From eb0d4361a218a8c9a9489829822a72601e941e2f Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 2 Oct 2019 11:48:16 +0200
Subject: [PATCH 01/11] krebs exim-smarthost: update eloop addresses
---
krebs/2configs/exim-smarthost.nix | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix
index 5dc24f1de..698e20da1 100644
--- a/krebs/2configs/exim-smarthost.nix
+++ b/krebs/2configs/exim-smarthost.nix
@@ -25,12 +25,11 @@ in {
in {
"anmeldung@eloop.org" = eloop-ml;
"brain@krebsco.de" = brain-ml;
- "cfp@eloop.org" = eloop-ml;
+ "cfp2019@eloop.org" = eloop-ml;
+ "eloop2019@krebsco.de" = eloop-ml;
"kontakt@eloop.org" = eloop-ml;
"root@eloop.org" = eloop-ml;
"youtube@eloop.org" = eloop-ml;
- "eloop2016@krebsco.de" = eloop-ml;
- "eloop2017@krebsco.de" = eloop-ml;
"postmaster@krebsco.de" = spam-ml; # RFC 822
"lass@krebsco.de" = lass;
"makefu@krebsco.de" = makefu;
From 005d456ef42ca1a371131a558e834944ce2e616f Mon Sep 17 00:00:00 2001
From: Ingolf Wagner <contact@ingolf-wagner.de>
Date: Tue, 15 Oct 2019 16:27:10 +0200
Subject: [PATCH 02/11] external: remove kruck and add sterni to retiolum
---
krebs/3modules/external/palo.nix | 31 ++++++++++++++-----------------
1 file changed, 14 insertions(+), 17 deletions(-)
diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix
index 05808714c..e81dd9b58 100644
--- a/krebs/3modules/external/palo.nix
+++ b/krebs/3modules/external/palo.nix
@@ -28,20 +28,6 @@ in {
};
};
};
- kruck = {
- owner = config.krebs.users.palo;
- nets = {
- retiolum = {
- ip4.addr = "10.243.23.3";
- tinc.port = 720;
- aliases = [
- "kruck.r"
- "video.kruck.r"
- ];
- tinc.pubkey = tinc-for "palo";
- };
- };
- };
schasch = {
owner = config.krebs.users.palo;
nets = {
@@ -54,6 +40,19 @@ in {
};
syncthing.id = "FLY7DHI-TJLEQBJ-JZNC4YV-NBX53Z2-ZBRWADL-BKSFXYZ-L4FMDVH-MOSEVAQ";
};
+ sterni = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.3";
+ tinc.port = 720;
+ aliases = [
+ "sterni.r"
+ ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
workhorse = {
owner = config.krebs.users.palo;
nets = {
@@ -79,9 +78,7 @@ in {
};
users = {
palo = {
- };
- palo-pepe = {
- pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCe3j1dk8o7e0cFn+RepOjdeYcS0YcG0d6NnsMoq8pjqzLRuvOVN4CmsuRo4UJtWOUVv8kIWLcegks2RXbKOSTFAnvEIpPlSmL3BgvFGmUiOmPw1w93yxdVnfd9kJ6SBNuS+kFspKPvOEV9yVpjTywKZ0qKWjRd89Vz2+8aFJ/R3hyE+YqpzlzYbrucEIXbEWESqnzrx61NrWwd1ueHj0RYMDBjIJjVfIIK3W32vQ//pYJio1di0PpOPK2Ya0yugSixymuQBvzCgaedVeLdJ0k1d7d5iVb4LjCR8zg0Jnf1RLfpqRrFYwMJpwuhtIEevfNrhzqZA58QgHO6iOg50FeaD5k1rlWfoOvX2rcV5iqCC9jClIfMKzePdm+MeVorBXp+bflOhyPJG+Qrz6NTE9Ohe5A71Z0bBa96MEoW1hyrLCn0+z+Cx5kt7n2QzAAa/VPNjRDZeHbsu26MrvViEoh+FcPqx4DUIUaDRs/TNIvMGAl14E6gur68AI01a0PZJ/gnqZeOJKuyz4pKT0nIcg0EvkjXM2uEJ9m8h4IBAqTUYMZYm7iJBfpbwT6ePxFfah4q960orBUwW87CyPu/wDGmDblQ7dpkuw+skpzNgOGzerDyGAGKOsjGfYZpqsv9303S2f7884NAIK1ohgpMELytEYpY4YNi2KQYfHhgoQRJ5w== palo@pepe";
+ pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBYNJVuyyZmc2pCkLWjhl0/hMMb7elmI81/9LAGtk8Tz4TmVderTMohwQkaTYznwPOPuKfU1sSMLCB8rYXdAO5nqWC4bGjXJ/+D8/UKfGjSqRQ7UkfpOF3NAm+pqUSFjaVXi1BWd+jxmsD0uRks0PyNSywZfgjn5LYpD3SpxyFy/17P/PJ9vX6PELjeYvNGH3l5cXDwYky3ZZJol7quBJ5yrA6I536A4wNDzg2ow+MRVu51/nIJdnbbsC/dDHgmdRWnStOzvsA+xSEMeKvLW3CaSPINr/bMGxOPrefr79bg59gkw9Wxp51fkx0o18N1liTRfWXau+GFNGMxFluELhfGXYOH9HLedLt8H38zs5vgJ9IY+tlOzMKud5njiNkuG503AiqY2H7coN7VeVA5+6L7tmwFbCMhPal4MS0VKHNBmCTDY5QMURYUajKiUh8n5IcbuTsPM+lEszm16g5iB+XQ1vpjza5ds6DRL1H6pUF/UpUzYUlqh2RnE+CyLsFO2MB/o72NoSWRfmn7/nsg6eEg/9kSn+dwj2ythjuEkMG28Yhm/XjaGnuAE/ZpIeRDozIQNGcHpzPHMd95olfNJW7+fLi+CvSFZa9l+tdS8PoRnCdHOsO4zvESJZ2rDn0Zt0Az6XNRJfYTABDlYPGCnWN4vmlnEJqQARSSiKBDhSgPw== palo@workout";
};
};
}
From 2727ce115349ca65c5728acf846a537cb539a4c7 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 16 Oct 2019 09:21:17 +0200
Subject: [PATCH 03/11] tv: explicitly disable libinput
---
tv/1systems/alnus/config.nix | 3 +++
tv/1systems/mu/config.nix | 1 +
tv/1systems/querel/config.nix | 1 +
3 files changed, 5 insertions(+)
diff --git a/tv/1systems/alnus/config.nix b/tv/1systems/alnus/config.nix
index 949a98b2a..d54d5fc2f 100644
--- a/tv/1systems/alnus/config.nix
+++ b/tv/1systems/alnus/config.nix
@@ -65,10 +65,13 @@ with import <stockholm/lib>;
enable = true;
layout = "de";
xkbOptions = "eurosign:e";
+
+ libinput.enable = false;
synaptics = {
enable = true;
twoFingerScroll = true;
};
+
desktopManager.xfce.enable = true;
displayManager.auto = {
enable = true;
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 98332b2d6..145c73c06 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -102,6 +102,7 @@ with import <stockholm/lib>;
services.xserver.xkbOptions = "eurosign:e";
# TODO this is host specific
+ services.xserver.libinput.enable = false;
services.xserver.synaptics = {
enable = true;
twoFingerScroll = true;
diff --git a/tv/1systems/querel/config.nix b/tv/1systems/querel/config.nix
index 6e7944cdf..ac51f54e6 100644
--- a/tv/1systems/querel/config.nix
+++ b/tv/1systems/querel/config.nix
@@ -68,6 +68,7 @@ with import <stockholm/lib>;
services.xserver.layout = "de";
services.xserver.xkbOptions = "eurosign:e";
+ services.xserver.libinput.enable = false;
services.xserver.synaptics = {
enable = true;
twoFingerScroll = true;
From 08f183cda3e61e94dbda359763daef665b211066 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 16 Oct 2019 11:52:05 +0200
Subject: [PATCH 04/11] l browsers: generate correct browser-select script
---
lass/3modules/browsers.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lass/3modules/browsers.nix b/lass/3modules/browsers.nix
index ccb108f8a..0c77d4da8 100644
--- a/lass/3modules/browsers.nix
+++ b/lass/3modules/browsers.nix
@@ -31,7 +31,7 @@ let
else
let
name = (lib.head sortedPaths).name;
- in pkgs.writeScriptBin "browser-select2" ''
+ in pkgs.writeScriptBin "browser-select" ''
${config.lass.xjail-bins.${name}}/bin/${name} "$@"
''
;
From 8d7afcf703eba4b8757d778b2d2184c6c3c9e620 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 17 Oct 2019 16:59:12 +0200
Subject: [PATCH 05/11] l: remove deprecated users & keys
---
krebs/3modules/lass/default.nix | 37 -------------------
krebs/3modules/lass/pgp/helios.pgp | 51 --------------------------
krebs/3modules/lass/pgp/icarus.pgp | 51 --------------------------
krebs/3modules/lass/pgp/shodan.pgp | 30 ---------------
krebs/3modules/lass/ssh/daedalus.rsa | 1 -
krebs/3modules/lass/ssh/helios.rsa | 1 -
krebs/3modules/lass/ssh/icarus.rsa | 1 -
krebs/3modules/lass/ssh/shodan.rsa | 1 -
krebs/3modules/lass/ssh/uriel.rsa | 1 -
krebs/3modules/lass/ssh/xerxes.ed25519 | 1 -
lass/1systems/iso.nix | 2 -
lass/1systems/prism/config.nix | 5 ---
lass/2configs/default.nix | 2 -
lass/2configs/git.nix | 2 +-
lass/2configs/ssh-cryptsetup.nix | 2 -
15 files changed, 1 insertion(+), 187 deletions(-)
delete mode 100644 krebs/3modules/lass/pgp/helios.pgp
delete mode 100644 krebs/3modules/lass/pgp/icarus.pgp
delete mode 100644 krebs/3modules/lass/pgp/shodan.pgp
delete mode 100644 krebs/3modules/lass/ssh/daedalus.rsa
delete mode 100644 krebs/3modules/lass/ssh/helios.rsa
delete mode 100644 krebs/3modules/lass/ssh/icarus.rsa
delete mode 100644 krebs/3modules/lass/ssh/shodan.rsa
delete mode 100644 krebs/3modules/lass/ssh/uriel.rsa
delete mode 100644 krebs/3modules/lass/ssh/xerxes.ed25519
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index dc5c9ca3c..30c7b085f 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -664,42 +664,5 @@ in {
mail = "lassulus@gmail.com";
pubkey = builtins.readFile ./ssh/android.rsa;
};
- lass-helios = {
- mail = "lass@helios.r";
- pubkey = builtins.readFile ./ssh/helios.rsa;
- };
- lass-uriel = {
- mail = "lass@uriel.r";
- pubkey = builtins.readFile ./ssh/uriel.rsa;
- };
- lass-shodan = {
- mail = "lass@shodan.r";
- pubkey = builtins.readFile ./ssh/shodan.rsa;
- pgp.pubkeys.default = builtins.readFile ./pgp/shodan.pgp;
- };
- lass-icarus = {
- mail = "lass@icarus.r";
- pubkey = builtins.readFile ./ssh/icarus.rsa;
- pgp.pubkeys.default = builtins.readFile ./pgp/icarus.pgp;
- };
- lass-xerxes = {
- mail = "lass@xerxes.r";
- pubkey = builtins.readFile ./ssh/xerxes.ed25519;
- };
- lass-daedalus = {
- mail = "lass@daedalus.r";
- pubkey = builtins.readFile ./ssh/daedalus.rsa;
- };
- prism-repo-sync = {
- pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhpCKTnSq6VDJPB+0NiHu2ZxSKEIxHN6uPAPnbXYNCe";
- mail = "lass@prism.r";
- };
- mors-repo-sync = {
- pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv6N/UjFnX5vUicT9Sw0+3x4mR0760iaVWZ/JDtdV4h";
- mail = "lass@mors.r";
- };
- wine-mors = {
- pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEKfTIKmbe1RjX1fjAn//08363zAsI0CijWnaYyAC842";
- };
};
}
diff --git a/krebs/3modules/lass/pgp/helios.pgp b/krebs/3modules/lass/pgp/helios.pgp
deleted file mode 100644
index dc6d07d6b..000000000
--- a/krebs/3modules/lass/pgp/helios.pgp
+++ /dev/null
@@ -1,51 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-
-mQINBFm/8D0BEAC+kY6ELukGkQh4xJ+haYGYi6FdCCUgM+BqAXQ9s7FnzyrNCbTq
-x5O2b3Np96NANCCWSMIcAIXt/AzfvxY7awtsFNlXolMMMEdkHbEXQCgJahK1P5iD
-q7DWlwwXNy+oPdl7ZGtfhK+d698aI6eFS0SamElH4B4IFaGzSXC0ec1Cva+3QM1d
-FPRmRByMllTxEcxI6P1gIAtZGXwPLPGVPYuoRQFM+3w+VPgBcWTLPYcLyvLj0r8o
-Gv/JSyZHNEu5Rtyl+8G6/8W/u7+J4lzO4V6Y6+UPomvfyCkreqsQp/bB8Nw9LYN2
-zNttaxM5zu7FBY2e+OwFsxNC5nnIvSVY2qYUps6Lxuv1cxKY+3lZKhMcc8+p+j2g
-QNdfys3Hk4fdZ5YBaQ/v30kS7ZpAkILCYw7g5HJ18pdoULNWYMUaJF/1Qim2mU72
-5wuCzwsWyA6BQFoBSlDPQ24ypGMVKynl6Xh3uGG/K1OcTvhUgzF3J+jcntOY698b
-4Lum/zffWQsVuXZlroydMjtn7Pfr3W8nzLynhCTWruW8+irb/Qut8q04KjfR0UyE
-hdc+kohQemfhk4y0CA0xuzRBRxagKo2LUFTUL312r2TZV+vLWtdToV3HzDuFJokq
-FCxoVm/4M6BQQ3IxDHBVO6BmqIlAGq9cheao3t9XciERPMSHXZzZKV/3CQARAQAB
-tA1sYXNzQGhlbGlvcy5yiQJOBBMBCAA4FiEEwAWygS5dtGA5vC/hQM6NxyLSe0oF
-Alm/8D0CGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQQM6NxyLSe0rm5hAA
-jxqcevdjJt+b4FstIiiNhhjU62/9Tl4qoKgR1/BwAIfDoMWduPrw9ldQky36O923
-VMYKiZBoUzdXRLzL0ay/ewXdSONllUwnFLvil78SQOuJTe5JKM6N0IiEVSEhNjRr
-zylFk7SpY2MOIc0p3eHutD4oq0PcWnOer5R1z7u0mVJRYVoJOu7IIxqj7jb8JRAh
-FbLBbu2mFBcXMLKyWFCTB4nROeoTBcfKTnBuDYhaIEUCLo2RpMYqBJiVJvvFLglA
-XowKFjuE/g5Yne2GB5zx1GVRkjZsE9mGL7L5mlyucMwYqWeJzkNfB7cz58ZFN9EG
-9hzUlaEahPxnC6/AeF9ev/9/SF6bPM/nq36xBXj7W5lOewc5p5GigHkh94VN+bdw
-/KluD5rUErO+v3ag+5Tr8FzjtbjlARRo/vz5YWRGS4yqGiXlUUchAPEzflLYxfD1
-CSH+i0eWMrm5t+BYiPZHL8DSbGI1BM5EhHZ69dS7bUAO1qL7oQObQv+755fLV6+q
-+ir7GHuxtNma58PS+BDiWJnIqmDJ029u188YM4dGL+EWF2AS4cUh2y6CZCOq77Gt
-NmMCZyQjg2KB1jsL5XHySB14/uN3vlSSz9V+ZT/sAK09Z4atfYNnMHBAbC00GSbH
-VqQf+OIascVZWAzqExk4fjnVYjTaoIZHaNd5aT/61S25Ag0EWb/wPQEQAJwoiiHG
-NhuBFBEjZYJsONfJayGE4qWSU//54gJaitSgDLV8G0NYQrxqSNAZMAux6g9BSSrD
-s/LbN5U1KgKpLTHjiSXUFoQFZ44AeTSQkUeelbtMVz13ohjpDInkye3sM9Jr4Zw+
-wwgg3zRi49YR6EU78c81ehPjVyxBPg2mmguBShz1zn5r6GjzniU4p3P5Hwf5F+eu
-kRekG9hlCbVz+Ibl8U/t1JQZBqSIX45svdIYqeal5LWSgUG4o8gbenggNFPi3Olz
-IOoTRMGKe6HCjTzv+xML7Q9bCMkUdyIfrrG0QDj3g+VZmZYAXdKjLLujAAU18Sh0
-SekPenVE0DNvmB7HHw+Bo+4aq6wWC9+BDb31NpJzNY64zEuUZsnustEmAXM2UIKS
-HRzfgnZRRyD99H128a95FNpZrG5H+QgpdTE4PxsZn6fFtCRy6/a/W79VfCdHCahz
-ptthyMeE81uZ28VTBXOHgK8Wawt3xjJCRksCau3xNUgRuSPoAWUPY2tLrJ9wKbxp
-uL4fY8x8M2d9G4U03DfQDGP9JUskqLThnJf7Jo42XTmkJd9hRBL0kMCIfolEcyEh
-pSQqbevUnFRiipv1x90Tn9Cax06ZkHkovuyIniRve/MvX8mCzzlUv1bjVNC0d71+
-z3G8fXlhDZGCkLQu6M1MlmUZxu05UfQnk5kBABEBAAGJAjYEGAEIACAWIQTABbKB
-Ll20YDm8L+FAzo3HItJ7SgUCWb/wPQIbDAAKCRBAzo3HItJ7SuI3D/0Y3A2+ZbeH
-q3SCAXBs4yOv7cffT4KwDHIC2vp9I868xj0Fw9hCdN1X9Y6hfj6nilI4EKW5ozsg
-xs1kqGlclqqpag5ZmFbD1y/DzEpgdlysDJPgdD9FlF0mN+tTS543d0SOyydD2N8X
-el5h4T2VaEBYfwKoDyN7LnCtGoiUSE3Nw99BNJ7zGma+46NRUWjv1eByMMhxvXJF
-ASKn4Ok1olhINH43tQ3TGx9XdG19GS0+OnyOlfdagKwma73A2caUAyjIXBrmR5NU
-Pb3aiyMzxm6DpCupqWkQgCC/EG8HgYhPGJ6TAK2QfMWX1TjERcPGtVbTE7BbRNLd
-LdaIuo+5ROVseBTYDC8VbACkV7eh1fVhUmpZa81uQotCRJ+jsYGT4Lyon44roSGn
-7G+rYgS2yv/2JXSTMBa45MReEPCgkSwZ6u9jvbs7vWzao+4tILsgO9RqNw1kiN9o
-LMLMVVCFmgNMCHxegmNIJYRryQkFZA5vQR2gPS3FYY3NfVGhFHMvsOK+jx415o2O
-gF76EJcexglPWhyqBc5meyw1x6pjoPTNGLnFzH1rdyyYilUyFexy3TSam60Ov/Aj
-cszX0D4M2Fnk9ncSq03ujflVYpVTNtkSVH0K9OY7rwjp78WycxiYzk1OQHogh18L
-Du4S2e/am91kQGaz490BV9XNw4I70e4dQQ==
-=gkzg
------END PGP PUBLIC KEY BLOCK-----
diff --git a/krebs/3modules/lass/pgp/icarus.pgp b/krebs/3modules/lass/pgp/icarus.pgp
deleted file mode 100644
index f41478a09..000000000
--- a/krebs/3modules/lass/pgp/icarus.pgp
+++ /dev/null
@@ -1,51 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-
-mQINBFpqAGEBEADWiwVYVFXuK9kM7Y1XFL70jb2ZAZBRIpcZF81URMDFhm6ulvHq
-fEhXTpiKKmfnv5Mz6r6wAWLJFKOKZuEvg8NwplRrlBHMkR3iEx4+7sP/dVey7U6f
-+gI61ytFHTOKr52gstPVdXO3xhNmdrAI1hFuF2DxoXKloz8tPP92dZcCdm7+5C+2
-KSYEBrIp/Zv1cjkbAFwek5y4ut65sBh/VM+RhSLbqwzyCxwfBE9QAJdIEiSmChql
-Lcz6CToYrdXhOY0ykx+QhT092k/6Xh66JeZ63WVHGrF+SSabq5NNcbWi7EISioHd
-N6JXZmbXMpS/BxgMe145e3mWnd3KOSeOxaiORqev8VOycjRQJfSm8Ky+GtWIyxp7
-rwEHbY8vlG2X9RMW5UxVmSRPWLykZoX0Xvmnrpwcohb5WdkuCp9NjqF0gDswU8do
-bCqASfeWBvJAQkoAlMLU7YH+ymmeQcSVdLy4Jpv1fk5FocQBihTBnC1+ztt7Rm8m
-8VGEpH1h174/z4Xn+bCkRZqopl9GlvpilLT8m8N8jdL7QLZJlQwrHVtima8Rg3XZ
-TriW1Ha/NxHZ8nN7pbisqXHCrJB0szzu++yVeQ7Ebr7HA0tIHqDhqVR0s6a1g5AX
-JYI8vCErowhvPf+BVCUYfmh5dJAY6tt9zrvCneaZ7ogPzOH9kRnZXYi7ZQARAQAB
-tBZpY2FydXMgPGxhc3NAaWNhcnVzLnI+iQJOBBMBCAA4FiEEbimq9dgDayT9DrQy
-FSODpr2bDFMFAlpqAGECGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQFSOD
-pr2bDFNVohAAiY6Pp4whrAIKwNkzqLkUl2SyQCVSGOce906jthKSixdfaUORZPdD
-AnyYUmPyVpWxKYjZl7IfmDDo7D6m21tP8FxCRK8/oYAtz3uRK5b5sb0/5YR77O9+
-s65sNhU8jiHetUEHQ0Z9UJKfm1DpanJ37uIhVcye8BC8OuSD0v0s+hZ+2ZaN1qdn
-qqCkujAILxOWo1ZDqpXfHaV11AotzlgyYmxlXzClsLB0SGhU7HUZesKETn3JUmrV
-88kkpug8gn9MpTSPDIWsTeNUWpNhqdDRA+2TUygtpQSKzJC8sdkFaWkMrH3cF6wA
-BZ+4tS2mRMQWq9BNMK+xnkWPvYO9e6v4ddXtlcVgGTUhSo+opCXza3dcXE5Xbv8x
-a1T5HJSV0HQPTrlAUoXZveu7ZgYVO5SOTCm1jBNKX8WCmvO6yJRalxo9N/d6gswq
-tKAGm9tlXpTXnG6tvebmSxjzjVwjbQMDJGy4Cj4bw0GGCdapDFrPidUDY/INmU7D
-TWtNsAJlJRuu7ddxIVTspZ7rmDBAOhYzXxGuU3ntZFTiFm9BpCmHYWpeQ5EKuxhJ
-mgxzC9wKDoS8NRKwt5ak/mX0vpXkJjF2Lrza0wCAZ1ZYWFNaehEwhNT51s9kZIi3
-w1v2z8xmu7VDq/n2sMRtMe7MVIOh1Nu7l/5Uqeb+EYnEc1NGZsFxcYK5Ag0EWmoA
-YQEQALMaaF9HeDpeqDjDpxanjjIz4YXMZoMkXwrLS/Rn2mobG5lJzxU+1AkwXxTD
-K45A0YHWsnAH1S8V9Gx+NlUMS/S/m9BruSXNohUKARIJLbltEM/EufOThjgfhW0Y
-cLorZ1kOSZvORR9+Ctuq/RcvGFwyLB/4OpcGHUezTIcAkLUo0lKPS4HtT2ogSUIx
-UstAMwEOSQIDR6sDDiS0BXNdlkKK6daLpH+snQMGP+ILAyRHGu1MlYkACDQZa5aP
-9vpany7zC9Ls7vaewCevZCUJfs00VF72pdCRdBV8oPQqwPfhS+uSCV58WwWCqHTq
-8PtxCVVzQdngOvScRvjrijtzlseyyTW3w9DPoDsQ16oM3y0kcnnv2hdfTVuv4+YK
-9fVRIrWEAlU3cxud7iws9+vUO9GwyWy+epFLiCgNgJR/RVIIjcHUExn/XAcFStjw
-QtW+3BxjYmdJpsh5wvmMJSMZDJFMEdKYPm4RI7ZfKVwl6yFeJt3hNkLxxF7k2fXB
-84pIvl03hXA3tRQ5t46wS7L2EPlWT00+MCraczvbIS+SX1nCp4ZXLBs0YmicioBS
-Os0zEtVs+80eWMf86MTT7YLwre4t+QRbM/RyIvJFTqBT3ad7/7ZMyEuVJBwDJlpx
-LGwZGa6zwnbzcf8Us4kAIRzQoK8VOg/xC/ymJYCk3oJCKD9RABEBAAGJAjYEGAEI
-ACAWIQRuKar12ANrJP0OtDIVI4OmvZsMUwUCWmoAYQIbDAAKCRAVI4OmvZsMU1vw
-EACDJDmZR5BIPxwr9+1Z5ZgT7XcBUbu4F2w84J3xqCUYqcti6I4lSMtxfw94crMp
-HoexOVOhvoTneIliv0a4ZSu84u4CGoFn4M7RA0Ka1SVvbuasXf57sVwRptXjr3LL
-f/0olra5rkIyZbsvKm0g2N/bfmCfmtOClFDst2yK/FovW5PJBRx2mT38qBhHG8j2
-P7zG0/vO846FxjAGvOMGlEVGmN+R9BeecomOKsKgvUbsycAwzZi/2vWAUGbJBYjx
-Yd+K8wjPE8g5CumxaLSH/dlY/0BOZygjank+aHLrwMtNnplYVJmmqDhdbgwN6DDk
-cCQNLQyk61IdhtZ7UzJyFTkXnXiirrO4WzL6GJjunNzvcTUAU5vNiG+2he1GdxZF
-WiLRrcC+oIMWVST8fNRwJZU+Ibw/UIfEV/rHau0fJlxZatks7Qd8gjxSHIyElUVj
-CYrizbFPZ85IhkCirX2tvhycK/nseAYjDuJkJIp3Io0sl3cQ9M8Kx790LUbYzNC4
-bZn8vA1YwTr1ny3+vEhMhaaVSTeVrWYV8023kwzcLRWra7F1hJcc9+LNmqHvXR67
-uBW2KPIrXKrjJmGkMVBSrf9PJu5jNfvCWOntck7C7xOWoUcgyt3uTpP7FkHVdolh
-HFNPouS3w0HoB20zdCpmyFNs6Rjhey2r5JIttd6ATVRVYA==
-=gJia
------END PGP PUBLIC KEY BLOCK-----
diff --git a/krebs/3modules/lass/pgp/shodan.pgp b/krebs/3modules/lass/pgp/shodan.pgp
deleted file mode 100644
index 543b05b71..000000000
--- a/krebs/3modules/lass/pgp/shodan.pgp
+++ /dev/null
@@ -1,30 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v2
-
-mQENBFc/U8EBCADaPobNwlm8oI3cVtDhsdHpW7gyNTloqM1JdUPoJ30kS8xIbKfF
-U+UWEj+/G0hXg3jGpqsYKzCegLcZuvKrLuyWas3nFync/KeWjPpmQWh8h/AQ63gi
-6FjikRS9iDHEnUBqXXymG6JOo9NrGX7viWcPx+rQzvXOFxVYt1JJY+Ki30tSL+0l
-igJBJ+x2qndnlPZE9uyKjYC9+9NlZ04h5WOponTtgIddBlBPhIOAW+f5mBVeWuaK
-8wPBY2z98ZIclwdTohCpBRjs/EAEhN+2djSjyJti2TARceMKV2ZLRoUh6bNqj3xV
-Y4IkDe47dS8rRmH/xj+9odJjtlbFHDmtElcfABEBAAG0HWxhc3NAc2hvZGFuLnIg
-PGxhc3NAc2hvZGFuLnI+iQE3BBMBCAAhBQJXP1PBAhsDBQsJCAcCBhUICQoLAgQW
-AgMBAh4BAheAAAoJECOf1I8qjNLnWCsH/Rr70NVjCpqou5JRJqc9NMYJflH8qUSR
-xxYsVXaLjf1sa5X0qbq1u5EaYQGsdP7qKuLggoom7CGBhG3WZnfhuLi9y2IXAFo8
-RprBmrTmXgpXqm8IrcWMDJUEwhjUn+x1iCnGUfmbUpIdBIj8HsCfDUmg+WT0GflT
-9tfYR0v1vRzK6WWYEobP9abhZdjOHIS8cXDgFVREllKjjOcLzsB23I9g1nlvX3+W
-J7iliC4s1OGvcpw0MHl/1KRpSBXK3we0WTNZLIJXr8W+BvURYxhVfbvgjHuv6K0h
-J0a/me8nkh05pdRLLGL+C8eFjAXALnTIxgiVNGjtXBAR+/HN2//iG665AQ0EVz9T
-wQEIAMsxDQ3Y5SL2gI1EjEuCc6RyTSBmsna9g/wKjzUbcB9zpEN9i85NDRvvfGn6
-ihxI9Z1rvn8zr8MKu9OcZB2XEQDriHUcS4IxnZzdbUIKOtR+1BjZvMKupbw+KHag
-WoeUh+tfb50bEMy/Z6Mp5mLOyXMyyiGS3CHJ6sHUXTub6kuHQnAOqiMsqnegZMcS
-sF+NpSNoSngC060jgh7fl4T8M3Vuv9NKGu9+0J48QR+LFsKe/7LwRQ9HFSH4sPeD
-vQI1BEo4piXthwd6mUHCbish38H77PGO0kKHaJ0HkBu+3tKXP1JJdm9SiN+ypUIB
-FyfLpaWf6pcc/0QX6qE4gL00MI0AEQEAAYkBHwQYAQgACQUCVz9TwQIbDAAKCRAj
-n9SPKozS5w85B/4o2Zf7oLqjNmOu+YE0fNJmbGCETNotNnE/GToiejNAM9B/rYJe
-qjM9/kq0GJKVfKKrBGA0YQy9O847TVW26gPeiEgS7DO1Dl9YiLJJVzUGlOPijTIJ
-A3LmMCLU/M3+a/33HGjm7gYk+aRwqOwHeC+f1pder8InoC3ebWupfcQsWkwTVqZk
-lrLzoywjqQcdjAYFJp1c0ZxXyrgOS4dIGMU+o+DDCyK/ry9UGd3ZacMqDsyWO51A
-iXDMtvVsuxbIP5o3muF9kEX7hx4EF7+MzRI3FjYwlHLNw+v3OVhfOxuPSt71VOiC
-G2aT2z4sz8+qbOIIG3JX99osG6v683lvDUCW
-=s4OM
------END PGP PUBLIC KEY BLOCK-----
diff --git a/krebs/3modules/lass/ssh/daedalus.rsa b/krebs/3modules/lass/ssh/daedalus.rsa
deleted file mode 100644
index ad4847974..000000000
--- a/krebs/3modules/lass/ssh/daedalus.rsa
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgF3311cZ/JV7lOzo/Crmy6pi0oBYu5klbTb8lU/Yic55XVRyYFtm+KGrNvqkcFgOx803aS7jogJ1N6HCdUAaEl5MzlkOX++h97ihZ/NeQZKDjYEEQYl4ElmIbCRiddpDm0HVX1OGSCtUzhlyDHJ8ieMCb+QVNrpwovlQnp53c/+Z6rGSZWgBMrzP7stlw+XjC1Alhi1M5L+bJfroa7cEcF+J5ZN+J2mWSmkPiQ6+iuk9zRkc5ELO1Vz4MsLoeKwbJrz+uuNVsY7u070pHtsLwbAsYU5vOWJeN/vtEwy51SY/so30FowvivTD9jIJ0xcmAdC56XjWaxttKuqUVBjJqhwqsUI6+AxLESekFXzkfghmG+AJPPkb2pvpVF3k0Ivn14bFBuFv0T2qPHq68Fs19WLTZn+dK3V+RfVkI6bEZaMOUezyBv59yFEY42wMISPw53jkaWqKIxyGCBECi3XlbeQ61FkwE9TElSY+NmoeMu6jPWw7XGDY4Jt6mtKiYu3hVqI5pg4hq3bxB8r2W7LnkDiYfArbzwmrc2zAmgJtY60/Pcwq7hP3LSDEuDDc4gYgpkLNwHjs+CLWqpbQffCFv+oOZj8G92if+dMBOUSBCr6FDqH6wLxZp2cfhud0p/0kLz09nv/PcRohOHdaQSEW7OAhJ5kgg3DuxhwUwOf/3UX5iLvm4WwE/mb7Iki4U3AENKHUWQ7TOrXcQq9AJX57e9CTI+N4phtzp9qur8vjVl2OpYl2Qb/0yQSGM+4wQ/nM4acePMk80oXLb3OJBlPp0CswzoI7kFBD0TUOnFTCkrJWPaZhgjQXyvCzgFKAvXgqWy4riczqLhdBAhc1vT3a18HsqKXE3mhJa6Kjl6r/ZQaDl2zw7uLmWTHhGuUI9w487L36extGuC3Tv8zEvu2UHqhdEcaSDzRQYcv1kRobfhTWjzFHzdA97Kkc+HuFfJk3MzchsjCxqIuDP4r5YauMBMHAIsUlP7Ar/t29WreAGJbCCd2oulkFL+P+8Sp6SksMMhKQvuRcj74n6BETfailv64z2FjT+qzkCsr/gzvWD08EJRZUCpidX2WfMoL396nBf+EgwhFykqoFg2jlJJ7Vggod8CSHUSeBkslhNk/tkv4y+NnsAIgNluVZlxIeKj1UgazohSNQVRHozs2lkuK0Ytl4TsFrE0X3ar7LpwEVvCLj3eh2kg4kNKNN/vOwWxvMlF9uCBq5FUHaBCst/OXeigjfGZ0ZK5iHsZN+R/iIlG+3V3VN1Rm29aPJPSuAgwl/lfPUfUP5c8QiwnDgdHqMi7VcuCpEtcTLjqDHBssqosRTLodcIZY6qLepm5kQgJ2FfcTPi+ZwT3Z/IFH6p/H7NeVbb8rVYeF/zqDJiWbI+gDy0xFnGgOLpFSBdHq679FjtjZk7Exgz3rVD+QsoSB8VYVOSqpHB1LQyQ2qBry+33CNpxlX5GaaLx5sbEKEguaJ+9R7Mbf8zQMa8EAXhqoT96kIj66IEk= lass@daedalus
diff --git a/krebs/3modules/lass/ssh/helios.rsa b/krebs/3modules/lass/ssh/helios.rsa
deleted file mode 100644
index 58f81726c..000000000
--- a/krebs/3modules/lass/ssh/helios.rsa
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgGZE0z5+0A42GHI2VYrN9Ra60EwlKqARZUi9e0pbiQxwKi42Y3+Jy2UIAB9rUW51Pw0K6L2FzHZyk9w4fMWjAB+OSaGi8CViGOrBmP8Xm0TSd6a725RSOKTH1jv4u54W6+VQcZpe4RepsuasvN4Rd3FYz1O0ffiroPYS0Hs7ui3HG5rZZsz+FArJ/s2mL525P9VQwMlCAdrepWXgGSPSa/ogmhMCSRttV5R0WCnvXYA4aq45scxjxIWXu/Y/FggslSpRGEnRChHiua5kPWqREC1eNbMOjYJc7OxDIZjzcwHcDHH3U1oIBEjNY8UqMFy3t87cm0BTH9yA6qQnkexCmbRGA0mnAJ1XskgL6KcZuYw+zRo6zVmnZCgRyheenBJhQy/28ZDSwCDBOayl6tAbWivesUZb0/nqucvbdRxTDd6nbSH8q8Cp1qZvP1yrhZ9X2m4Rm66UenHOPOEiyOoVQgfYb2EFHsYVN62shGcfaaL8g4rjUXsUJEheGX5ll5MOMSclUhI8Zk31APq/xuLGGIn+tipjOSX2OVZrSE+KkgitMxOOF1kx33IQGnBKQD8K/a9vVmpTrTAnfXR5oJrXp+XRZ3viXr0rUkG5KfS/zjL8ZC8ckeSkX75BLbPbimUa6TfA/lddipb76zOOOREiD4Sw+MkGDh5xnzwxMY05fjOUmk/v++WcOTTNyrknygdaC8Qx0Gv4Wxmcd+LzmIc5wZZjenwYhp4KpR55EIP966uBUcD+HlkHZnNNZUzOJA8NE+oPQbaM3qCuThe9q9hVYt08/rZ9ANwgb/ChCwEOYLNnofdgrvDb91qenwEUiE9wy79Dwgqh2SRAMN4ZTxRrVjw3potBMRuNc5HMDDXbKfGF1T6O+vBPpcQ8x+rztBDpF/lqjGqoCqyFNG/VnFHFZ5kjLkLmx6S69iRL7wg/KI1NA14tdSLJZ2qDqo5n8rbnGeAWTQB8ZgzhPO39fyOYGCdTJ8e2dIDEw8SUWaVsTnkc/PHOcGAMt2LrL6USszrLSQgU4ediPBWJjX4jk2wxLRPyBz8Z2QLWrsxV0bh1CstIsbBh1p8jMXAKJ+UXqzRWGR5T6d7lensqM0/uWqzu++w6/whQQh9Hzs6GX8l+ELMn0szkRaM9dZpAz5p9HHdYkANwsIIe8CPznRvudQ0CPManTQsjR8GZ3RjGx002VUdbDh5xx7P9Efsa6m8kkNCbUNMSHjmvC9M2sR5ww2WsnvpGBCU8sNYf4y9QvKI1LIYkG1MObhEKHyf5wxFp25bwHyxPkHGULhJKM/MdDT42flddEJCTEwiCPVuaJsr7Adr6Oni4kzY+S7CiP7YArM0v2Vg9mgVmi11koF9hcZ6zyyKAWVviDRLVIA0/eY66T/FiSS/g12zW1keuhFipNEWyZdD/r8LwfDpInAAqN5g65dx6eoyoB6AZatEwwsnn6zcDP51B1q0TC9Y+TXK5TSBE50oFxa2SLu4Gj7YOi1AoRqKxSPVktE= lass@helios
diff --git a/krebs/3modules/lass/ssh/icarus.rsa b/krebs/3modules/lass/ssh/icarus.rsa
deleted file mode 100644
index 1126c331e..000000000
--- a/krebs/3modules/lass/ssh/icarus.rsa
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgEuFS5MwYQRF+0MKAQvyv6O+0ky0QnOKGMVZgFXE4g2JrByTCXQAeQmyJquM1wl9IRD63res8ZguMoAz2PkHfNbRSSsR7pH/G3DaJRl0VGf14zO3bjBbogQ45j1Bwxi78h44SDmuBAkp0t76ca16kWGhwEVt03+8sqmbLV90RjHZlrFw2sDgTu35SDz1q/ZzkdyFP3xSIBUnsQD64qRLMx64yLcBp0uu2h7gBBCVyA1T+VR3Nc1yIOyv0nUaqEHz+CDATtFlgGTgT6cCXoIPN0QAuIa3pDxt7htD/POsWuFbpbqrBQVcgun5s3J5X0OmNyoqGqqubcycvuYipZUjBCxyTb7RxCqj2oR8alSaeGZm64I0VSGX/iSCtXKaEJqBbxwNUgDH6B2oUeZbRwgPl/SG8vBku1oKzt/36IBoY8HttcosqLkfTquyyO7KVtOBu04geCmmiqJpSV4j5iYMxvrD0AQ3JJmrcbzUYoCGxlYO19TPsa+Ybhn/E8suach75+DIPj5LacYAh9Wjirw67Kg5QyYEt8XGTR2xxF78CFi0JGBRcyorPfFPLznmVntqJLe6dGNL3njgdD0Ocz8V5ktk1pjY5D2nG8GXfd45NQl2QjTLYnYX4dGuudBXth0nEJMv/MRHZrXVViIqwazdq4mA5z1Yu4Tb3l17d2cAZobzdut6JuZbd7itXAPIiY0vEWXr8lpEuE8Uz9mz8aPxZlhmHSXvNcwhq+i2+cFO8OPwUGbnE2cAHpymlQ3aDRgpptAIMU2LjIAblqsvA72asJpuRqu7ZOoy0vVRCOhktIzZXWR9hF5/CM/7NZ5skvHzYlmgkvnuu4jDDGusF32Zyiip0WJg+Iijqe8VpOqCup5UEF5QG32yQwaZDrKd71hq7Z1xNe0vEPN8yCxpes8hWafYY9m8YRrUduDVlOon7SzmdU76RPn2oF6udCGP7A/hEeRiwrDaRuIwchh99Xw3LioxXNzLYB1aXd+yKuZyhW+witC20ISdyZz7JPIrb49JCGH8FtbcDzD1B8Xd1By34POfhxriSr9UG5Hj9LGbA3/aKMOajZdcbrKXorUrKdhAuZv1z4rjW5iwYgXF2G/nseeCOw+DPEcB3GexsyCTUzSjJ6fy3Aqlzppwttx5MfkbNhPZWRCfDX3i0g8e0aFlgvlj99aGgUQeEpYg8peZhe1lxl25Ftc0R7pYmXPDeCY1yWxZiXZ3YtVVr43c/FEaQHXfkZ2I+t5lG6CmgJhhYjUry5Sx4/NgfBvpmU22cIBWNmyTn9q3gDFmeoIiTwlF654K7NnsWrdKr2L2fGI10Xe/J/GYkkzX39e5bToQPXh23gUfIr7faYEPBsVU/SaEkWNHojzf/NKjPT0utvlFr0HqnFYSdk4wpWzcrhii7E/UhgKvpA/k2Vlj4ZhkejfZXQWxRbJzejkVSJcUGim+Dt1WUZJXVOgEkJ3WA6z+ha2FN2sBDdvRKlad55aelvRrbu3/vPzEuE= lass@icarus
diff --git a/krebs/3modules/lass/ssh/shodan.rsa b/krebs/3modules/lass/ssh/shodan.rsa
deleted file mode 100644
index 36a8901fa..000000000
--- a/krebs/3modules/lass/ssh/shodan.rsa
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDH31q4qmu8dbnu5BJMEW5CAMW9xlZg5dNTREy6vHE5OofmDEzi5YTBYr543ppGYQL/PzepChGl8RKZETeU+pnqTTHgnUh3KkOnX0GmpKgDgFgDrdVwyU137P6RyOo/kLvfbzAu1bFC5Q5hUDdbd5dDAQGN23wsRQxx1EI1uMrrMbMUKxpk/x5+AZi0JfAOY4SJNYIRfnim5v9jAt1JHeOjKy3sT3/ZEaJqK8DAKEHo0/kYyizWn5M7do5bw2+WpG/gHpdtTD0NlKwFUyMzhFJh4ahDt9FtExnmDA45rAcVSsinhUmrPqPwBKEnUxle5tw3A4YRHUvqhHTo6G852iiPHE0DUlCKsDJwr+lw3DXjK+HYOdKMFC6nsh4x+SFrwg6JKCXPzeCH2w7VP5xJGlb3YS+NcvbYWRbiqJ/M2hVdn/Atxq2VUAdKnrNtNW4ZYH6yJTGOkcXkyKJzcTj5JZIvJd1DL0pI9aGWNxnmfyOVMgaKfdafBqU/PB8RPPAZH9RCVRH0g+Cnu0NoJmkwKaq0K+z+FF9eNqVpNnYnjVLsPvjLIXCn8kJl4/2mimDlOarj/I9Hs+k0/gbzx4PKUS87+rUVA4Hfz+MltzZQUGoIBQxciAgVVh7zLrMgnPWwvqHnMKAQ9nzgme3A4ew2Ocyl30+skLstr9e08VqErguYSw== lass@shodan
diff --git a/krebs/3modules/lass/ssh/uriel.rsa b/krebs/3modules/lass/ssh/uriel.rsa
deleted file mode 100644
index 015b57837..000000000
--- a/krebs/3modules/lass/ssh/uriel.rsa
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDExWuRcltGM2FqXO695nm6/QY3wU3r1bDTyCpMrLfUSym7TxcXDSmZSWcueexPXV6GENuUfjJPZswOdWqIo5u2AXw9t0aGvwEDmI6uJ7K5nzQOsXIneGMdYuoOaAzWI8pxZ4N+lIP1HsOYttIPDp8RwU6kyG+Ud8mnVHWSTO13C7xC9vePnDP6b+44nHS691Zj3X/Cq35Ls0ISC3EM17jreucdP62L3TKk2R4NCm3Sjqj+OYEv0LAqIpgqSw5FypTYQgNByxRcIcNDlri63Q1yVftUP1338UiUfxtraUu6cqa2CdsHQmtX5mTNWEluVWO3uUKTz9zla3rShC+d3qvr lass@uriel
diff --git a/krebs/3modules/lass/ssh/xerxes.ed25519 b/krebs/3modules/lass/ssh/xerxes.ed25519
deleted file mode 100644
index 87a40ca2a..000000000
--- a/krebs/3modules/lass/ssh/xerxes.ed25519
+++ /dev/null
@@ -1 +0,0 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGwCq56DGqj/kz8d8ax0xIl29jV9f3tUtDgtnCnS1b4q lass@xerxes
diff --git a/lass/1systems/iso.nix b/lass/1systems/iso.nix
index a814cc6b9..a7b9f21b3 100644
--- a/lass/1systems/iso.nix
+++ b/lass/1systems/iso.nix
@@ -52,8 +52,6 @@ with import <stockholm/lib>;
root = {
openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
- config.krebs.users.lass-shodan.pubkey
- config.krebs.users.lass-icarus.pubkey
];
};
};
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index e957279e2..f4c011dcf 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -364,13 +364,8 @@ with import <stockholm/lib>;
uid = genid "download";
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
- lass-shodan.pubkey
- lass-icarus.pubkey
- lass-daedalus.pubkey
- lass-helios.pubkey
lass-android.pubkey
makefu.pubkey
- wine-mors.pubkey
];
};
};
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 27242b129..dcae2f3eb 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -23,7 +23,6 @@ with import <stockholm/lib>;
openssh.authorizedKeys.keys = [
config.krebs.users.lass-mors.pubkey
config.krebs.users.lass-blue.pubkey
- config.krebs.users.lass-xerxes.pubkey
config.krebs.users.lass-yubikey.pubkey
];
};
@@ -42,7 +41,6 @@ with import <stockholm/lib>;
openssh.authorizedKeys.keys = [
config.krebs.users.lass-mors.pubkey
config.krebs.users.lass-blue.pubkey
- config.krebs.users.lass-xerxes.pubkey
config.krebs.users.lass-yubikey.pubkey
];
};
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index ced0d7955..eba68c0bc 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -180,7 +180,7 @@ let
with git // config.krebs.users;
repo:
singleton {
- user = [ lass lass-mors lass-shodan lass-icarus lass-blue lass-xerxes ];
+ user = [ lass lass-mors lass-blue lass-yubikey ];
repo = [ repo ];
perm = push "refs/*" [ non-fast-forward create delete merge ];
} ++
diff --git a/lass/2configs/ssh-cryptsetup.nix b/lass/2configs/ssh-cryptsetup.nix
index c5e1c5928..f08f85b49 100644
--- a/lass/2configs/ssh-cryptsetup.nix
+++ b/lass/2configs/ssh-cryptsetup.nix
@@ -8,8 +8,6 @@
authorizedKeys = with config.krebs.users; [
config.krebs.users.lass-mors.pubkey
config.krebs.users.lass-blue.pubkey
- config.krebs.users.lass-shodan.pubkey
- config.krebs.users.lass-icarus.pubkey
];
};
};
From b4d549fe8f443a5c0f60da2aa9418625faafdb67 Mon Sep 17 00:00:00 2001
From: Jeschli <jeschli@gmail.com>
Date: Mon, 21 Oct 2019 07:35:12 +0200
Subject: [PATCH 06/11] j emacs: synaptics -> libinput ; disableWhileTyping =
True;
---
jeschli/1systems/reagenzglas/config.nix | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/jeschli/1systems/reagenzglas/config.nix b/jeschli/1systems/reagenzglas/config.nix
index b56b76acb..73395583a 100644
--- a/jeschli/1systems/reagenzglas/config.nix
+++ b/jeschli/1systems/reagenzglas/config.nix
@@ -49,7 +49,9 @@
isNormalUser = true;
};
- services.xserver.synaptics.enable = true;
+# services.xserver.synaptics.enable = true;
+ services.xserver.libinput.enable = true;
+ services.xserver.libinput.disableWhileTyping = true;
#Enable ssh daemon
services.openssh.enable = true;
From b1ff2cdd351b07c4b8b6d62101057b6363712d23 Mon Sep 17 00:00:00 2001
From: Jeschli <jeschli@gmail.com>
Date: Mon, 21 Oct 2019 07:40:55 +0200
Subject: [PATCH 07/11] j: add firefox overlay made by luis
---
jeschli/1systems/reagenzglas/config.nix | 2 +-
jeschli/2configs/firefox.nix | 53 ++
.../2configs/overlays/firefox-with-config.nix | 488 ++++++++++++++++++
.../audio-fingerprint-defender/default.nix | 40 ++
.../canvas-fingerprint-defender/default.nix | 40 ++
.../2configs/own-pkgs/dark-reader/default.nix | 28 +
.../font-fingerprint-defender/default.nix | 40 ++
jeschli/2configs/own-pkgs/hopper/default.nix | 45 ++
.../own-pkgs/https-everywhere/default.nix | 29 ++
.../2configs/own-pkgs/pyocclient/default.nix | 26 +
jeschli/2configs/own-pkgs/rmount/default.nix | 34 ++
.../own-pkgs/ublock-origin/default.nix | 28 +
.../own-pkgs/user-agent-switcher/default.nix | 40 ++
.../webgl-fingerprint-defender/default.nix | 40 ++
.../own-pkgs/wl-clipboard/default.nix | 25 +
15 files changed, 957 insertions(+), 1 deletion(-)
create mode 100644 jeschli/2configs/firefox.nix
create mode 100644 jeschli/2configs/overlays/firefox-with-config.nix
create mode 100644 jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix
create mode 100644 jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix
create mode 100644 jeschli/2configs/own-pkgs/dark-reader/default.nix
create mode 100644 jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix
create mode 100644 jeschli/2configs/own-pkgs/hopper/default.nix
create mode 100644 jeschli/2configs/own-pkgs/https-everywhere/default.nix
create mode 100644 jeschli/2configs/own-pkgs/pyocclient/default.nix
create mode 100644 jeschli/2configs/own-pkgs/rmount/default.nix
create mode 100644 jeschli/2configs/own-pkgs/ublock-origin/default.nix
create mode 100644 jeschli/2configs/own-pkgs/user-agent-switcher/default.nix
create mode 100644 jeschli/2configs/own-pkgs/webgl-fingerprint-defender/default.nix
create mode 100644 jeschli/2configs/own-pkgs/wl-clipboard/default.nix
diff --git a/jeschli/1systems/reagenzglas/config.nix b/jeschli/1systems/reagenzglas/config.nix
index 73395583a..b6ae3c201 100644
--- a/jeschli/1systems/reagenzglas/config.nix
+++ b/jeschli/1systems/reagenzglas/config.nix
@@ -5,6 +5,7 @@
[
<stockholm/jeschli>
<stockholm/jeschli/2configs/emacs.nix>
+ <stockholm/jeschli/2configs/firefox.nix>
<stockholm/jeschli/2configs/python.nix>
./desktop.nix
./i3-configuration.nix
@@ -35,7 +36,6 @@
# $ nix search wget
environment.systemPackages = with pkgs; [
wget vim git
- firefox
rofi
ag
];
diff --git a/jeschli/2configs/firefox.nix b/jeschli/2configs/firefox.nix
new file mode 100644
index 000000000..d171fa82d
--- /dev/null
+++ b/jeschli/2configs/firefox.nix
@@ -0,0 +1,53 @@
+{ config, pkgs, ... }:
+
+let
+
+ # Firefox addons
+ https-everywhere = pkgs.callPackage ./own-pkgs/https-everywhere {};
+ ublock-origin = pkgs.callPackage ./own-pkgs/ublock-origin {};
+ webgl-fingerprint-defender = pkgs.callPackage ./own-pkgs/webgl-fingerprint-defender {};
+ canvas-fingerprint-defender = pkgs.callPackage ./own-pkgs/canvas-fingerprint-defender {};
+ audio-fingerprint-defender = pkgs.callPackage ./own-pkgs/audio-fingerprint-defender {};
+ font-fingerprint-defender = pkgs.callPackage ./own-pkgs/font-fingerprint-defender {};
+ user-agent-switcher = pkgs.callPackage ./own-pkgs/user-agent-switcher {};
+ dark-reader = pkgs.callPackage ./own-pkgs/dark-reader {};
+
+ wrapper = pkgs.callPackage ./overlays/firefox-with-config.nix { };
+ myFirefox = wrapper pkgs.firefox-unwrapped {
+
+ extraExtensions = [
+ dark-reader
+ https-everywhere
+ ublock-origin
+ audio-fingerprint-defender
+ canvas-fingerprint-defender
+ webgl-fingerprint-defender
+ font-fingerprint-defender
+ user-agent-switcher
+ ];
+
+ extraPolicies = {
+ CaptivePortal = false;
+ };
+
+ disablePocket = true;
+ disableFirefoxSync = true;
+ allowNonSigned = true;
+ clearDataOnShutdown = true;
+ disableDrmPlugin = true;
+
+};
+
+in {
+
+
+environment.variables = {
+ BROWSER = ["firefox"];
+};
+
+
+environment.systemPackages = with pkgs; [
+ myFirefox
+];
+
+}
diff --git a/jeschli/2configs/overlays/firefox-with-config.nix b/jeschli/2configs/overlays/firefox-with-config.nix
new file mode 100644
index 000000000..9be6250d7
--- /dev/null
+++ b/jeschli/2configs/overlays/firefox-with-config.nix
@@ -0,0 +1,488 @@
+{ stdenv, lib, pkgs, makeDesktopItem, makeWrapper, lndir, replace, config
+
+## various stuff that can be plugged in
+, flashplayer, hal-flash
+, MPlayerPlugin, ffmpeg, xorg, libpulseaudio, libcanberra-gtk2
+, jrePlugin, icedtea_web
+, bluejeans, djview4, adobe-reader
+, google_talk_plugin, fribid, gnome3/*.gnome-shell*/
+, esteidfirefoxplugin ? ""
+, browserpass, chrome-gnome-shell, uget-integrator, plasma-browser-integration, bukubrow
+, udev
+, kerberos
+
+}:
+
+## configurability of the wrapper itself
+
+browser:
+
+let
+ wrapper =
+ { browserName ? browser.browserName or (builtins.parseDrvName browser.name).name
+ , name ? (browserName + "-" + (builtins.parseDrvName browser.name).version)
+ , desktopName ? # browserName with first letter capitalized
+ (lib.toUpper (lib.substring 0 1 browserName) + lib.substring 1 (-1) browserName)
+ , nameSuffix ? ""
+ , icon ? browserName
+ , extraPlugins ? []
+ , extraPrefs ? ""
+ , extraExtensions ? [ ]
+ , allowNonSigned ? false
+ , disablePocket ? false
+ , disableTelemetry ? true
+ , disableDrmPlugin ? false
+ , showPunycodeUrls ? true
+ , disableFirefoxStudies ? true
+ , disableFirefoxSync ? false
+ , useSystemCertificates ? true
+ , dontCheckDefaultBrowser ? false
+ # For more information about anti tracking
+ # vist https://wiki.kairaven.de/open/app/firefox
+ , activateAntiTracking ? true
+ , disableFeedbackCommands ? true
+ , disableDNSOverHTTPS ? true
+ , disableGoogleSafebrowsing ? false
+ , clearDataOnShutdown ? false
+ , homepage ? "about:blank"
+ # For more information about policies visit
+ # https://github.com/mozilla/policy-templates#enterprisepoliciesenabled
+ , extraPolicies ? {}
+ , extraNativeMessagingHosts ? []
+ , gdkWayland ? false
+ }:
+
+ assert gdkWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used
+
+ let
+
+ # If extraExtensions has been set disable manual extensions
+ disableManualExtensions = if lib.count (x: true) extraExtensions > 0 then true else false;
+
+ cfg = config.${browserName} or {};
+ enableAdobeFlash = cfg.enableAdobeFlash or false;
+ ffmpegSupport = browser.ffmpegSupport or false;
+ gssSupport = browser.gssSupport or false;
+ jre = cfg.jre or false;
+ icedtea = cfg.icedtea or false;
+ supportsJDK =
+ stdenv.hostPlatform.system == "i686-linux" ||
+ stdenv.hostPlatform.system == "x86_64-linux" ||
+ stdenv.hostPlatform.system == "armv7l-linux" ||
+ stdenv.hostPlatform.system == "aarch64-linux";
+
+ plugins =
+ assert !(jre && icedtea);
+ if builtins.hasAttr "enableVLC" cfg
+ then throw "The option \"${browserName}.enableVLC\" has been removed since Firefox no longer supports npapi plugins"
+ else
+ ([ ]
+ ++ lib.optional enableAdobeFlash flashplayer
+ ++ lib.optional (cfg.enableDjvu or false) (djview4)
+ ++ lib.optional (cfg.enableMPlayer or false) (MPlayerPlugin browser)
+ ++ lib.optional (supportsJDK && jre && jrePlugin ? mozillaPlugin) jrePlugin
+ ++ lib.optional icedtea icedtea_web
+ ++ lib.optional (cfg.enableGoogleTalkPlugin or false) google_talk_plugin
+ ++ lib.optional (cfg.enableFriBIDPlugin or false) fribid
+ ++ lib.optional (cfg.enableGnomeExtensions or false) gnome3.gnome-shell
+ ++ lib.optional (cfg.enableBluejeans or false) bluejeans
+ ++ lib.optional (cfg.enableAdobeReader or false) adobe-reader
+ ++ lib.optional (cfg.enableEsteid or false) esteidfirefoxplugin
+ ++ extraPlugins
+ );
+ nativeMessagingHosts =
+ ([ ]
+ ++ lib.optional (cfg.enableBrowserpass or false) (lib.getBin browserpass)
+ ++ lib.optional (cfg.enableBukubrow or false) bukubrow
+ ++ lib.optional (cfg.enableGnomeExtensions or false) chrome-gnome-shell
+ ++ lib.optional (cfg.enableUgetIntegrator or false) uget-integrator
+ ++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma-browser-integration
+ ++ extraNativeMessagingHosts
+ );
+ libs = lib.optional stdenv.isLinux udev
+ ++ lib.optional ffmpegSupport ffmpeg
+ ++ lib.optional gssSupport kerberos
+ ++ lib.optionals (cfg.enableQuakeLive or false)
+ (with xorg; [ stdenv.cc libX11 libXxf86dga libXxf86vm libXext libXt alsaLib zlib ])
+ ++ lib.optional (enableAdobeFlash && (cfg.enableAdobeFlashDRM or false)) hal-flash
+ ++ lib.optional (config.pulseaudio or true) libpulseaudio;
+ gtk_modules = [ libcanberra-gtk2 ];
+
+ enterprisePolicies =
+ {
+ policies = {
+ DisableAppUpdate = true;
+ } // lib.optionalAttrs disableManualExtensions (
+ {
+ ExtensionSettings = {
+ "*" = {
+ blocked_install_message = "You can't have manual extension mixed with nix extensions";
+ installation_mode = "blocked";
+ };
+
+ } // lib.foldr (e: ret:
+ ret // {
+ "${e.extid}" = {
+ installation_mode = "allowed";
+ };
+ }
+ ) {} extraExtensions;
+ }
+ ) // lib.optionalAttrs disablePocket (
+ {
+ DisablePocket = true;
+ }
+ ) // lib.optionalAttrs disableTelemetry (
+ {
+ DisableTelemetry = true;
+ }
+ ) // lib.optionalAttrs disableFirefoxStudies (
+ {
+ DisableFirefoxStudies = true;
+ }
+ ) // lib.optionalAttrs disableFirefoxSync (
+ {
+ DisableFirefoxAccounts = true;
+ }
+ ) // lib.optionalAttrs useSystemCertificates (
+ {
+ # Disable useless firefox certificate store
+ Certificates = {
+ ImportEnterpriseRoots = true;
+ };
+ }
+ ) // lib.optionalAttrs (
+ if lib.count (x: true) extraExtensions > 0 then true else false) (
+ {
+ # Don't try to update nix installed addons
+ DisableSystemAddonUpdate = true;
+
+ # But update manually installed addons
+ ExtensionUpdate = false;
+ }
+ ) // lib.optionalAttrs dontCheckDefaultBrowser (
+ {
+ DontCheckDefaultBrowser = true;
+ }
+ )// lib.optionalAttrs disableDNSOverHTTPS (
+ {
+ DNSOverHTTPS = {
+ Enabled = false;
+ };
+ }
+ ) // lib.optionalAttrs clearDataOnShutdown (
+ {
+ SanitizeOnShutdown = true;
+ }
+ ) // lib.optionalAttrs disableFeedbackCommands (
+ {
+ DisableFeedbackCommands = true;
+ }
+ ) // lib.optionalAttrs ( if homepage == "" then false else true) (
+ {
+ Homepage = {
+ URL = homepage;
+ Locked = true;
+ };
+ }
+ ) // extraPolicies ;} ;
+
+
+ extensions = builtins.map (a:
+ if ! (builtins.hasAttr "signed" a) || ! (builtins.isBool a.signed) then
+ throw "Addon ${a.pname} needs boolean attribute 'signed' "
+ else if ! (builtins.hasAttr "extid" a) || ! (builtins.isString a.extid) then
+ throw "Addon ${a.pname} needs a string attribute 'extid'"
+ else if a.signed == false && !allowNonSigned then
+ throw "Disable signature checking in firefox if you want ${a.pname} addon"
+ else a
+ ) extraExtensions;
+
+ policiesJson = builtins.toFile "policies.json"
+ (builtins.toJSON enterprisePolicies);
+
+ mozillaCfg = builtins.toFile "mozilla.cfg" ''
+ // First line must be a comment
+
+ // Remove default top sites
+ lockPref("browser.newtabpage.pinned", "");
+ lockPref("browser.newtabpage.activity-stream.default.sites", "");
+
+ // Deactivate first run homepage
+ lockPref("browser.startup.firstrunSkipsHomepage", false);
+
+ // If true, don't show the privacy policy tab on first run
+ lockPref("datareporting.policy.dataSubmissionPolicyBypassNotification", true);
+
+ ${
+ if allowNonSigned == true then
+ ''lockPref("xpinstall.signatures.required", false)''
+ else
+ ""
+ }
+
+ ${
+ if showPunycodeUrls == true then
+ ''
+ lockPref("network.IDN_show_punycode", true);
+ ''
+ else
+ ""
+ }
+
+ ${
+ if disableManualExtensions == true then
+ ''
+ lockPref("extensions.getAddons.showPane", false);
+ lockPref("extensions.htmlaboutaddons.recommendations.enabled", false);
+ lockPref("app.update.auto", false);
+ ''
+ else
+ ""
+ }
+
+ ${
+ if disableDrmPlugin == true then
+ ''
+ lockPref("media.gmp-gmpopenh264.enabled", false);
+ lockPref("media.gmp-widevinecdm.enabled", false);
+ ''
+ else
+ ""
+ }
+
+ ${
+ if activateAntiTracking == true then
+ ''
+ // Tracking
+ lockPref("browser.send_pings", false);
+ lockPref("browser.send_pings.require_same_host", true);
+ lockPref("network.dns.disablePrefetch", true);
+ lockPref("browser.contentblocking.trackingprotection.control-center.ui.enabled", false);
+ lockPref("browser.search.geoip.url", "");
+ lockPref("privacy.firstparty.isolate", true);
+ lockPref("privacy.userContext.enabled", true);
+ lockPref("privacy.userContext.ui.enabled", true);
+ lockPref("privacy.firstparty.isolate.restrict_opener_access", false);
+ lockPref("network.http.referer.XOriginPolicy", 1);
+ lockPref("network.http.referer.hideOnionSource", true);
+ lockPref(" privacy.spoof_english", true);
+
+ // This option is currently not usable because of bug:
+ // https://bugzilla.mozilla.org/show_bug.cgi?id=1557620
+ // lockPref("privacy.resistFingerprinting", true);
+ ''
+ else ""
+ }
+ ${
+ if disableTelemetry == true then
+ ''
+ // Telemetry
+ lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false);
+ lockPref("browser.ping-centre.telemetry", false);
+ lockPref("devtools.onboarding.telemetry.logged", false);
+ lockPref("toolkit.telemetry.archive.enabled", false);
+ lockPref("toolkit.telemetry.bhrPing.enabled", false);
+ lockPref("toolkit.telemetry.enabled", false);
+ lockPref("toolkit.telemetry.firstShutdownPing.enabled", false);
+ lockPref("toolkit.telemetry.hybridContent.enabled", false);
+ lockPref("toolkit.telemetry.newProfilePing.enabled", false);
+ lockPref("toolkit.telemetry.shutdownPingSender.enabled", false);
+ lockPref("toolkit.telemetry.reportingpolicy.firstRun", false);
+ lockPref("dom.push.enabled", false);
+ lockPref("browser.newtabpage.activity-stream.feeds.snippets", false);
+ lockPref("security.ssl.errorReporting.enabled", false);
+ ''
+ else ""
+ }
+
+ ${
+ if disableGoogleSafebrowsing == true then
+ ''
+ // Google data sharing
+ lockPref("browser.safebrowsing.blockedURIs.enabled", false);
+ lockPref("browser.safebrowsing.downloads.enabled", false);
+ lockPref("browser.safebrowsing.malware.enabled", false);
+ lockPref("browser.safebrowsing.passwords.enabled", false);
+ lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false);
+ lockPref("browser.safebrowsing.malware.enabled", false);
+ lockPref("browser.safebrowsing.phishing.enabled", false);
+ lockPref("browser.safebrowsing.provider.mozilla.gethashURL", "");
+ lockPref("browser.safebrowsing.provider.mozilla.updateURL", "");
+ ''
+ else ""
+ }
+
+ // User customization
+ ${extraPrefs}
+ '';
+ in stdenv.mkDerivation {
+ inherit name;
+
+ desktopItem = makeDesktopItem {
+ name = browserName;
+ exec = "${browserName}${nameSuffix} %U";
+ inherit icon;
+ comment = "";
+ desktopName = "${desktopName}${nameSuffix}${lib.optionalString gdkWayland " (Wayland)"}";
+ genericName = "Web Browser";
+ categories = "Application;Network;WebBrowser;";
+ mimeType = stdenv.lib.concatStringsSep ";" [
+ "text/html"
+ "text/xml"
+ "application/xhtml+xml"
+ "application/vnd.mozilla.xul+xml"
+ "x-scheme-handler/http"
+ "x-scheme-handler/https"
+ "x-scheme-handler/ftp"
+ ];
+ };
+
+ nativeBuildInputs = [ makeWrapper lndir ];
+ buildInputs = lib.optional (browser ? gtk3) browser.gtk3;
+
+ buildCommand = lib.optionalString stdenv.isDarwin ''
+ mkdir -p $out/Applications
+ cp -R --no-preserve=mode,ownership ${browser}/Applications/${browserName}.app $out/Applications
+ rm -f $out${browser.execdir or "/bin"}/${browserName}
+ '' + ''
+
+ # Link the runtime. The executable itself has to be copied,
+ # because it will resolve paths relative to its true location.
+ # Any symbolic links have to be replicated as well.
+ cd "${browser}"
+ find . -type d -exec mkdir -p "$out"/{} \;
+
+ find . -type f \( -not -name "${browserName}" \) -exec ln -sT "${browser}"/{} "$out"/{} \;
+
+ find . -type f -name "${browserName}" -print0 | while read -d $'\0' f; do
+ cp -P --no-preserve=mode,ownership "${browser}/$f" "$out/$f"
+ chmod a+rwx "$out/$f"
+ done
+
+ # fix links and absolute references
+ cd "${browser}"
+
+ find . -type l -print0 | while read -d $'\0' l; do
+ target="$(readlink "$l" | ${replace}/bin/replace-literal -es -- "${browser}" "$out")"
+ ln -sfT "$target" "$out/$l"
+ done
+
+ # This will not patch binaries, only "text" files.
+ # Its there for the wrapper mostly.
+ cd "$out"
+ ${replace}/bin/replace-literal -esfR -- "${browser}" "$out"
+
+ # create the wrapper
+
+ executablePrefix="$out${browser.execdir or "/bin"}"
+ executablePath="$executablePrefix/${browserName}"
+
+ if [ ! -x "$executablePath" ]
+ then
+ echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'"
+ exit 1
+ fi
+
+ if [ ! -L "$executablePath" ]
+ then
+ # Careful here, the file at executablePath may already be
+ # a wrapper. That is why we postfix it with -old instead
+ # of -wrapped.
+ oldExe="$executablePrefix"/".${browserName}"-old
+ mv "$executablePath" "$oldExe"
+ else
+ oldExe="$(readlink -v --canonicalize-existing "$executablePath")"
+ fi
+
+
+ makeWrapper "$oldExe" "$out${browser.execdir or "/bin"}/${browserName}${nameSuffix}" \
+ --suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \
+ --suffix LD_LIBRARY_PATH ':' "$libs" \
+ --suffix-each GTK_PATH ':' "$gtk_modules" \
+ --suffix-each LD_PRELOAD ':' "$(cat $(filterExisting $(addSuffix /extra-ld-preload $plugins)))" \
+ --prefix-contents PATH ':' "$(filterExisting $(addSuffix /extra-bin-path $plugins))" \
+ --suffix PATH ':' "$out${browser.execdir or "/bin"}" \
+ --set MOZ_APP_LAUNCHER "${browserName}${nameSuffix}" \
+ --set MOZ_SYSTEM_DIR "$out/lib/mozilla" \
+ ${lib.optionalString gdkWayland ''
+ --set GDK_BACKEND "wayland" \
+ ''}${lib.optionalString (browser ? gtk3)
+ ''--prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" \
+ --suffix XDG_DATA_DIRS : '${gnome3.adwaita-icon-theme}/share'
+ ''
+ }
+
+ if [ -e "${browser}/share/icons" ]; then
+ mkdir -p "$out/share"
+ ln -s "${browser}/share/icons" "$out/share/icons"
+ else
+ for res in 16 32 48 64 128; do
+ mkdir -p "$out/share/icons/hicolor/''${res}x''${res}/apps"
+ icon=( "${browser}/lib/"*"/browser/chrome/icons/default/default''${res}.png" )
+ if [ -e "$icon" ]; then ln -s "$icon" \
+ "$out/share/icons/hicolor/''${res}x''${res}/apps/${browserName}.png"
+ fi
+ done
+ fi
+
+ install -D -t $out/share/applications $desktopItem/share/applications/*
+
+ mkdir -p $out/lib/mozilla
+ for ext in ${toString nativeMessagingHosts}; do
+ lndir -silent $ext/lib/mozilla $out/lib/mozilla
+ done
+
+ # For manpages, in case the program supplies them
+ mkdir -p $out/nix-support
+ echo ${browser} > $out/nix-support/propagated-user-env-packages
+
+ # user customization
+ mkdir -p $out/lib/firefox
+
+ # creating policies.json
+ mkdir -p "$out/lib/firefox/distribution"
+
+ cat > "$out/lib/firefox/distribution/policies.json" < ${policiesJson}
+
+ # preparing for autoconfig
+ mkdir -p "$out/lib/firefox/defaults/pref"
+
+ cat > "$out/lib/firefox/defaults/pref/autoconfig.js" <<EOF
+ pref("general.config.filename", "mozilla.cfg");
+ pref("general.config.obscure_value", 0);
+ EOF
+
+ cat > "$out/lib/firefox/mozilla.cfg" < ${mozillaCfg}
+
+ mkdir -p $out/lib/firefox/distribution/extensions
+
+ for i in ${toString extensions}; do
+ ln -s -t $out/lib/firefox/distribution/extensions $i/*
+ done
+ '';
+
+ preferLocalBuild = true;
+
+ # Let each plugin tell us (through its `mozillaPlugin') attribute
+ # where to find the plugin in its tree.
+ plugins = map (x: x + x.mozillaPlugin) plugins;
+ libs = lib.makeLibraryPath libs + ":" + lib.makeSearchPathOutput "lib" "lib64" libs;
+ gtk_modules = map (x: x + x.gtkModule) gtk_modules;
+
+ passthru = { unwrapped = browser; };
+
+ disallowedRequisites = [ stdenv.cc ];
+
+ meta = browser.meta // {
+ description =
+ browser.meta.description
+ + " (with plugins: "
+ + lib.concatStrings (lib.intersperse ", " (map (x: x.name) plugins))
+ + ")";
+ hydraPlatforms = [];
+ priority = (browser.meta.priority or 0) - 1; # prefer wrapper over the package
+ };
+ };
+in
+ lib.makeOverridable wrapper
diff --git a/jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix b/jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix
new file mode 100644
index 000000000..05815e132
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix
@@ -0,0 +1,40 @@
+{ stdenv, fetchurl, unzip, jq, zip }:
+
+stdenv.mkDerivation rec {
+ pname = "audio-fingerprint-defender-${version}";
+ version = "0.1.3";
+
+ extid = "@audio-fingerprint-defender";
+ signed = false;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3363623/audiocontext_fingerprint_defender-${version}-an+fx.xpi";
+ sha256 = "0yfk5vqwjg4g25c98psj56sw3kv8imxav3nss4hbibflgla1h5pb";
+ };
+
+ phases = [ "buildPhase" ];
+
+ buildInputs = [ zip unzip jq ];
+
+ buildPhase = ''
+ mkdir -p $out/${extid}
+ unzip ${src} -d $out/${extid}
+ NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
+ echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
+ cd $out/${extid}
+ zip -r -FS $out/${extid}.xpi *
+ rm -r $out/${extid}
+ '';
+
+ meta = with stdenv.lib; {
+ description = "Audio context fingerprint defender firefox browser addon";
+ homepage = https://mybrowseraddon.com/audiocontext-defender.html;
+ license = {
+ fullName = "Mozilla Public License Version 2.0";
+ shortName = "moz2";
+ spdxId = "mozilla-2.0";
+ url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix b/jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix
new file mode 100644
index 000000000..21b4b3f97
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix
@@ -0,0 +1,40 @@
+{ stdenv, fetchurl, unzip, jq, zip }:
+
+stdenv.mkDerivation rec {
+ pname = "canvas-fingerprint-defender-${version}";
+ version = "0.1.5";
+
+ extid = "@canvas-fingerprint-defender";
+ signed = false;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3362272/canvas_fingerprint_defender-${version}-an+fx.xpi?src=recommended";
+ sha256 = "1hg00zsrw7ij7bc222j83g2wm3ml1aj34zg5im1802cjq4qqvbld";
+ };
+
+ phases = [ "buildPhase" ];
+
+ buildInputs = [ zip unzip jq ];
+
+ buildPhase = ''
+ mkdir -p $out/${extid}
+ unzip ${src} -d $out/${extid}
+ NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
+ echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
+ cd $out/${extid}
+ zip -r -FS $out/${extid}.xpi *
+ rm -r $out/${extid}
+ '';
+
+ meta = with stdenv.lib; {
+ description = "Canvas fingerprint defender firefox browser addon";
+ homepage = https://mybrowseraddon.com/webgl-defender.html;
+ license = {
+ fullName = "Mozilla Public License Version 2.0";
+ shortName = "moz2";
+ spdxId = "mozilla-2.0";
+ url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/2configs/own-pkgs/dark-reader/default.nix b/jeschli/2configs/own-pkgs/dark-reader/default.nix
new file mode 100644
index 000000000..44f4f9054
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/dark-reader/default.nix
@@ -0,0 +1,28 @@
+{ stdenv, fetchurl }:
+
+stdenv.mkDerivation rec {
+ pname = "dark-reader-${version}";
+ version = "4.8.1";
+
+ extid = "addon@darkreader.org";
+ signed = true;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3404143/dark_reader-${version}-an+fx.xpi";
+ sha256 = "0ic0i56jhmxymvy68bs5hqcjvdvw3vks5r58i2ygmpsm190rlldb";
+ };
+
+ phases = [ "installPhase" ];
+
+ installPhase = ''
+ install -D ${src} "$out/${extid}.xpi"
+ '';
+
+ meta = with stdenv.lib; {
+ description = "Dark mode for every website. Take care of your eyes, use dark theme for night and daily browsing.";
+ homepage = https://github.com/darkreader/darkreader;
+ license = licenses.mit;
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix b/jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix
new file mode 100644
index 000000000..26751beef
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix
@@ -0,0 +1,40 @@
+{ stdenv, fetchurl, unzip, jq, zip }:
+
+stdenv.mkDerivation rec {
+ pname = "font-fingerprint-defender-${version}";
+ version = "0.1.0";
+
+ extid = "@font-fingerprint-defender";
+ signed = false;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3387637/font_fingerprint_defender-${version}-an+fx.xpi";
+ sha256 = "1aidkvisnx6qd7hn2x756rvzmbnaz6laqbwq0j5yd86g1kc56dr0";
+ };
+
+ phases = [ "buildPhase" ];
+
+ buildInputs = [ zip unzip jq ];
+
+ buildPhase = ''
+ mkdir -p $out/${extid}
+ unzip ${src} -d $out/${extid}
+ NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
+ echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
+ cd $out/${extid}
+ zip -r -FS $out/${extid}.xpi *
+ rm -r $out/${extid}
+ '';
+
+ meta = with stdenv.lib; {
+ description = "Font fingerprint defender firefox browser addon";
+ homepage = https://mybrowseraddon.com/font-defender.html;
+ license = {
+ fullName = "Mozilla Public License Version 2.0";
+ shortName = "moz2";
+ spdxId = "mozilla-2.0";
+ url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/2configs/own-pkgs/hopper/default.nix b/jeschli/2configs/own-pkgs/hopper/default.nix
new file mode 100644
index 000000000..569fc6aaf
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/hopper/default.nix
@@ -0,0 +1,45 @@
+{ stdenv, fetchurl, pkgs, makeWrapper, lib }:
+
+stdenv.mkDerivation rec {
+ name = "${pname}-${version}";
+ pname = "hopper";
+ version = "4.5.16";
+ rev = "v${lib.versions.major version}";
+
+ src = fetchurl {
+ url = "https://d2ap6ypl1xbe4k.cloudfront.net/Hopper-${rev}-${version}-Linux.pkg.tar.xz";
+ sha256 = "0gjnn7f6ibfx46k4bbj8ra7k04s0mrpq7316brgzks6x5yd1m584";
+ };
+
+ sourceRoot = ".";
+
+ ldLibraryPath = with pkgs; stdenv.lib.makeLibraryPath [
+libbsd.out libffi.out gmpxx.out python27Full.out python27Packages.libxml2.out qt5.qtbase zlib xlibs.libX11.out xorg_sys_opengl.out xlibs.libXrender.out gcc-unwrapped.lib
+ ];
+
+ nativeBuildInputs = [ makeWrapper ];
+
+ installPhase = ''
+ mkdir -p $out/bin
+ mkdir -p $out/lib
+ mkdir -p $out/share
+ cp $sourceRoot/opt/hopper-${rev}/bin/Hopper $out/bin/hopper
+ cp -r $sourceRoot/opt/hopper-${rev}/lib $out
+ cp -r $sourceRoot/usr/share $out/share
+ patchelf \
+ --set-interpreter ${stdenv.glibc}/lib/ld-linux-x86-64.so.2 \
+ $out/bin/hopper
+ # Details: https://nixos.wiki/wiki/Qt
+ wrapProgram $out/bin/hopper \
+ --suffix LD_LIBRARY_PATH : ${ldLibraryPath} \
+ --suffix QT_PLUGIN_PATH : ${pkgs.qt5.qtbase}/lib/qt-${pkgs.qt5.qtbase.qtCompatVersion}/plugins
+ '';
+
+ meta = {
+ homepage = "https://www.hopperapp.com/index.html";
+ description = "A macOS and Linux Disassembler";
+ license = stdenv.lib.licenses.unfree;
+ maintainers = [ stdenv.lib.maintainers.luis ];
+ platforms = stdenv.lib.platforms.linux;
+ };
+}
diff --git a/jeschli/2configs/own-pkgs/https-everywhere/default.nix b/jeschli/2configs/own-pkgs/https-everywhere/default.nix
new file mode 100644
index 000000000..66fede43c
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/https-everywhere/default.nix
@@ -0,0 +1,29 @@
+{ stdenv, fetchurl }:
+
+stdenv.mkDerivation rec {
+ pname = "https-everywhere-${version}";
+ version = "2019.6.27";
+
+ extid = "https-everywhere@eff.org";
+ signed = true;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3060290/https_everywhere-${version}-an+fx.xpi";
+ sha256 = "0743lhn9phn7n6c0886h9ddn1n8vhzbl0vrw177zs43995aj3frp";
+ };
+
+ phases = [ "installPhase" ];
+
+ installPhase = ''
+ install -D ${src} "$out/${extid}.xpi"
+
+ '';
+
+ meta = {
+ description = "Https everywhere browser addon";
+ homepage = https://www.eff.org/https-everywhere;
+ license = stdenv.lib.licenses.gpl2Plus;
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/2configs/own-pkgs/pyocclient/default.nix b/jeschli/2configs/own-pkgs/pyocclient/default.nix
new file mode 100644
index 000000000..cd91f6171
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/pyocclient/default.nix
@@ -0,0 +1,26 @@
+{ lib, python37Packages }:
+
+python37Packages.buildPythonPackage rec {
+ pname = "pyocclient";
+ version = "0.4";
+
+ src = python37Packages.fetchPypi {
+ inherit pname version;
+ sha256 = "19k3slrk2idixsdw61in9a3jxglvkigkn5kvwl37lj8hrwr4yq6q";
+ };
+
+ doCheck = false;
+
+ propagatedBuildInputs = with python37Packages; [
+ requests
+ six
+ ];
+
+ meta = with lib; {
+ homepage = https://github.com/owncloud/pyocclient/;
+ description = "Nextcloud / Owncloud library for python";
+ license = licenses.mit;
+ maintainers = with maintainers; [ ];
+ };
+
+}
diff --git a/jeschli/2configs/own-pkgs/rmount/default.nix b/jeschli/2configs/own-pkgs/rmount/default.nix
new file mode 100644
index 000000000..22631f420
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/rmount/default.nix
@@ -0,0 +1,34 @@
+{ stdenv, fetchgit, makeWrapper, lib, pkgs ? import <nixpkgs> {} }:
+with pkgs;
+
+stdenv.mkDerivation rec {
+ name = "rmount-${version}";
+ version = "1.0.1";
+ rev = "v${version}";
+
+ src = fetchgit {
+ rev = "9df124780d2e66f01c70afaecf92090669c5ffb6";
+ url = "https://github.com/Luis-Hebendanz/rmount";
+ sha256 = "0ydb6sspfnfa3y6gg1r8sk4r58il6636lpqwb2rw7dzmb4b8hpd2";
+ };
+
+ buildInputs = [ stdenv makeWrapper ];
+
+ installPhase = ''
+ mkdir -p $out/bin
+ mkdir -p $out/share/man/man1
+ cp ${src}/rmount.man $out/share/man/man1/rmount.1
+ cp ${src}/rmount.bash $out/bin/rmount-noenv
+ cp ${src}/config.json $out/share/config.json
+ chmod +x $out/bin/rmount-noenv
+
+ makeWrapper $out/bin/rmount-noenv $out/bin/rmount \
+ --prefix PATH : ${lib.makeBinPath [ nmap jq cifs-utils sshfs ]}
+ '';
+
+ meta = {
+ homepage = "https://github.com/Luis-Hebendanz/rmount";
+ description = "Remote mount utility which parses a json file";
+ license = stdenv.lib.licenses.mit;
+ };
+}
diff --git a/jeschli/2configs/own-pkgs/ublock-origin/default.nix b/jeschli/2configs/own-pkgs/ublock-origin/default.nix
new file mode 100644
index 000000000..45465d482
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/ublock-origin/default.nix
@@ -0,0 +1,28 @@
+{ stdenv, fetchurl }:
+
+stdenv.mkDerivation rec {
+ pname = "ublock-origin-${version}";
+ version = "1.21.2";
+
+ extid = "uBlock0@raymondhill.net";
+ signed = true;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3361355/ublock_origin-${version}-an+fx.xpi";
+ sha256 = "0ypdq3z61mrymknl37qlq6379bx9f2fsgbgr0czbhqs9f2vwszkc";
+ };
+
+ phases = [ "installPhase" ];
+
+ installPhase = ''
+ install -D ${src} "$out/${extid}.xpi"
+ '';
+
+ meta = with stdenv.lib; {
+ description = "ublock origin firefox browser addon";
+ homepage = https://github.com/gorhill/uBlock;
+ license = licenses.gnu3;
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/2configs/own-pkgs/user-agent-switcher/default.nix b/jeschli/2configs/own-pkgs/user-agent-switcher/default.nix
new file mode 100644
index 000000000..c96f11129
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/user-agent-switcher/default.nix
@@ -0,0 +1,40 @@
+{ stdenv, fetchurl, unzip, jq, zip }:
+
+stdenv.mkDerivation rec {
+ pname = "user-agent-switcher-${version}";
+ version = "0.3.2";
+
+ extid = "@user-agent-switcher";
+ signed = false;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3370255/user_agent_switcher_and_manager-${version}-an+fx.xpi";
+ sha256 = "0lrw1xf6fsxr47bifkayfxpysv8s2p9ghmbmw2s7ymhrgy42i6v5";
+ };
+
+ phases = [ "buildPhase" ];
+
+ buildInputs = [ zip unzip jq ];
+
+ buildPhase = ''
+ mkdir -p $out/${extid}
+ unzip ${src} -d $out/${extid}
+ NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
+ echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
+ cd $out/${extid}
+ zip -r -FS $out/${extid}.xpi *
+ rm -r $out/${extid}
+ '';
+
+ meta = with stdenv.lib; {
+ description = "User agent switcher";
+ homepage = https://add0n.com/useragent-switcher.html;
+ license = {
+ fullName = "Mozilla Public License Version 2.0";
+ shortName = "moz2";
+ spdxId = "mozilla-2.0";
+ url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/2configs/own-pkgs/webgl-fingerprint-defender/default.nix b/jeschli/2configs/own-pkgs/webgl-fingerprint-defender/default.nix
new file mode 100644
index 000000000..4e608d182
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/webgl-fingerprint-defender/default.nix
@@ -0,0 +1,40 @@
+{ stdenv, fetchurl, unzip, jq, zip }:
+
+stdenv.mkDerivation rec {
+ pname = "webgl-fingerprint-defender-${version}";
+ version = "0.1.2";
+
+ extid = "@webgl-fingerprint-defender";
+ signed = false;
+
+ src = fetchurl {
+ url = "https://addons.mozilla.org/firefox/downloads/file/3362869/webgl_fingerprint_defender-${version}-an+fx.xpi";
+ sha256 = "06hfr5hxr4qw0jx6i9fi9gdk5211z08brnvqj2jlmpyc3dwl4pif";
+ };
+
+ phases = [ "buildPhase" ];
+
+ buildInputs = [ zip unzip jq ];
+
+ buildPhase = ''
+ mkdir -p $out/${extid}
+ unzip ${src} -d $out/${extid}
+ NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
+ echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
+ cd $out/${extid}
+ zip -r -FS $out/${extid}.xpi *
+ rm -r $out/${extid}
+ '';
+
+ meta = with stdenv.lib; {
+ description = "Canvas defender firefox browser addon";
+ homepage = https://mybrowseraddon.com/webgl-defender.html;
+ license = {
+ fullName = "Mozilla Public License Version 2.0";
+ shortName = "moz2";
+ spdxId = "mozilla-2.0";
+ url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
+ maintainers = [];
+ platforms = stdenv.lib.platforms.all;
+ };
+}
diff --git a/jeschli/2configs/own-pkgs/wl-clipboard/default.nix b/jeschli/2configs/own-pkgs/wl-clipboard/default.nix
new file mode 100644
index 000000000..349d910da
--- /dev/null
+++ b/jeschli/2configs/own-pkgs/wl-clipboard/default.nix
@@ -0,0 +1,25 @@
+{ stdenv, fetchFromGitHub, meson, ninja, pkgconfig
+, wayland, wayland-protocols }:
+
+stdenv.mkDerivation rec {
+ pname = "wl-clipboard";
+ version = "2.0.0";
+
+ src = fetchFromGitHub {
+ owner = "bugaevc";
+ repo = "wl-clipboard";
+ rev = "v${version}";
+ sha256 = "0c4w87ipsw09aii34szj9p0xfy0m00wyjpll0gb0aqmwa60p0c5d";
+ };
+
+ nativeBuildInputs = [ meson ninja pkgconfig wayland-protocols ];
+ buildInputs = [ wayland ];
+
+ meta = with stdenv.lib; {
+ description = "Command-line copy/paste utilities for Wayland";
+ homepage = https://github.com/bugaevc/wl-clipboard;
+ license = licenses.gpl3;
+ maintainers = with maintainers; [ dywedir ];
+ platforms = platforms.linux;
+ };
+}
From c49a88c360465ec6b2ce0fd21a70a1de22bd0507 Mon Sep 17 00:00:00 2001
From: Jeschli <jeschli@gmail.com>
Date: Mon, 21 Oct 2019 07:42:39 +0200
Subject: [PATCH 08/11] j emacs: remove ido add helm
---
jeschli/2configs/emacs-org-agenda.nix | 16 ++++++++--------
jeschli/2configs/emacs.nix | 20 +++++++++++++++++---
2 files changed, 25 insertions(+), 11 deletions(-)
diff --git a/jeschli/2configs/emacs-org-agenda.nix b/jeschli/2configs/emacs-org-agenda.nix
index ded90ea1a..79540977c 100644
--- a/jeschli/2configs/emacs-org-agenda.nix
+++ b/jeschli/2configs/emacs-org-agenda.nix
@@ -162,14 +162,14 @@ let
(setq org-refile-allow-creating-parent-nodes (quote confirm))
; Use IDO for both buffer and file completion and ido-everywhere to t
-(setq org-completion-use-ido t)
-(setq ido-everywhere t)
-(setq ido-max-directory-size 100000)
-(ido-mode (quote both))
-; Use the current window when visiting files and buffers with ido
-(setq ido-default-file-method 'selected-window)
-(setq ido-default-buffer-method 'selected-window)
-; Use the current window for indirect buffer display
+; (setq org-completion-use-ido t)
+; (setq ido-everywhere t)
+; (setq ido-max-directory-size 100000)
+; (ido-mode (quote both))
+; ; Use the current window when visiting files and buffers with ido
+; (setq ido-default-file-method 'selected-window)
+; (setq ido-default-buffer-method 'selected-window)
+; ; Use the current window for indirect buffer display
(setq org-indirect-buffer-display 'current-window)
;;;; Refile settings
diff --git a/jeschli/2configs/emacs.nix b/jeschli/2configs/emacs.nix
index d243017f1..46354bd62 100644
--- a/jeschli/2configs/emacs.nix
+++ b/jeschli/2configs/emacs.nix
@@ -53,6 +53,13 @@ let
(ido-mode t)
'';
+ helm = ''
+ (helm-mode 1)
+ (global-set-key (kbd "M-x") #'helm-M-x)
+ (global-set-key (kbd "C-x r b") #'helm-filtered-bookmarks)
+ (global-set-key (kbd "C-x C-f") #'helm-find-files)
+ '';
+
magit = ''
(global-set-key (kbd "C-x g") 'magit-status) ; "Most Magit commands are commonly invoked from the status buffer"
@@ -161,10 +168,9 @@ let
${evilMode}
${goMode}
- ${ido}
+ ${helm}
${magit}
${orgMode}
- ${recentFiles}
${rustDevelopment}
${theme}
${windowCosmetics}
@@ -175,9 +181,17 @@ let
#emacsWithCustomPackages
emacsPkgs= epkgs: [
-#testing
+ #testing
+ epkgs.melpaPackages.web-mode
+ epkgs.melpaPackages.js2-mode
+ epkgs.melpaPackages.xref-js2
+
+ epkgs.melpaPackages.academic-phrases
+
epkgs.melpaPackages.gitlab
epkgs.melpaPackages.forge
+ epkgs.melpaPackages.helm
+ epkgs.melpaPackages.weechat
# emacs convenience
epkgs.melpaPackages.ag
From 002913eb9bb516f0f39ef6ca26593953145d42e1 Mon Sep 17 00:00:00 2001
From: Ingolf Wagner <contact@ingolf-wagner.de>
Date: Mon, 21 Oct 2019 23:55:22 +0200
Subject: [PATCH 09/11] external: change palos ssh key
---
krebs/3modules/external/palo.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix
index e81dd9b58..aea1792f4 100644
--- a/krebs/3modules/external/palo.nix
+++ b/krebs/3modules/external/palo.nix
@@ -78,7 +78,7 @@ in {
};
users = {
palo = {
- pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBYNJVuyyZmc2pCkLWjhl0/hMMb7elmI81/9LAGtk8Tz4TmVderTMohwQkaTYznwPOPuKfU1sSMLCB8rYXdAO5nqWC4bGjXJ/+D8/UKfGjSqRQ7UkfpOF3NAm+pqUSFjaVXi1BWd+jxmsD0uRks0PyNSywZfgjn5LYpD3SpxyFy/17P/PJ9vX6PELjeYvNGH3l5cXDwYky3ZZJol7quBJ5yrA6I536A4wNDzg2ow+MRVu51/nIJdnbbsC/dDHgmdRWnStOzvsA+xSEMeKvLW3CaSPINr/bMGxOPrefr79bg59gkw9Wxp51fkx0o18N1liTRfWXau+GFNGMxFluELhfGXYOH9HLedLt8H38zs5vgJ9IY+tlOzMKud5njiNkuG503AiqY2H7coN7VeVA5+6L7tmwFbCMhPal4MS0VKHNBmCTDY5QMURYUajKiUh8n5IcbuTsPM+lEszm16g5iB+XQ1vpjza5ds6DRL1H6pUF/UpUzYUlqh2RnE+CyLsFO2MB/o72NoSWRfmn7/nsg6eEg/9kSn+dwj2ythjuEkMG28Yhm/XjaGnuAE/ZpIeRDozIQNGcHpzPHMd95olfNJW7+fLi+CvSFZa9l+tdS8PoRnCdHOsO4zvESJZ2rDn0Zt0Az6XNRJfYTABDlYPGCnWN4vmlnEJqQARSSiKBDhSgPw== palo@workout";
+ pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
};
};
}
From a6f7523edde0a4480cc23f4cd8f20a5a9b4d95af Mon Sep 17 00:00:00 2001
From: Jeschli <jeschli@gmail.com>
Date: Tue, 22 Oct 2019 18:14:39 +0200
Subject: [PATCH 10/11] j reagenzglas: change formating
---
krebs/3modules/jeschli/default.nix | 27 ++++++++++++++-------------
1 file changed, 14 insertions(+), 13 deletions(-)
diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix
index c6a4b40eb..1b980e166 100644
--- a/krebs/3modules/jeschli/default.nix
+++ b/krebs/3modules/jeschli/default.nix
@@ -137,19 +137,20 @@ in {
"reagenzglas.r"
];
tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAon6oMki2GuJah9c1jNj0CupIPNo765AxtpSkut1PvoydAVYWZMO0
- /UQgrvoDQPq3VQU98LHhtQVjmfmcxmxIK3mWoM356P9TGsheOspTcVP4HCMoWZoF
- QpgpQs1RNuG/nAAcoVHnTqFeFt6oWsykESIWj5jFV5XA+KanyLFThi8aWPumJgOV
- W0AR4+0eECMjBXCV0yRaug4cnFKwLtTQ993AP6Di+5iyh8H39wuASUA/USfMItyX
- KEPCT1LPVu2JKsLE/aQEqX1ra3qVJ+SzSPKvOJGKNjcN0e84TuqGrh6cmEDcT/hd
- MNZisdPvWA8UwXZfsT/TOGyd8MBqgGxWS6JSFHXy9enyjvS+rws8U0IySlnAIEoi
- mXi0leXXDHSQBUnLgDwx4yAJ2R63bUr0pvVd9NBvS9CYHH3TETuwxtMsd3Djm1tu
- 9/GxN78N+dTHCwOFw/RFOGKCDuM2v1P0f56SdcADqiziuVn+Sj/WPL7rM7qLkySv
- jAqY7q5PUjcz/tltJUJwIHaV3sSB6+zOKhSPhGE5ASr4dYEnxiTSD2YE7fj3+WKK
- ShG3cpjOwgW0/Ut88zIs7zQxfHj5ZML+Gh2E2LN5nb7StMBWafgvq58eTKbMCKbx
- ev7cFjOOV86sCjqtt5LVSi7TPAtolnmLyxzM+s/eZoLYITh+Zo8UERMCAwEAAQ==
- -----END RSA PUBLIC KEY-----
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAon6oMki2GuJah9c1jNj0
+ CupIPNo765AxtpSkut1PvoydAVYWZMO0/UQgrvoDQPq3VQU98LHhtQVjmfmcxmxI
+ K3mWoM356P9TGsheOspTcVP4HCMoWZoFQpgpQs1RNuG/nAAcoVHnTqFeFt6oWsyk
+ ESIWj5jFV5XA+KanyLFThi8aWPumJgOVW0AR4+0eECMjBXCV0yRaug4cnFKwLtTQ
+ 993AP6Di+5iyh8H39wuASUA/USfMItyXKEPCT1LPVu2JKsLE/aQEqX1ra3qVJ+Sz
+ SPKvOJGKNjcN0e84TuqGrh6cmEDcT/hdMNZisdPvWA8UwXZfsT/TOGyd8MBqgGxW
+ S6JSFHXy9enyjvS+rws8U0IySlnAIEoimXi0leXXDHSQBUnLgDwx4yAJ2R63bUr0
+ pvVd9NBvS9CYHH3TETuwxtMsd3Djm1tu9/GxN78N+dTHCwOFw/RFOGKCDuM2v1P0
+ f56SdcADqiziuVn+Sj/WPL7rM7qLkySvjAqY7q5PUjcz/tltJUJwIHaV3sSB6+zO
+ KhSPhGE5ASr4dYEnxiTSD2YE7fj3+WKKShG3cpjOwgW0/Ut88zIs7zQxfHj5ZML+
+ Gh2E2LN5nb7StMBWafgvq58eTKbMCKbxev7cFjOOV86sCjqtt5LVSi7TPAtolnmL
+ yxzM+s/eZoLYITh+Zo8UERMCAwEAAQ==
+ -----END PUBLIC KEY-----
'';
};
};
From f8d1d7f938fcdeb18fc2abb97c586c1cccf6fcf1 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 23 Oct 2019 00:49:48 +0200
Subject: [PATCH 11/11] reaktor2: fix invalid character crash
---
krebs/3modules/reaktor2.nix | 3 +++
1 file changed, 3 insertions(+)
diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix
index 9ab207d88..837a9bea7 100644
--- a/krebs/3modules/reaktor2.nix
+++ b/krebs/3modules/reaktor2.nix
@@ -53,6 +53,9 @@ with import <stockholm/lib>;
systemd.services = flip mapAttrs' config.krebs.reaktor2 (_: cfg:
nameValuePair cfg.systemd-service-name {
after = [ "network.target" ];
+ environment = {
+ LC_ALL = "en_US.UTF-8";
+ };
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = cfg.username;