ url = https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz;
};
in import <stockholm/krebs/source.nix> {
name = "onebutton";
diff --git a/krebs/2configs/news-spam.nix b/krebs/2configs/news-spam.nix
index a3f39b40e..88b7e1072 100644
--- a/krebs/2configs/news-spam.nix
+++ b/krebs/2configs/news-spam.nix
@@ -7,7 +7,6 @@
[SPAM]aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews
[SPAM]allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews
[SPAM]antirez|http://antirez.com/rss|#snews
- [SPAM]arbor|http://feeds2.feedburner.com/asert/|#snews
[SPAM]archlinux|http://www.archlinux.org/feeds/news/|#snews
[SPAM]ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#snews
[SPAM]augustl|http://augustl.com/atom.xml|#snews
@@ -131,7 +130,6 @@
[SPAM]slashdot|http://rss.slashdot.org/Slashdot/slashdot|#snews
[SPAM]slate|http://feeds.slate.com/slate|#snews
[SPAM]spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#snews
- [SPAM]spiegelfechter|http://feeds.feedburner.com/DerSpiegelfechter?format=xml|#snews
[SPAM]spiegel_top|http://www.spiegel.de/schlagzeilen/tops/index.rss|#snews
[SPAM]standardmedia_ke|http://www.standardmedia.co.ke/rss/headlines.php|#snews
[SPAM]stern|http://www.stern.de/feed/standard/all/|#snews
@@ -146,7 +144,6 @@
[SPAM]the_insider|http://www.theinsider.org/rss/news/headlines-xml.asp|#snews
[SPAM]tigsource|http://www.tigsource.com/feed/|#snews
[SPAM]tinc|http://tinc-vpn.org/news/index.rss|#snews
- [SPAM]topix_b|http://www.topix.com/rss/wire/de/berlin|#snews
[SPAM]torr_bits|http://feeds.feedburner.com/TorrentfreakBits|#snews
[SPAM]torrentfreak|http://feeds.feedburner.com/Torrentfreak|#snews
[SPAM]torr_news|http://feed.torrentfreak.com/Torrentfreak/|#snews
@@ -160,7 +157,6 @@
[SPAM]us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#snews
[SPAM]vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#snews
[SPAM]weechat|http://dev.weechat.org/feed/atom|#snews
- [SPAM]wp_world|http://feeds.washingtonpost.com/rss/rss_blogpost|#snews
[SPAM]xkcd|https://xkcd.com/rss.xml|#snews
[SPAM]zdnet|http://www.zdnet.com/news/rss.xml|#snews
'';
diff --git a/krebs/2configs/reaktor-retiolum.nix b/krebs/2configs/reaktor-retiolum.nix
index b32d39b7e..d5f1851e3 100644
--- a/krebs/2configs/reaktor-retiolum.nix
+++ b/krebs/2configs/reaktor-retiolum.nix
@@ -10,6 +10,9 @@ with import <stockholm/lib>;
};
plugins = with pkgs.ReaktorPlugins; [
sed-plugin
+ task-add
+ task-delete
+ task-list
] ++
(attrValues (todo "agenda"))
;
diff --git a/krebs/2configs/repo-sync.nix b/krebs/2configs/repo-sync.nix
index 48da88a8d..7c3b2c90e 100644
--- a/krebs/2configs/repo-sync.nix
+++ b/krebs/2configs/repo-sync.nix
@@ -5,76 +5,156 @@ with import <stockholm/lib>;
let
mirror = "git@${config.networking.hostName}:";
- defineRepo = name: announce: let
+ defineRepo = {
+ name, desc, section
+ }:
+ let
repo = {
public = true;
name = mkDefault "${name}";
- cgit.desc = mkDefault "mirror for ${name}";
- cgit.section = mkDefault "mirror";
- hooks = mkIf announce (mkDefault {
+ cgit.desc = desc;
+ cgit.section = section;
+ hooks = mkDefault {
post-receive = pkgs.git-hooks.irc-announce {
nick = config.networking.hostName;
verbose = false;
channel = "#xxx";
server = "irc.r";
- branches = [ "master" ];
+ branches = [ "newest" ];
};
- });
+ };
};
in {
- rules = with git; singleton {
- user = with config.krebs.users; [
- config.krebs.users."${config.networking.hostName}-repo-sync"
- ];
- repo = [ repo ];
- perm = push ''refs/*'' [ non-fast-forward create delete merge ];
- };
+ rules = with git; [
+ {
+ user = with config.krebs.users; [
+ config.krebs.users."${config.networking.hostName}-repo-sync"
+ jeschli
+ lass
+ makefu
+ tv
+ ];
+ repo = [ repo ];
+ perm = push ''refs/*'' [ non-fast-forward create delete merge ];
+ }
+ {
+ user = attrValues config.krebs.users;
+ repo = [ repo ];
+ perm = fetch;
+ }
+ ];
repos."${name}" = repo;
};
- sync-retiolum = name:
+ sync-retiolum = {
+ name,
+ desc ? "mirror for ${name}",
+ section ? "mirror"
+ }:
{
krebs.repo-sync.repos.${name} = {
branches = {
- makefu = {
- origin.url = "http://cgit.gum/${name}";
+ lassulus = {
+ origin.url = "http://cgit.lassul.us/${name}";
mirror.url = "${mirror}${name}";
};
- tv = {
- origin.url = "http://cgit.ni.r/${name}";
+ makefu = {
+ origin.url = "http://cgit.gum/${name}";
mirror.url = "${mirror}${name}";
};
nin = {
origin.url = "http://cgit.onondaga.r/${name}";
mirror.url = "${mirror}${name}";
};
- lassulus = {
- origin.url = "http://cgit.lassul.us/${name}";
+ tv = {
+ origin.url = "http://cgit.ni.r/${name}";
mirror.url = "${mirror}${name}";
};
};
latest = {
url = "${mirror}${name}";
- ref = "heads/master";
+ ref = "heads/newest";
};
};
- krebs.git = defineRepo name false;
+ krebs.git = defineRepo { inherit name desc section; };
+ };
+
+ sync-remote = {
+ name,
+ url,
+ desc ? "mirror for ${name}",
+ section ? "mirror"
+ }:
+ {
+ krebs.repo-sync.repos.${name} = {
+ branches = {
+ remote = {
+ origin.url = url;
+ mirror.url = "${mirror}${name}";
+ };
+ };
+ };
+ krebs.git = defineRepo { inherit name desc section; };
};
in {
+ krebs.git = {
+ enable = true;
+ cgit.settings = {
+ root-title = "krebs repos";
+ root-desc = "keep calm and engage";
+ };
+ };
krebs.repo-sync = {
enable = true;
};
- krebs.git = {
- enable = mkDefault true;
- cgit = {
- settings = {
- root-title = "Shared Repos";
- root-desc = "keep on krebsing";
- };
- };
- };
imports = [
- (sync-retiolum "stockholm")
+ (sync-retiolum { name = "the_playlist"; desc = "Good Music collection + tools"; section = "art"; })
+
+ (sync-retiolum { name = "stockholm"; desc = "take all computers hostage, they love it"; section = "configuration"; })
+
+ (sync-retiolum { name = "cholerab"; desc = "krebs thesauron & enterprise-patterns"; section = "documentation"; })
+
+ (sync-retiolum { name = "disko"; desc = "take a description of your disk layout and produce a format script"; section = "software"; })
+ (sync-retiolum { name = "news"; desc = "take a rss feed and a timeout and print it to stdout"; section = "software"; })
+ (sync-retiolum { name = "krops"; desc = "krebs ops"; section = "software"; })
+ (sync-retiolum { name = "go"; desc = "url shortener"; section = "software"; })
+ (sync-retiolum { name = "much"; desc = "curses email client"; section = "software"; })
+ (sync-retiolum { name = "newsbot-js"; desc = "irc rss/atom bot"; section = "software"; })
+ (sync-retiolum { name = "nix-writers"; desc = "high level writers for nix"; section = "software"; })
+
+ (sync-retiolum { name = "cac-api"; desc = "CloudAtCost API command line interface"; section = "miscellaneous"; })
+ (sync-retiolum { name = "dic"; desc = "dict.leo.org command line interface"; section = "miscellaneous"; })
+ (sync-retiolum { name = "get"; section = "miscellaneous"; })
+ (sync-retiolum { name = "hstool"; desc = "Haskell Development Environment ^_^"; section = "miscellaneous"; })
+ (sync-retiolum { name = "htgen"; desc = "toy HTTP server"; section = "miscellaneous"; })
+ (sync-retiolum { name = "kirk"; desc = "IRC tools"; section = "miscellaneous"; })
+ (sync-retiolum { name = "load-env"; section = "miscellaneous"; })
+ (sync-retiolum { name = "loldns"; desc = "toy DNS server"; section = "miscellaneous"; })
+ (sync-retiolum { name = "netcup"; desc = "netcup command line interface"; section = "miscellaneous"; })
+ (sync-retiolum { name = "populate"; desc = "source code installer"; section = "miscellaneous"; })
+ (sync-retiolum { name = "q"; section = "miscellaneous"; })
+ (sync-retiolum { name = "regfish"; section = "miscellaneous"; })
+ (sync-retiolum { name = "soundcloud"; desc = "SoundCloud command line interface"; section = "miscellaneous"; })
+
+ (sync-retiolum { name = "blessings"; section = "Haskell libraries"; })
+ (sync-retiolum { name = "mime"; section = "Haskell libraries"; })
+ (sync-retiolum { name = "quipper"; section = "Haskell libraries"; })
+ (sync-retiolum { name = "scanner"; section = "Haskell libraries"; })
+ (sync-retiolum { name = "wai-middleware-time"; section = "Haskell libraries"; })
+ (sync-retiolum { name = "web-routes-wai-custom"; section = "Haskell libraries"; })
+ (sync-retiolum { name = "xintmap"; section = "Haskell libraries"; })
+ (sync-retiolum { name = "xmonad-stockholm"; desc = "krebs xmonad modules"; section = "Haskell libraries"; })
+
+ (sync-remote { name = "array"; url = "https://github.com/makefu/array"; })
+ (sync-remote { name = "email-header"; url = "https://github.com/4z3/email-header"; })
+ (sync-remote { name = "mycube-flask"; url = "https://github.com/makefu/mycube-flask"; })
+ (sync-remote { name = "reaktor-titlebot"; url = "https://github.com/makefu/reaktor-titlebot"; })
+ (sync-remote { name = "repo-sync"; url = "https://github.com/makefu/repo-sync"; })
+ (sync-remote { name = "skytraq-datalogger"; url = "https://github.com/makefu/skytraq-datalogger"; })
+ (sync-remote { name = "realwallpaper"; url = "https://github.com/lassulus/realwallpaper"; })
+ (sync-remote { name = "painload"; url = "https://github.com/krebs/painload"; })
+ (sync-remote { name = "Reaktor"; url = "https://github.com/krebs/Reaktor"; })
+ (sync-remote { name = "nixos-wiki"; url = "https://github.com/Mic92/nixos-wiki.wiki.git"; })
];
}
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index e2322e171..c4a5bbb0d 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -301,37 +301,6 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEB/MmASvx3i09DY1xFVM5jOhZRZA8rMRqtf8bCIkC+t";
};
- helios = {
- cores = 8;
- nets = {
- retiolum = {
- ip4.addr = "10.243.133.117";
- ip6.addr = "42:0:0:0:0:0:3:7105";
- aliases = [
- "helios.r"
- "cgit.helios.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAp+SRmP5MoCSYInx4Dm5MLZzNyXVgfo/CDoeUlUT35X0yE7WHGWsG
- wHPCu+3RWfBUjuqNdb0qiGtRi3Q/LwznwBROPOX8gMXia/DgCLbIjn5Rx081pTIo
- 3epbUCFtNgyDWg8IHF87ZnVBXTYAy5g4tz9u8kw82D8mR18o595TuZ9t5pDc/Kvi
- fPHZenT6cd6FtL9uankX/jan1PRP9xTrhpE8dAQ6g+7XH7knMK3cno/Ztis5YzHt
- Ith0bsIjk5of7hhITj0MXtTikjDqWxkpF5mfOK1cG/rC1goTmB9AfcENUBnu9iAM
- I/alzqk3CEczznLyaOckfx2fRuar912LAdiJ5v7VPztfvN1p3gIxq5M0Rgkq+98B
- H/s32xNRBPvqoIleKnhwE9gfrCLaAVqpaMkgKRvgsTkSDNYNhh4smQ3eAKKwwDH/
- QG3sfP8xyNyDFhBtCiDGkf9hNqBBMaKjZoh8DasZNtcfOop3fGw7jmUUbB6cG8cp
- +EfYbcb5mVpmrIyXgOTwwYcp7tn+zkd4Wa8C9Q98eFTs0HGVGxGX9Hj6PM/kXK4C
- aIqIQVNpnJ/9cOwT8JFIriG1MWTOXbamUusKTLs8SRp3ZkyM7XUEcLL5HMh09rUw
- rzEAmE7TywXVhd7j2IaEy+bx2dfGQH2bFoh6Drm6Olo+ySi1utB5dGkCAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- secure = true;
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqpx9jJnn4QMGO8BOrGOLRN1rgpIkR14sQb8S+otWEL";
- };
littleT = {
cores = 2;
nets = {
diff --git a/krebs/3modules/lass/ssh/android.rsa b/krebs/3modules/lass/ssh/android.rsa
index f5190f45c..3d35b76e4 100644
--- a/krebs/3modules/lass/ssh/android.rsa
+++ b/krebs/3modules/lass/ssh/android.rsa
@@ -1 +1 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgGgImN/9D4yJBjYlkAvT3X45kzt4n8hmgsqPcdcHWNC7fofWG4fZe8NNrTLdKsK+xYxTstj49l8Vb3YDvw4fAyyyhms/eFRlD2BRqAISwc39EIeTC4g3PXNeUtUGdczXKxsJf5iWf4kxUrUOuZ3FeKxeYXDMSqzzk1oKalhWNl4PmgRc5FzjeRJ2WziilwFq7ntLswoeTBW3c53fbcp3XuPza3M1/sN3NHJx9ZMpWVfJhZ/CXr+nqpc25ZIr5HZVZbgDTyJQimlTF5JCfU0NiiBIh7ep7x4o93tARmilit7+mWUkkxk6ba+zG6nr+s+zyd85AFAYRioOEczbC6mI44UZUB11KkEzOon5JWSA8pK+DPqsqhFkwWYMHLXZp8zemdp9kushRZ6nuI9MzBwacngro1vAvDL6jrS5MR7zf7rMAo6wexovWoEowvZz629mjC3OAt9iOm4VJdvEmq+rHLfjjznVEY6llF7DUu2QNEazaXhxZH9V9N1gyubIE97SQVqmwDrf8BGC0Hq+hC4OOweqfo4XP0etbqAfDozZbqcqyE1m9Bj8DpjrSXka1PuJf5fgEtoxPadd2qdiHMfIx9sM+4uu2nI5aFvWO3OlJmhF80QzNdFzZWjsyvJ24C1/a2FAyzoab1Sg9ljstQThseTtvlXcX8jfFn0U3RbgXgCgOWad3Oy9vA0OCdsHut0nzv3UO+T5+wv2+lvE3QSSKOlmVtdKMhCFb+Rg+FliKxyd820h9yR3wDYmkurVkAxaj8Kx5MaY/7aypOi8fRAV2FSDtCKkuMyPv4xEtdPi/4lj55pRBEO8lJkeb+WurCzZ7ZeaPdrW1YIQtToPpiz3dXeRhkts6jq8247xIplzHh9Iu18gOrnZ+ygn70g19x842vvcfLQNAghDPS93msJdSe+EtulMCwNTjUaF9LyzhW9ptLG9NmwgbT5kGsFiRw3BFdyfcQVWVzDhuP3hPPx+hjiZtFfpIKpxV9MjO1xQ830Ngk3JpSphMZTQ432yfvu9yEsUWmAa8ax1jxJ361AiIp0U2xioJmdVd3E2sxkpOUYqE89IR9X6hS3fH38Gc5IL5+BnhuZvRgXuA+nrqdU4pMB3TIoC5oXlOMRXpxaS91YiO4ERx2t6WkBRCoaDuRWnLpewV6lhjwi1+4Emlrs2q1R0K64emZTv7O1MKwWRHOlBJD3HLyCCS763OzYW4mEQcfBAQtbm6sTooJ+D/zbmYgbnZt0z/nP9R/n25pzlSPpZ49fCiRV7QN6D9mksISTz8qIiCzNBn1F7DUewXqkrdPopl4npeNVcOyyo7P1lFFGde+jq/7REdzD+vno1h9+17WZbyzQtlOyipQYzb6l4QuXq/zejJrELJAQdN4yRQq5NJzIh0HXaPnPC083T791moBflyqiwPEIWsSMfILqSqL1jVVNgvV4fHnMixgH2zK9f0EyE3fG9PnuRribPR2DlESqpHZTcBixgh660EPKh0gCLYoWKgU= lass-android@XperiaXCompact
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOPH4c2zQCaCmus4T9GvaY1lrgVR9CKV3Fx1vRn1K1XB u0_a194@android
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index c5404f96d..9630d7a7f 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -336,7 +336,6 @@ with import <stockholm/lib>;
"krebsco.de" = ''
euer IN MX 1 aspmx.l.google.com.
nixos.unstable IN CNAME krebscode.github.io.
- gold IN A ${nets.internet.ip4.addr}
boot IN A ${nets.internet.ip4.addr}
'';
};
@@ -522,6 +521,13 @@ with import <stockholm/lib>;
};
nextgum = rec {
ci = true;
+ extraZones = {
+ "krebsco.de" = ''
+ cache.euer IN A ${nets.internet.ip4.addr}
+ cache.gum IN A ${nets.internet.ip4.addr}
+ gold IN A ${nets.internet.ip4.addr}
+ '';
+ };
cores = 8;
nets = rec {
internet = {
@@ -537,6 +543,7 @@ with import <stockholm/lib>;
ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3";
aliases = [
"nextgum.r"
+ "cache.gum.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix
index b7ef824b5..09e552010 100644
--- a/krebs/3modules/rtorrent.nix
+++ b/krebs/3modules/rtorrent.nix
@@ -29,7 +29,7 @@ let
''}
${optionalString (cfg.watchDir != null) ''
- schedule = watch_directory,5,5,load_start=${cfg.watchDir}/*.torrent
+ directory.watch.added = "${cfg.watchDir}", load.start_verbose
''}
directory = ${cfg.downloadDir}
diff --git a/krebs/5pkgs/haskell/xmonad-stockholm.nix b/krebs/5pkgs/haskell/xmonad-stockholm.nix
index 954cfd76a..7f6bb299d 100644
--- a/krebs/5pkgs/haskell/xmonad-stockholm.nix
+++ b/krebs/5pkgs/haskell/xmonad-stockholm.nix
@@ -1,16 +1,16 @@
-{ mkDerivation, base, containers, fetchgit, stdenv, X11, X11-xshape
+{ mkDerivation, base, containers, fetchgit, stdenv, X11, X11-xft, X11-xshape
, xmonad, xmonad-contrib
}:
mkDerivation rec {
pname = "xmonad-stockholm";
- version = "1.1.1";
+ version = "1.2.0";
src = fetchgit {
url = http://cgit.ni.krebsco.de/xmonad-stockholm;
rev = "refs/tags/v${version}";
- sha256 = "05nnfg6q35z3qgf507qa80bz32jl4k719dl5phlmchplp3769585";
+ sha256 = "13mvmh3kk9a79l1nii028p0n7l95pb78wz9c4j42l90m02mg6cis";
};
libraryHaskellDepends = [
- base containers X11 X11-xshape xmonad xmonad-contrib
+ base containers X11 X11-xft X11-xshape xmonad xmonad-contrib
];
license = stdenv.lib.licenses.mit;
}
diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix
index db578c457..c6e601475 100644
--- a/krebs/5pkgs/simple/Reaktor/plugins.nix
+++ b/krebs/5pkgs/simple/Reaktor/plugins.nix
@@ -165,7 +165,7 @@ rec {
};
task-delete = buildSimpleReaktorPlugin "task-delete" {
- pattern = "^task-remove: (?P<args>.*)$$";
+ pattern = "^task-delete: (?P<args>.*)$$";
script = pkgs.writeDash "task-delete" ''
${pkgs.taskwarrior}/bin/task rc:${taskrcFile} delete "$*"
'';
diff --git a/krebs/krops.nix b/krebs/krops.nix
index 861f2d323..c334bc07d 100644
--- a/krebs/krops.nix
+++ b/krebs/krops.nix
@@ -12,7 +12,7 @@
krebs-source = {
nixpkgs.git = {
- ref = "56fad146a12a6f934d1d5ef875eb729be1b19129";
+ ref = (lib.importJSON ./nixpkgs.json).rev;
url = https://github.com/NixOS/nixpkgs;
};
stockholm.file = toString ../.;
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
new file mode 100644
index 000000000..13bed8bfe
--- /dev/null
+++ b/krebs/nixpkgs.json
@@ -0,0 +1,7 @@
+{
+ "url": "https://github.com/NixOS/nixpkgs-channels",
+ "rev": "4df3426f5a5e78cef4835897a43abd9e2a092b74",
+ "date": "2018-08-19T09:20:40+02:00",
+ "sha256": "05k5mssiqxffxi45mss9wjns6k76i248rpasa48akdcriry1mp63",
+ "fetchSubmodules": true
+}
diff --git a/krebs/update-channel.sh b/krebs/update-channel.sh
new file mode 100755
index 000000000..47d3f29c4
--- /dev/null
+++ b/krebs/update-channel.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+dir=$(dirname $0)
+oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
+nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \
+ --url https://github.com/NixOS/nixpkgs-channels \
+ --rev refs/heads/nixos-18.03' \
+> $dir/nixpkgs.json
+newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
+git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev"
diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix
index eafc0d06c..305b3f70e 100644
--- a/lass/1systems/daedalus/config.nix
+++ b/lass/1systems/daedalus/config.nix
@@ -30,7 +30,8 @@ with import <stockholm/lib>;
};
environment.systemPackages = with pkgs; [
pavucontrol
- firefox
+ #firefox
+ chromium
hexchat
networkmanagerapplet
libreoffice
diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix
index 5657742a6..68acf12b8 100644
--- a/lass/1systems/helios/config.nix
+++ b/lass/1systems/helios/config.nix
@@ -1,110 +1,7 @@
with import <stockholm/lib>;
-{ config, lib, pkgs, ... }:
-
+{ pkgs, ... }:
{
- imports = [
- <stockholm/lass>
- <stockholm/lass/2configs/baseX.nix>
- <stockholm/lass/2configs/browsers.nix>
- <stockholm/lass/2configs/mouse.nix>
- <stockholm/lass/2configs/pass.nix>
- <stockholm/lass/2configs/retiolum.nix>
- <stockholm/lass/2configs/otp-ssh.nix>
- # TODO fix krebs.git.rules.[definition 2-entry 2].lass not defined
- #<stockholm/lass/2configs/git.nix>
- #<stockholm/lass/2configs/dcso-vpn.nix>
- <stockholm/lass/2configs/virtualbox.nix>
- <stockholm/lass/2configs/dcso-dev.nix>
- <stockholm/lass/2configs/steam.nix>
- <stockholm/lass/2configs/rtl-sdr.nix>
- <stockholm/lass/2configs/backup.nix>
- {
- services.xserver.dpi = 200;
- fonts.fontconfig.dpi = 200;
- lass.fonts.regular = "xft:Hack-Regular:pixelsize=22,xft:Symbola";
- lass.fonts.bold = "xft:Hack-Bold:pixelsize=22,xft:Symbola";
- lass.fonts.italic = "xft:Hack-RegularOblique:pixelsize=22,xft:Symbol";
- }
- { #TAPIR, AGATIS, sentral, a3 - foo
- services.redis.enable = true;
- }
- {
- krebs.fetchWallpaper = {
- enable = true;
- url = "http://i.imgur.com/0ktqxSg.png";
- maxTime = 9001;
- };
- }
- {
- #urban terror port
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 27960"; target = "ACCEPT"; }
- { predicate = "-p udp --dport 27960"; target = "ACCEPT"; }
- ];
- }
- ];
- krebs.build.host = config.krebs.hosts.helios;
-
- krebs.git.rules = [
- {
- user = [ config.krebs.users.lass-helios ];
- repo = [ config.krebs.git.repos.stockholm ];
- perm = with git; push "refs/heads/*" [ fast-forward non-fast-forward create delete merge ];
- }
- {
- lass.umts = {
- enable = true;
- modem = "/dev/serial/by-id/usb-Lenovo_F5521gw_2C7D8D7C35FC7040-if09";
- initstrings = ''
- Init1 = AT+CFUN=1
- Init2 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0
- '';
- };
- }
- ];
-
environment.systemPackages = with pkgs; [
- ag
- vim
- git
- rsync
- hashPassword
- thunderbird
dpass
-
- # we want tensorflow! (with GPU acceleration)
- python3Packages.tensorflowWithCuda
];
-
- users.users = {
- root.openssh.authorizedKeys.keys = [
- config.krebs.users.lass-helios.pubkey
- ];
- };
-
- services.tlp.enable = true;
-
- networking.hostName = lib.mkForce "BLN02NB0162";
-
- security.pki.certificateFiles = [
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "006j61q2z44z6d92638iin6r46r4cj82ipwm37784h34i5x4mp0d"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "1nkd1rjcn02q9xxjg7sw79lbwy08i7hb4v4pn98djknvcmplpz5m"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "094m12npglnnv1nf1ijcv70p8l15l00id44qq7rwynhcgxi5539i"; })
-
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "1anfncdf5xsp219kryncv21ra87flpzcjwcc85hzvlwbxhid3g4x"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "035kkfizyl5dndj7rhvmy91rr75lakqbqgjx4dpiw0kqq369mz8r"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "14fpzx1qjs9ws9sz0y7pb6j40336xlckkqcm2rc5j86yn7r22lp7"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "1yjl3kyw4chc8vw7bnqac2h9vn8dxryw7lr7i03lqi9sdvs4108s"; })
- ];
-
- programs.adb.enable = true;
- users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
-
- services.printing.drivers = [ pkgs.postscript-lexmark ];
-
- services.logind.extraConfig = ''
- HandleLidSwitch=ignore
- '';
-
- virtualisation.docker.enable = true;
}
diff --git a/lass/1systems/helios/physical.nix b/lass/1systems/helios/physical.nix
deleted file mode 100644
index a5212454f..000000000
--- a/lass/1systems/helios/physical.nix
+++ /dev/null
@@ -1,64 +0,0 @@
-{ pkgs, ... }:
-{
- imports = [
- ./config.nix
- { # automatic hardware detection
- boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
- boot.kernelModules = [ "kvm-intel" ];
-
- fileSystems."/" = {
- device = "/dev/pool/root";
- fsType = "btrfs";
- };
-
- fileSystems."/boot" = {
- device = "/dev/disk/by-uuid/1F60-17C6";
- fsType = "vfat";
- };
-
- fileSystems."/home" = {
- device = "/dev/pool/home";
- fsType = "btrfs";
- };
-
- fileSystems."/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
- }
- { # crypto stuff
- boot.initrd.luks = {
- cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
- devices = [{
- name = "luksroot";
- device = "/dev/nvme0n1p3";
- }];
- };
- }
- ];
-
- # Use the systemd-boot EFI boot loader.
- boot.loader.systemd-boot.enable = true;
- boot.loader.efi.canTouchEfiVariables = true;
-
- networking.wireless.enable = true;
- hardware.enableRedistributableFirmware = true;
-
-
- services.udev.extraRules = ''
- SUBSYSTEM=="net", ATTR{address}=="f8:59:71:a9:05:65", NAME="wl0"
- SUBSYSTEM=="net", ATTR{address}=="54:e1:ad:4f:06:83", NAME="et0"
- '';
-
- services.xserver.videoDrivers = [ "nvidia" ];
- services.xserver.xrandrHeads = [
- { output = "DP-2"; primary = true; }
- { output = "DP-4"; monitorConfig = ''Option "Rotate" "left"''; }
- { output = "DP-0"; }
- ];
-
- services.xserver.displayManager.sessionCommands = ''
- ${pkgs.xorg.xrandr}/bin/xrandr --output DP-6 --off --output DP-5 --off --output DP-4 --mode 2560x1440 --pos 3840x0 --rotate left --output DP-3 --off --output DP-2 --primary --mode 3840x2160 --scale 0.5x0.5 --pos 0x400 --rotate normal --output DP-1 --off --output DP-0 --mode 2560x1440 --pos 5280x1120 --rotate normal
- '';
-}
diff --git a/lass/1systems/helios/source.nix b/lass/1systems/helios/source.nix
deleted file mode 100644
index bfe4dca4c..000000000
--- a/lass/1systems/helios/source.nix
+++ /dev/null
@@ -1,4 +0,0 @@
-import <stockholm/lass/source.nix> {
- name = "helios";
- secure = true;
-}
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index ad4f8a504..90e04cad1 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -33,6 +33,7 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/dunst.nix>
<stockholm/lass/2configs/rtl-sdr.nix>
<stockholm/lass/2configs/backup.nix>
+ <stockholm/lass/2configs/print.nix>
{
krebs.iptables.tables.filter.INPUT.rules = [
#risk of rain
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 6be45d38d..0f20d1c4e 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -175,7 +175,6 @@ with import <stockholm/lib>;
alias /var/realwallpaper/realwallpaper.png;
'';
}
- <stockholm/lass/2configs/dcso-dev.nix>
{
users.users.jeschli = {
uid = genid "jeschli";
@@ -288,6 +287,8 @@ with import <stockholm/lib>;
{
users.users.download.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACADLPxtB2f2tocXHxD3ul9D1537hTht6/un87JYZNnoYABveasyIcdFIfp5lPJmj3PjwqXNTA4M/3V+ufrpZ91dxFeXWI5mOI4YB3xRu+Elja8g7nfvCz1HrH3sD1equos/7ltQ1GZYvHGw40qD1/ZtOODwRwrYJ7l/DUBrjk/tzXRjm0+ZgyQsb3G9a80cA8d3fiuQDxbAzdoJF46wt36ZfuSMpJ/Td8CbCoLlV/uL9QZemOglyxNxR607qGfRNXF1An+P+fFq24GmdHpMJ00DfjZ/dJRL9QSs7vd07uyB4Qty4VHwRhc46XH6KL7VTF1D3INF/BeBZx90GBxOvpgEji7Zrf7O5eSAjM2Do1+t+Ev2IIuiltB+QqTir4rZcrCBrJ2+zD3DDymKffVi8sz15AvdrFkIplzZxpOcgm9Ns2w/uh8sxeV6J58aoLEVmd2KRUfJFYiS1EuEjYo2OHlj8ltIh3VlfYdWksGpQc71IT0iEWvzvjYcfCda9uzFLKdLfBy4GB8+s4zR2CX9aGDyJaIY1kt/xqDeztnYwW1owG+fLMrDJlq3Mu+KmJljb30jzrOPhFYVZgWenmMFgH2RBzVEmnsR0f2LFVLj6N/a9fpEJ3WhxMOc5Ybdpgg/l9KUdgvWLk6KOtba+z9fuYT1YgwtZBoMgHAdZLmZ/DGtff palo@pepe"
+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGMjbYFmmvpF60YBShyFISbjN+O3e4GPkfsre6xFqz20joi8YqpD/5PtrMsGrPd1ZoZ9qSwXJtbb1WBomFg0xzRSNa1/FliKiE1ilcaB3aUZRtP0OWHIvWD3/YL/0h+/YXDGTfb8FNvpgJmnbN3Q0gw8cwWw+eve5BMyqDhzFvycxO4qDuP2JXkGpdhJqjaYZhP5rPH2mgv1oU1RnOA3A7APZVGf1m6JSmV7FZR514aGlFV+NpsvS29Mib8fcswgpoGhMN6jeh/nf49tp01LUAOmXSqdHIWNOTt3Mt7S4rU7RZwEhswdSRbKdKFRMj+uRkhJ4CPcNuuGtSY3id0Ja7IvrvxNaQUk1L8nBcza709jvSBYWSY5/aGL1ocA/PNWXDpOTp2PWwxkh39aPMqZXPTH3KC4IkRp5SiKibEhdmjnToV7nUAJe4IWn1b7QdoqS03ib0X87DnHWIbvi8UZlImM7pn0rs+rwnOo4lQwrTz7kbBHPaa6XOZAuDYND2728vtcrhwzVrKgiXWbyF6VzvwxPeeStmn1gENvozbj1hl9gbQ1cH/a4pZFBV/OFl/ryzDnB2ghM4acNJazXx/6/us9hX+np1YxIzJaxENj677MLc6HitM2g6XJGaixBQ0U2NNjcjIuQT0ZaeKXsSLnu1Y7+uslbVAwsQ4pJmSxxMMQ== palo@workhorse"
];
}
{
@@ -338,7 +339,7 @@ with import <stockholm/lib>;
{
# lass-android
allowedIPs = [ "10.244.1.2/32" ];
- publicKey = "63+ns9AGv6e6a8WgxiZNFEt1xQT0YKFlEHzRaYJWtmk=";
+ publicKey = "zVunBVOxsMETlnHkgjfH71HaZjjNUOeYNveAVv5z3jw=";
}
];
};
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 7d04827f0..95aac2d18 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -8,7 +8,6 @@ in {
./mpv.nix
./power-action.nix
./copyq.nix
- ./livestream.nix
./urxvt.nix
./network-manager.nix
{
@@ -58,30 +57,18 @@ in {
programs.ssh.startAgent = true;
services.openssh.forwardX11 = true;
- services.printing = {
- enable = true;
- drivers = [
- pkgs.foomatic_filters
- pkgs.gutenprint
- ];
- };
-
environment.systemPackages = with pkgs; [
acpi
ag
- bank
cabal2nix
cholerab
dic
dmenu
font-size
- gi
gitAndTools.qgit
git-preview
gnome3.dconf
lm_sensors
- mpv-poll
- much
ncdu
nix-index
nix-repl
@@ -90,18 +77,14 @@ in {
powertop
push
rxvt_unicode_with-plugins
- slock
sxiv
taskwarrior
termite
- timewarrior
xclip
xephyrify
xorg.xbacklight
xorg.xhost
xsel
- youtube-tools
- yt-next
zathura
];
@@ -112,7 +95,6 @@ in {
xlibs.fontschumachermisc
];
- #lass.xserver.enable = true;
services.xserver = {
enable = true;
layout = "us";
diff --git a/lass/2configs/blue.nix b/lass/2configs/blue.nix
index 363705edc..16c63ff38 100644
--- a/lass/2configs/blue.nix
+++ b/lass/2configs/blue.nix
@@ -12,6 +12,7 @@ with (import <stockholm/lib>);
environment.systemPackages = with pkgs; [
ag
nmap
+ git-preview
];
services.tor.enable = true;
diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix
index 272169e92..425e0ee13 100644
--- a/lass/2configs/browsers.nix
+++ b/lass/2configs/browsers.nix
@@ -29,7 +29,7 @@ let
environment.systemPackages = [
config.lass.xjail-bins.${name}
(pkgs.writeDashBin "cx-${name}" ''
- DISPLAY=:${toString (genid_signed name)} ${pkgs.xclip}/bin/xclip -o | DISPLAY=:0 ${pkgs.xclip}/bin/xclip
+ DISPLAY=:${toString (genid_uint31 name)} ${pkgs.xclip}/bin/xclip -o | DISPLAY=:0 ${pkgs.xclip}/bin/xclip
'')
];
lass.browser.paths.${name} = {
@@ -66,6 +66,7 @@ in {
extensions = [
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin
"dbepggeogbaibhgnhhndojpepiihcmeb" # vimium
+ "liloimnbhkghhdhlamdjipkmadhpcjmn" # krebsgold
];
};
diff --git a/lass/2configs/ciko.nix b/lass/2configs/ciko.nix
index 56c9a286c..b08cf9307 100644
--- a/lass/2configs/ciko.nix
+++ b/lass/2configs/ciko.nix
@@ -2,7 +2,7 @@
with import <stockholm/lib>;
{
users.users.ciko = {
- uid = genid_signed "ciko";
+ uid = genid_uint31 "ciko";
description = "acc for ciko";
home = "/home/ciko";
useDefaultShell = true;
diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix
deleted file mode 100644
index 4d8d308fb..000000000
--- a/lass/2configs/dcso-dev.nix
+++ /dev/null
@@ -1,75 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
- mainUser = config.users.extraUsers.mainUser;
- inherit (import <stockholm/lib>) genid;
-
-in {
- users.extraUsers = {
- dev = {
- name = "dev";
- uid = genid "dev";
- extraGroups = [ "docker" "vboxusers" ];
- description = "user for collaborative development";
- home = "/home/dev";
- useDefaultShell = true;
- createHome = true;
- openssh.authorizedKeys.keys = [
- config.krebs.users.lass.pubkey
- config.krebs.users.lass-android.pubkey
- config.krebs.users.lass-mors.pubkey
- config.krebs.users.jeschli-bln.pubkey
- config.krebs.users.jeschli-brauerei.pubkey
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1T5+2epslFARSnETdr4wdolA6ocJaD4H9tmz6BZFQKXlwIq+OMp+sSEdwYwW3Lu9+mNbBHPxVVJDWg/We9DXB0ezXPM5Bs1+FcehmkoGwkmgKaFCDt0sL+CfSnog/3wEkN21O/rQxVFqMmiJ7WUDGci6IKCFZ5ZjOsmmfHg5p3LYxU9xv33fNr2v+XauhrGbFtQ7eDz4kSywxN/aw73LN4d8em0V0UV8VPI3Qkw7MamDFwefA+K1TfK8pBzMeruU6N7HLuNkpkAp7kS+K4Zzd72aQtR37a5qMiFUbOxQ9B7iFypuPx0iu6ZwY1s/sM8t3kLmcDJ9O4FOTzlbpneet3as6iJ+Ckr/TlfKor2Tl5pWcXh2FXHoG8VUu5bYmIViJBrKihAlAQfQN0mJ9fdFTnCXVTtbYTy11s4eEVHgUlb7oSpgBnx5bnBONgApbsOX9zyoo8wz8KkZBcf1SQpkV5br8uUAHCcZtHuY6I3kKlv+8lJmgUipiYzMdTi7+dHa49gVEcEKL4ZnJ0msQkl4XT7JjKETLvumC4/TIqVuRu48wuYalkCR9OzxCsTXQ/msBJBztPdYLrEOXVb2HfzuCT+43UuMQ5rP/EoPy0TWQO9BaqfEXqvbOvWjVxj/GMvglQ2ChZTwHxwwTKB8qRVvJLnbZQwizQiSrkzjb6hRJfQ== u0_a165@localhost"
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjtdqRxD0+UU7O8xogSqAQYd/Hrc79CTTKnvbhKy7jp2TVfxQpl81ndSH6DN6Cz90mu65C+DFGq43YtKTPqXmTn1+2wru71C2UOl6ZR0tmU7UELkRt4SJuFQLEgQCt3BWvXJPye6cKRRIlb+XZHWyVyCDxHo9EYO2GWI1wIP8mHMltKj65mobHY+R0CJNhhwlFURzTto8C30ejfVg2OW81qkNWqYtpdC9txLUlQ9/LBVKrafHGprmcBEp9qtecVgx8kxHpS7cuQNYoFcfljug4IyFO+uBfdbKqnGM5mra3huNhX3+AcQxKbLMlRgZD+jc47Xs+s5qSvWBou2ygd5T413k/SDOTCxDjidA+dcwzRo0qUWcGL201a5g+F0EvWv8rjre9m0lii6QKEoPyj60y3yfaIHeafels1Ia1FItjkBe8XydiXf7rKq8nmVRlpo8vl+vKwVuJY783tObHjUgBtXJdmnyYGiXxkxSrXa2mQhPz3KodK/QrnqCP27dURcMlp1hFF3LxFz7WtMCLW0yvDuUsuI2pdq0+zdt702wuwXVNIvbq/ssvX/CL8ryBLAogaxN9DN0vpjk+aXQLn11Zt99MgmnnqUgvOKQi1Quog/SxnSBiloKqB6aA10a28Uxoxkr0KAfhWhX3XPpfGMlbVj4GJuevLp0sGDVQT2biUQ== rhaist@RH-NB"
- ];
- packages = with pkgs; [
- emacs25-nox
-
- (pkgs.symlinkJoin {
- name = "tmux";
- paths = [
- (pkgs.writeDashBin "tmux" ''
- exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" ''
- set-option -g default-terminal screen-256color
-
- #use session instead of windows
- bind-key c new-session
- bind-key p switch-client -p
- bind-key n switch-client -n
- bind-key C-s switch-client -l
- ''} "$@"
- '')
- pkgs.tmux
- ];
- })
- ];
- };
- };
-
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 8000"; target = "ACCEPT";}
- { predicate = "-p tcp --dport 9000"; target = "ACCEPT";}
- ];
-
- krebs.per-user.dev.packages = [
- pkgs.go
- ];
- environment.variables.GOPATH = "$HOME/go";
-
- security.sudo.extraConfig = ''
- ${mainUser.name} ALL=(dev) NOPASSWD: ALL
- '';
-
- networking.interfaces.et0.ipv4.addresses = [
- { address = "10.99.23.1"; prefixLength = 24; }
- ];
- virtualisation.docker.enable = true;
- environment.etc."docker/daemon.json".source = pkgs.writeText "daemon.json" ''
- {
- "bip": "172.25.0.1/16"
- }
- '';
- services.rabbitmq.enable = true;
- services.postgresql.enable = true;
-}
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index db6bda005..191e25831 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -84,6 +84,9 @@ with import <stockholm/lib>;
{ from = "boardgamegeek@lassul.us"; to = lass.mail; }
{ from = "qwertee@lassul.us"; to = lass.mail; }
{ from = "zazzle@lassul.us"; to = lass.mail; }
+ { from = "hackbeach@lassul.us"; to = lass.mail; }
+ { from = "transferwise@lassul.us"; to = lass.mail; }
+ { from = "cis@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/2configs/print.nix b/lass/2configs/print.nix
new file mode 100644
index 000000000..e2d021641
--- /dev/null
+++ b/lass/2configs/print.nix
@@ -0,0 +1,10 @@
+{ pkgs, ... }:
+{
+ services.printing = {
+ enable = true;
+ drivers = [
+ pkgs.foomatic_filters
+ pkgs.gutenprint
+ ];
+ };
+}
diff --git a/lass/2configs/urxvt.nix b/lass/2configs/urxvt.nix
index 90d28d650..fa63ddf25 100644
--- a/lass/2configs/urxvt.nix
+++ b/lass/2configs/urxvt.nix
@@ -19,9 +19,9 @@ with import <stockholm/lib>;
URxvt.keysym.M-Escape: perl:keyboard-select:activate
URxvt.keysym.M-s: perl:keyboard-select:search
- URxvt.keysym.M-F1: command:\033]710;-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1\007\033]711;-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1\007
- URxvt.keysym.M-F2: command:\033]710;xft:Monospace:size=15\007\033]711;xft:Monospace:size=15:bold\007
- URxvt.keysym.M-F3: command:\033]710;xft:Monospace:size=20\007\033]711;xft:Monospace:size=20:bold\007
+ URxvt.keysym.M-F1: command:\033]710;${config.lass.fonts.regular}\007\033]711;${config.lass.fonts.bold}\007
+ URxvt.keysym.M-F2: command:\033]710;xft:Monospace:size=12\007\033]711;xft:Monospace:size=15:bold\007
+ URxvt.keysym.M-F3: command:\033]710;xft:Monospace:size=18\007\033]711;xft:Monospace:size=20:bold\007
URxvt.keysym.M-F4: command:\033]710;xft:Monospace:size=25\007\033]711;xft:Monospace:size=25:bold\007
URxvt.keysym.M-F5: command:\033]710;xft:Monospace:size=30\007\033]711;xft:Monospace:size=30:bold\007
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index d19f534fe..e1c1313ea 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -4,7 +4,7 @@ let
inherit (import <stockholm/lib>)
genid
- genid_signed
+ genid_uint31
;
inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})
servePage
@@ -134,7 +134,7 @@ in {
};
users.users.domsen = {
- uid = genid_signed "domsen";
+ uid = genid_uint31 "domsen";
description = "maintenance acc for domsen";
home = "/home/domsen";
useDefaultShell = true;
@@ -143,49 +143,49 @@ in {
};
users.users.bruno = {
- uid = genid_signed "bruno";
+ uid = genid_uint31 "bruno";
home = "/home/bruno";
useDefaultShell = true;
createHome = true;
};
users.users.jla-trading = {
- uid = genid_signed "jla-trading";
+ uid = genid_uint31 "jla-trading";
home = "/home/jla-trading";
useDefaultShell = true;
createHome = true;
};
users.users.jms = {
- uid = genid_signed "jms";
+ uid = genid_uint31 "jms";
home = "/home/jms";
useDefaultShell = true;
createHome = true;
};
users.users.ms = {
- uid = genid_signed "ms";
+ uid = genid_uint31 "ms";
home = "/home/ms";
useDefaultShell = true;
createHome = true;
};
users.users.testuser = {
- uid = genid_signed "testuser";
+ uid = genid_uint31 "testuser";
home = "/home/testuser";
useDefaultShell = true;
createHome = true;
};
users.users.akayguen = {
- uid = genid_signed "akayguen";
+ uid = genid_uint31 "akayguen";
home = "/home/akayguen";
useDefaultShell = true;
createHome = true;
};
users.users.bui = {
- uid = genid_signed "bui";
+ uid = genid_uint31 "bui";
home = "/home/bui";
useDefaultShell = true;
createHome = true;
diff --git a/lass/3modules/xjail.nix b/lass/3modules/xjail.nix
index 8f5f05bc2..5b450ed42 100644
--- a/lass/3modules/xjail.nix
+++ b/lass/3modules/xjail.nix
@@ -23,7 +23,7 @@ with import <stockholm/lib>;
};
display = mkOption {
type = types.string;
- default = toString (genid_signed config._module.args.name);
+ default = toString (genid_uint31 config._module.args.name);
};
dpi = mkOption {
type = types.int;
diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix
index 694f3c033..3bff9d450 100644
--- a/lass/5pkgs/custom/xmonad-lass/default.nix
+++ b/lass/5pkgs/custom/xmonad-lass/default.nix
@@ -64,7 +64,7 @@ myTerm :: FilePath
myTerm = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtc"
myFont :: String
-myFont = "${config.lass.fonts.regular}"
+myFont = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"
main :: IO ()
main = getArgs >>= \case
@@ -160,6 +160,8 @@ myKeyMap =
, ("<Pause>", spawn "${pkgs.xcalib}/bin/xcalib -invert -alter")
+ , ("M4-s", spawn "${pkgs.knav}/bin/knav")
+
--, ("M4-w", screenWorkspace 0 >>= (windows . W.greedyView))
--, ("M4-e", screenWorkspace 1 >>= (windows . W.greedyView))
--, ("M4-r", screenWorkspace 2 >>= (windows . W.greedyView))
diff --git a/lass/5pkgs/knav/default.nix b/lass/5pkgs/knav/default.nix
new file mode 100644
index 000000000..30d49a1b3
--- /dev/null
+++ b/lass/5pkgs/knav/default.nix
@@ -0,0 +1,26 @@
+{ pkgs, ... }: let
+
+ keynavrc = pkgs.writeText "keynavrc" ''
+ clear
+ Escape quit
+ q record ~/.keynav_macros
+ shift+at playback
+ u history-back
+ a cut-left
+ s cut-down
+ w cut-up
+ d cut-right
+ shift+a move-left
+ shift+s move-down
+ shift+w move-up
+ shift+d move-right
+ t windowzoom
+ c cursorzoom 300 300
+ e warp
+ 1 click 1
+ 2 click 2
+ 3 click 3
+ '';
+in pkgs.writeScriptBin "knav" ''
+ ${pkgs.keynav}/bin/keynav "loadconfig ${keynavrc}, start"
+''
diff --git a/lib/default.nix b/lib/default.nix
index e5e40975e..a40225c49 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -13,7 +13,7 @@ let
mod = x: y: x - y * (x / y);
genid = import ./genid.nix { inherit lib; };
- genid_signed = x: ((lib.genid x) + 16777216) / 2;
+ genid_uint31 = x: ((lib.genid x) + 16777216) / 2;
lpad = n: c: s:
if lib.stringLength s < n
diff --git a/makefu/1systems/nextgum/config.nix b/makefu/1systems/nextgum/config.nix
index 93171d23a..9761546e7 100644
--- a/makefu/1systems/nextgum/config.nix
+++ b/makefu/1systems/nextgum/config.nix
@@ -49,6 +49,7 @@ in {
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
# <stockholm/makefu/2configs/vpn/vpnws/server.nix>
<stockholm/makefu/2configs/dnscrypt/server.nix>
+ <stockholm/makefu/2configs/binary-cache/server.nix>
<stockholm/makefu/2configs/iodined.nix>
## buildbot
@@ -69,6 +70,8 @@ in {
#<stockholm/makefu/2configs/nginx/public_html.nix>
#<stockholm/makefu/2configs/nginx/update.connector.one.nix>
#<stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
+ <stockholm/makefu/2configs/nginx/gold.krebsco.de.nix>
+ <stockholm/makefu/2configs/deployment/events-publisher>
#<stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
#<stockholm/makefu/2configs/deployment/graphs.nix>
diff --git a/makefu/1systems/nextgum/hardware-config.nix b/makefu/1systems/nextgum/hardware-config.nix
index 36fea6544..944210701 100644
--- a/makefu/1systems/nextgum/hardware-config.nix
+++ b/makefu/1systems/nextgum/hardware-config.nix
@@ -45,12 +45,20 @@ in {
"ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci"
"xhci_pci" "ehci_pci" "ahci" "sd_mod"
];
- boot.kernelModules = [ "kvm-intel" ];
+ boot.kernelModules = [ "kvm-intel" "dm-raid" "dm_thin_pool" ];
hardware.enableRedistributableFirmware = true;
fileSystems."/" = {
device = "/dev/mapper/nixos-root";
fsType = "ext4";
};
+ fileSystems."/var/lib" = {
+ device = "/dev/mapper/nixos-lib";
+ fsType = "ext4";
+ };
+ fileSystems."/var/download" = {
+ device = "/dev/mapper/nixos-download";
+ fsType = "ext4";
+ };
fileSystems."/boot" = {
device = "/dev/sda2";
fsType = "vfat";
@@ -69,7 +77,9 @@ in {
#pvcreate /dev/sda3
#pvcreate /dev/sdb1
#vgcreate nixos /dev/sda3 /dev/sdb1
- #lvcreate -L 120G -n root nixos
+ #lvcreate -L 120G -m 1 -n root nixos
+ #lvcreate -L 50G -m 1 -n lib nixos
+ #lvcreate -L 50G -n download nixos
#mkfs.ext4 /dev/mapper/nixos-root
#mount /dev/mapper/nixos-root /mnt
#mkdir /mnt/boot
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index df317a016..9d8a91e6d 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -39,20 +39,27 @@ in {
# Sensors
<stockholm/makefu/2configs/stats/telegraf>
- <stockholm/makefu/2configs/deployment/led-fader.nix>
- <stockholm/makefu/2configs/stats/external/aralast.nix>
<stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
+ <stockholm/makefu/2configs/stats/telegraf/europastats.nix>
+ <stockholm/makefu/2configs/stats/external/aralast.nix>
+ <stockholm/makefu/2configs/stats/arafetch.nix>
+ <stockholm/makefu/2configs/deployment/led-fader.nix>
+ <stockholm/makefu/2configs/hw/mceusb.nix>
# <stockholm/makefu/2configs/stats/telegraf/bamstats.nix>
+
+
<stockholm/makefu/2configs/deployment/bureautomation>
+ <stockholm/makefu/2configs/deployment/bureautomation/hass.nix>
(let
collectd-port = 25826;
influx-port = 8086;
+ admin-port = 8083;
grafana-port = 3000; # TODO nginx forward
db = "collectd_db";
logging-interface = "enp0s25";
in {
- networking.firewall.allowedTCPPorts = [ 3000 ];
+ networking.firewall.allowedTCPPorts = [ 3000 influx-port admin-port ];
services.grafana.enable = true;
services.grafana.addr = "0.0.0.0";
@@ -61,7 +68,7 @@ in {
meta.hostname = config.krebs.build.host.name;
# meta.logging-enabled = true;
http.bind-address = ":${toString influx-port}";
- admin.bind-address = ":8083";
+ admin.bind-address = ":${toString admin-port}";
collectd = [{
enabled = true;
typesdb = "${pkgs.collectd}/share/collectd/types.db";
@@ -125,7 +132,6 @@ in {
networking.firewall.allowedTCPPorts = [
655
8081 #smokeping
- 8086 #influx
49152
];
networking.firewall.trustedInterfaces = [ "enp0s25" ];
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 451689f91..e5b481ab6 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -8,6 +8,7 @@ with import <stockholm/lib>;
imports =
[ # base
<stockholm/makefu>
+ <stockholm/makefu/2configs/nur.nix>
<stockholm/makefu/2configs/main-laptop.nix>
<stockholm/makefu/2configs/extra-fonts.nix>
<stockholm/makefu/2configs/tools/all.nix>
@@ -54,7 +55,6 @@ with import <stockholm/lib>;
internalInterfaces = [ "vboxnet0" ];
};
}
-
# Services
<stockholm/makefu/2configs/git/brain-retiolum.nix>
<stockholm/makefu/2configs/tor.nix>
@@ -64,6 +64,7 @@ with import <stockholm/lib>;
# Hardware
<stockholm/makefu/2configs/hw/tp-x230.nix>
+ <stockholm/makefu/2configs/hw/mceusb.nix>
# <stockholm/makefu/2configs/hw/tpm.nix>
# <stockholm/makefu/2configs/hw/rtl8812au.nix>
<stockholm/makefu/2configs/hw/network-manager.nix>
@@ -125,7 +126,7 @@ with import <stockholm/lib>;
krebs.build.host = config.krebs.hosts.x;
- krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" ];
+ krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" "nextgum" ];
networking.extraHosts = ''
192.168.1.11 omo.local
@@ -133,6 +134,8 @@ with import <stockholm/lib>;
'';
# hard dependency because otherwise the device will not be unlocked
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
+ # avoid full boot dir
+ boot.loader.grub.configurationLimit = 3;
environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
nixpkgs.overlays = [ (import <python/overlay.nix>) ];
diff --git a/makefu/2configs/binary-cache/server.nix b/makefu/2configs/binary-cache/server.nix
new file mode 100644
index 000000000..ad6256830
--- /dev/null
+++ b/makefu/2configs/binary-cache/server.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ...}:
+
+{
+ # generate private key with:
+ # nix-store --generate-binary-cache-key gum nix-serve.key nix-serve.pub
+ services.nix-serve = {
+ enable = true;
+ secretKeyFile = config.krebs.secret.files.nix-serve-key.path;
+ };
+
+ systemd.services.nix-serve = {
+ requires = ["secret.service"];
+ after = ["secret.service"];
+ };
+ krebs.secret.files.nix-serve-key = {
+ path = "/run/secret/nix-serve.key";
+ owner.name = "nix-serve";
+ source-path = toString <secrets> + "/nix-serve.key";
+ };
+ services.nginx = {
+ enable = true;
+ virtualHosts.nix-serve = {
+ serverAliases = [ "cache.gum.r"
+ "cache.euer.krebsco.de"
+ "cache.gum.krebsco.de"
+ ];
+ locations."/".proxyPass= "http://localhost:${toString config.services.nix-serve.port}";
+ };
+ };
+}
+
diff --git a/makefu/2configs/deployment/bureautomation/hass.nix b/makefu/2configs/deployment/bureautomation/hass.nix
index b62f37bdb..d5793f886 100644
--- a/makefu/2configs/deployment/bureautomation/hass.nix
+++ b/makefu/2configs/deployment/bureautomation/hass.nix
@@ -1,75 +1,125 @@
{ pkgs, lib, ... }:
let
- firetv = "192.168.1.238";
-in {
- imports = [
- <nixpkgs-unstable/nixos/modules/services/misc/home-assistant.nix>
+ tasmota_plug = name: topic: {
+ platform = "mqtt";
+ inherit name;
+ state_topic = "/bam/${topic}/stat/POWER";
+ command_topic = "/bam/${topic}/cmnd/POWER";
+ availability_topic = "/bam/${topic}/tele/LWT";
+ qos = 1;
+ payload_on= "ON";
+ payload_off= "OFF";
+ payload_available= "Online";
+ payload_not_available= "Offline";
+ retain= false;
+ };
+ espeasy_dht22 = name: [
+ {
+ platform = "mqtt";
+ device_class = "temperature";
+ state_topic = "/bam/${name}/dht22/Temperature";
+ availability_topic = "/bam/${name}/status/LWT";
+ payload_available = "Connected";
+ payload_not_available = "Connection Lost";
+ }
+ {
+ platform = "mqtt";
+ device_class = "humidity";
+ state_topic = "/bam/${name}/dht22/Temperature";
+ unit_of_measurement = "C";
+ availability_topic = "/bam/${name}/status/LWT";
+ payload_available = "Connected";
+ payload_not_available = "Connection Lost";
+ }];
+ espeasy_ds18 = name: [
+ {
+ platform = "mqtt";
+ device_class = "temperature";
+ state_topic = "/bam/${name}/ds18/Temperature";
+ availability_topic = "/bam/${name}/status/LWT";
+ payload_available = "Connected";
+ payload_not_available = "Connection Lost";
+ }
];
- systemd.services.firetv = {
- wantedBy = [ "multi-user.target" ];
- serviceConfig = {
- User = "nobody";
- ExecStart = "${pkgs.python-firetv}/bin/firetv-server -d ${firetv}:5555";
- };
- };
- nixpkgs.config.packageOverrides = oldpkgs: {
- home-assistant = (import <nixpkgs-unstable> {}).home-assistant;
- };
- ids.uids.hass = 286;
- ids.gids.hass = 286;
+in {
+
+ nixpkgs.config.permittedInsecurePackages = [
+ "homeassistant-0.65.5"
+ ];
+
services.home-assistant = {
- #panel_iframe:
- #configurator:
- # title: Configurator
- # icon: mdi:wrench
- # url: http://hassio.local:3218
- # sensor:
- # - platform: random
enable = true;
config = {
homeassistant = {
name = "Bureautomation";
time_zone = "Europe/Berlin";
};
- panel_iframe = {
- euer_blog = {
- title = "Euer Blog";
- icon = "mdi:wrench";
- url = "https://euer.krebsco.de";
+
+ mqtt = {
+ broker = "localhost";
+ port = 1883;
+ client_id = "home-assistant";
+ keepalive = 60;
+ protocol = 3.1;
+ birth_message = {
+ topic = "/bam/hass/tele/LWT";
+ payload = "Online";
+ qos = 1;
+ retain = true;
+ };
+ will_message = {
+ topic = "/bam/hass/tele/LWT";
+ payload = "Offline";
+ qos = 1;
+ retain = true;
};
};
- media_player = [
- { platform = "kodi";
- host = firetv;
- }
- { platform = "firetv";
- # assumes python-firetv running
+ switch = [
+ (tasmota_plug "Bauarbeiterlampe" "plug")
+ (tasmota_plug "Blitzdings" "plug2")
+ (tasmota_plug "Fernseher" "plug3")
+ (tasmota_plug "Pluggy" "plug4")
+ ];
+ binary_sensor = [
+ { # esp_easy
+ platform = "mqtt";
+ device_class = "motion";
+ state_topic = "/bam/easy2/movement/Switch";
+ payload_on = "1";
+ payload_off = "0";
+ availability_topic = "/bam/easy2/status/LWT";
+ payload_available = "Connected";
+ payload_not_available = "Connection Lost";
}
];
- sensor = [
- {
- platform = "luftdaten";
- name = "Shack 1";
- sensorid = "50";
- monitored_conditions = [ "P1" "P2" ];
- }
- {
- platform = "luftdaten";
- name = "Shack 2";
- sensorid = "658";
- monitored_conditions = [ "P1" "P2" ];
- }
- {
- platform = "luftdaten";
- name = "Ditzingen";
- sensorid = "5341";
- monitored_conditions = [ "P1" "P2" ];
- }
- { platform = "random"; }
- ];
+ sensor =
+ (espeasy_dht22 "easy2") ++
+ [ (espeasy_ds18 "easy3" )
+ { platform = "luftdaten";
+ name = "Ditzingen";
+ sensorid = "5341";
+ monitored_conditions = [ "P1" "P2" ];
+ }
+ { platform = "influxdb";
+ queries = [
+ { name = "mean value of feinstaub P1";
+ where = '' "node" = 'esp8266-1355142' '';
+ measurement = "feinstaub";
+ database = "telegraf";
+ field = "P1";
+ }
+ { name = "mean value of feinstaub P2";
+ where = '' "node" = 'esp8266-1355142' '';
+ measurement = "feinstaub";
+ database = "telegraf";
+ field = "P2";
+ }
+ ];
+ }
+ ];
frontend = { };
http = { };
- feedreader.urls = [ "https://nixos.org/blogs.xml" ];
+ feedreader.urls = [ "http://www.heise.de/security/rss/news-atom.xml" ];
};
};
}
diff --git a/makefu/2configs/deployment/bureautomation/home.nix b/makefu/2configs/deployment/bureautomation/home.nix
new file mode 100644
index 000000000..28edb6af2
--- /dev/null
+++ b/makefu/2configs/deployment/bureautomation/home.nix
@@ -0,0 +1,67 @@
+{ pkgs, lib, ... }:
+let
+ firetv = "192.168.1.238";
+in {
+ systemd.services.firetv = {
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ User = "nobody";
+ ExecStart = "${pkgs.python-firetv}/bin/firetv-server -d ${firetv}:5555";
+ };
+ };
+ services.home-assistant = {
+ #panel_iframe:
+ #configurator:
+ # title: Configurator
+ # icon: mdi:wrench
+ # url: http://hassio.local:3218
+ # sensor:
+ # - platform: random
+ enable = true;
+ config = {
+ homeassistant = {
+ name = "Bureautomation";
+ time_zone = "Europe/Berlin";
+ };
+ panel_iframe = {
+ euer_blog = {
+ title = "Euer Blog";
+ icon = "mdi:wrench";
+ url = "https://euer.krebsco.de";
+ };
+ };
+ media_player = [
+ { platform = "kodi";
+ host = firetv;
+ }
+ { platform = "firetv";
+ # assumes python-firetv running
+ }
+ ];
+ sensor = [
+ {
+ platform = "luftdaten";
+ name = "Shack 1";
+ sensorid = "50";
+ monitored_conditions = [ "P1" "P2" ];
+ }
+ {
+ platform = "luftdaten";
+ name = "Shack 2";
+ sensorid = "658";
+ monitored_conditions = [ "P1" "P2" ];
+ }
+ {
+ platform = "luftdaten";
+ name = "Ditzingen";
+ sensorid = "5341";
+ monitored_conditions = [ "P1" "P2" ];
+ }
+ { platform = "random"; }
+ ];
+ frontend = { };
+ http = { };
+ feedreader.urls = [ "https://nixos.org/blogs.xml" ];
+ };
+ };
+}
diff --git a/makefu/2configs/deployment/events-publisher/default.nix b/makefu/2configs/deployment/events-publisher/default.nix
new file mode 100644
index 000000000..c671b1a0b
--- /dev/null
+++ b/makefu/2configs/deployment/events-publisher/default.nix
@@ -0,0 +1,48 @@
+{ pkgs, ... }:
+with import <stockholm/lib>;
+let
+ shack-announce = pkgs.callPackage (builtins.fetchTarball {
+ url = "https://github.com/makefu/events-publisher/archive/5e7b083c63f25182a02c1fddb3d32cb9534fbc50.tar.gz";
+ sha256 = "1zzlhyj8fr6y3a3b6qlyrm474xxxs1ydqjpkd2jva3g1lnzlmvkp";
+ }) {} ;
+ home = "/var/lib/shackannounce";
+ user = "shackannounce";
+ creds = (toString <secrets>) + "/shack-announce.json";
+in
+{
+ users.users.${user}= {
+ uid = genid user;
+ inherit home;
+ createHome = true;
+ };
+ systemd.services.shack-announce = {
+ description = "Announce shack events";
+ startAt = "*:0/30";
+ path = [ shack-announce ];
+ serviceConfig = {
+ WorkingDirectory = home;
+ User = user;
+ PermissionsStartOnly = true;
+ ExecStartPre = pkgs.writeDash "shack-announce-pre" ''
+ set -eu
+ cp ${creds} creds.json
+ chown ${user} creds.json
+ '';
+ ExecStart = pkgs.writeDash "shack-announce" ''
+ if test ! -e announce.state; then
+ echo "initializing state"
+ announce-daemon \
+ --lol INFO \
+ --creds creds.json \
+ --state announce.state \
+ --clean --init
+ fi
+ echo "Running announce"
+ announce-daemon \
+ --lol INFO \
+ --creds creds.json \
+ --state announce.state
+ '';
+ };
+ };
+}
diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix
index e9d4b18e0..cfde0aba8 100644
--- a/makefu/2configs/deployment/owncloud.nix
+++ b/makefu/2configs/deployment/owncloud.nix
@@ -108,7 +108,6 @@ let
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
- add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
# Optional: Don't log access to assets
@@ -144,6 +143,8 @@ let
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
+ opcache.file_cache = .opcache
+ zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
display_errors = on
display_startup_errors = on
@@ -155,6 +156,13 @@ let
extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
'';
+ systemd.services."nextcloud-cron-${domain}" = {
+ serviceConfig = {
+ User = "nginx";
+ ExecStart = "${pkgs.php}/bin/php -f ${root}/cron.php";
+ };
+ startAt = "*:0/15";
+ };
};
in {
imports = [
diff --git a/makefu/2configs/hw/mceusb.nix b/makefu/2configs/hw/mceusb.nix
new file mode 100644
index 000000000..069e6e7eb
--- /dev/null
+++ b/makefu/2configs/hw/mceusb.nix
@@ -0,0 +1,17 @@
+{pkgs, lib, ...}:{
+ # Disable the MCE remote from acting like a keyboard. (We use lirc instead.)
+ services.xserver.inputClassSections = [''
+ Identifier "MCE USB Keyboard mimic blacklist"
+ Driver "mceusb"
+ MatchProduct "Media Center Ed. eHome Infrared Remote Transceiver (1934:5168)"
+ Option "Ignore" "on"
+ ''];
+ boot.kernelPatches = lib.singleton {
+ name = "enable-lirc";
+ patch = null;
+ extraConfig = ''
+ LIRC y
+ '';
+ };
+
+}
diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix
index d322c683d..ffc32e0cb 100644
--- a/makefu/2configs/hw/network-manager.nix
+++ b/makefu/2configs/hw/network-manager.nix
@@ -22,15 +22,9 @@
};
networking.networkmanager.enable = true;
- # TODO: put somewhere else
- services.xserver.displayManager.sessionCommands = ''
- ${pkgs.clipit}/bin/clipit &
- ${pkgs.networkmanagerapplet}/bin/nm-applet &
- '';
-
# nixOSUnstable
-# networking.networkmanager.wifi = {
-# powersave = true;
-# scanRandMacAddress = true;
-# };
+ networking.networkmanager.wifi = {
+ powersave = true;
+ scanRandMacAddress = true;
+ };
}
diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
index 4ac639a25..735cb4c17 100644
--- a/makefu/2configs/hw/stk1160.nix
+++ b/makefu/2configs/hw/stk1160.nix
@@ -1,13 +1,12 @@
{ pkgs, lib, ... }:
{
- # TODO: un-pin linuxPackages somehow
- nixpkgs.config.packageOverrides = pkgs: {
- linux_4_14 = pkgs.linux_4_14.override {
- extraConfig = ''
- MEDIA_ANALOG_TV_SUPPORT y
- VIDEO_STK1160_COMMON m
- VIDEO_STK1160 m
- '';
- };
+ boot.kernelPatches = lib.singleton {
+ name = "enable-stk1160";
+ patch = null;
+ extraConfig = ''
+ MEDIA_ANALOG_TV_SUPPORT y
+ VIDEO_STK1160_COMMON m
+ VIDEO_STK1160 m
+ '';
};
}
diff --git a/makefu/2configs/nginx/gold.krebsco.de.nix b/makefu/2configs/nginx/gold.krebsco.de.nix
new file mode 100644
index 000000000..083c0f8d7
--- /dev/null
+++ b/makefu/2configs/nginx/gold.krebsco.de.nix
@@ -0,0 +1,24 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+ gold = pkgs.fetchFromGitHub {
+ owner = "krebs";
+ repo = "krebsgold";
+ rev = "15f7a74";
+ sha256= "1ya9xgg640k3hbl63022sfm44c1si2mxch8jkxindmwg4pa1y4ly";
+ };
+in {
+
+ services.nginx = {
+ enable = mkDefault true;
+ virtualHosts = {
+ "gold.krebsco.de" = {
+ enableACME = true;
+ forceSSL = true;
+ root = toString gold + "/html";
+ };
+ };
+ };
+}
+
diff --git a/makefu/2configs/nur.nix b/makefu/2configs/nur.nix
new file mode 100644
index 000000000..dda00063a
--- /dev/null
+++ b/makefu/2configs/nur.nix
@@ -0,0 +1,7 @@
+{ pkgs, ... }:{
+ nixpkgs.config.packageOverrides = pkgs: {
+ nur = pkgs.callPackage (import (builtins.fetchGit {
+ url = "https://github.com/nix-community/NUR";
+ })) {};
+ };
+}
diff --git a/makefu/2configs/stats/client.nix b/makefu/2configs/stats/client.nix
index dd6ddddaf..cfb5e3fd2 100644
--- a/makefu/2configs/stats/client.nix
+++ b/makefu/2configs/stats/client.nix
@@ -31,6 +31,7 @@
FSType "tmpfs"
FSType "binfmt_misc"
FSType "debugfs"
+ FSType "tracefs"
FSType "mqueue"
FSType "hugetlbfs"
FSType "systemd-1"
diff --git a/makefu/2configs/task-client.nix b/makefu/2configs/task-client.nix
index 330616f4a..470193d6c 100644
--- a/makefu/2configs/task-client.nix
+++ b/makefu/2configs/task-client.nix
@@ -1,6 +1,6 @@
{ pkgs, ... }:
{
- krebs.per-user.makefu.packages = [
+ users.users.makefu.packages = [
pkgs.taskwarrior
];
diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix
index 898bae10d..1e85da53c 100644
--- a/makefu/2configs/tools/core-gui.nix
+++ b/makefu/2configs/tools/core-gui.nix
@@ -1,10 +1,10 @@
{ pkgs, ... }:
{
- krebs.per-user.makefu.packages = with pkgs; [
+ users.users.makefu.packages = with pkgs; [
chromium
- clipit
feh
+ clipit
firefox
keepassx
pcmanfm
diff --git a/makefu/2configs/tools/desktop.nix b/makefu/2configs/tools/desktop.nix
index 1fe03e111..bb14c3eb5 100644
--- a/makefu/2configs/tools/desktop.nix
+++ b/makefu/2configs/tools/desktop.nix
@@ -4,8 +4,10 @@
users.users.makefu.packages = with pkgs; [
taskwarrior
pass
+ gopass
mutt
weechat
tmux
];
+
}
diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix
index e25290297..ae97edd54 100644
--- a/makefu/2configs/tools/extra-gui.nix
+++ b/makefu/2configs/tools/extra-gui.nix
@@ -1,7 +1,7 @@
{ pkgs, ... }:
{
- krebs.per-user.makefu.packages = with pkgs;[
+ users.users.makefu.packages = with pkgs;[
# media
gimp
inkscape
diff --git a/makefu/2configs/tools/media.nix b/makefu/2configs/tools/media.nix
index 4de2b545e..35faaa29f 100644
--- a/makefu/2configs/tools/media.nix
+++ b/makefu/2configs/tools/media.nix
@@ -1,7 +1,7 @@
{ pkgs, ... }:
{
- krebs.per-user.makefu.packages = with pkgs; [
+ users.users.makefu.packages = with pkgs; [
kodi
streamripper
youtube-dl
diff --git a/makefu/2configs/tools/sec.nix b/makefu/2configs/tools/sec.nix
index 3dc02937d..17a980ef7 100644
--- a/makefu/2configs/tools/sec.nix
+++ b/makefu/2configs/tools/sec.nix
@@ -1,7 +1,7 @@
{ pkgs, ... }:
{
- krebs.per-user.makefu.packages = with pkgs; [
+ users.users.makefu.packages = with pkgs; [
aria2
# mitmproxy
pythonPackages.binwalk-full
diff --git a/makefu/2configs/torrent.nix b/makefu/2configs/torrent.nix
index a076479c2..3df0ddbfe 100644
--- a/makefu/2configs/torrent.nix
+++ b/makefu/2configs/torrent.nix
@@ -8,13 +8,13 @@ let
peer-port = 51412;
web-port = 8112;
daemon-port = 58846;
- torrent-dir = config.makefu.dl-dir;
+ base-dir = config.makefu.dl-dir;
in {
users.users = {
download = {
name = "download";
- home = torrent-dir;
+ home = base-dir;
uid = mkDefault (genid "download");
createHome = true;
useDefaultShell = true;
@@ -25,10 +25,12 @@ in {
# todo: race condition, do this after download user has been created
system.activationScripts."download-dir-chmod" = ''
- for i in finished watch torrents; do
- mkdir -p "${torrent-dir}/$i"
- chown download:download "${torrent-dir}/$i"
- chmod 770 "${torrent-dir}/$i"
+ for i in finished watch; do
+ if test ! -d $i;then
+ mkdir -p "${base-dir}/$i"
+ chown rtorrent:download "${base-dir}/$i"
+ chmod 775 "${base-dir}/$i"
+ fi
done
'';
@@ -42,6 +44,7 @@ in {
"nginx"
];
};
+ rtorrent.members = [ "download" ];
};
krebs.rtorrent = {
@@ -54,7 +57,8 @@ in {
rutorrent.enable = true;
enableXMLRPC = true;
listenPort = peer-port;
- workDir = torrent-dir;
+ downloadDir = base-dir + "/finished";
+ watchDir = base-dir + "/watch";
# dump old torrents into watch folder to have them re-added
};
diff --git a/makefu/5pkgs/awesomecfg/default.nix b/makefu/5pkgs/awesomecfg/default.nix
index e5f62e910..486c0ddf6 100644
--- a/makefu/5pkgs/awesomecfg/default.nix
+++ b/makefu/5pkgs/awesomecfg/default.nix
@@ -2,7 +2,10 @@
, lib
, alsaUtils
, xbacklight
-, modkey?"Mod4"
+, networkmanagerapplet
+, blueman
+, clipit
+, modkey ? "Mod4"
, locker? "${pkgs.xlock}/bin/xlock -mode blank"
, ... }:
@@ -10,7 +13,7 @@
# replace: @alsaUtils@ @xlockmore@ @xbacklight@ @modkey@
full = lib.makeOverridable pkgs.substituteAll {
name = "awesome_full_config";
- inherit alsaUtils locker xbacklight modkey;
+ inherit alsaUtils locker xbacklight modkey networkmanagerapplet blueman clipit;
isExecutable = false;
src = ./full.cfg;
};
diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg
index e49a88697..12d357913 100644
--- a/makefu/5pkgs/awesomecfg/full.cfg
+++ b/makefu/5pkgs/awesomecfg/full.cfg
@@ -568,6 +568,18 @@ local os = {
-- }}}
+-- {{{ autostart
+do
+ local cmds =
+ {
+ "@networkmanagerapplet@/bin/nm-applet",
+ "@blueman@/bin/blueman-applet",
+ "@clipit@/bin/clipit"
+ }
+ for _,i in pairs(cmds) do
+ awful.util.spawn(i)
+ end
+end
-- }}}
diff --git a/makefu/source.nix b/makefu/source.nix
index fac1c0282..82a41886b 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -24,11 +24,10 @@ let
];
};
# TODO: automate updating of this ref + cherry-picks
- ref = "14946ec63a1"; # nixos-18.03 @ 2018-05-31
+ ref = "8f991294288"; # nixos-18.03 @ 2018-08-06
# + do_sqlite3 ruby: 55a952be5b5
# + exfat-nofuse bump: ee6a5296a35
# + uhub/sqlite: 5dd7610401747
- # + forecastio: f27584df02337
in
evalSource (toString _file) [