Merge remote-tracking branch 'prism/master'

This commit is contained in:
tv 2018-12-07 13:20:49 +01:00
commit 1d3a3c8104
39 changed files with 1059 additions and 1002 deletions

View file

@ -4,161 +4,161 @@
krebs.newsbot-js.news-spam = {
urlShortenerHost = "go.lassul.us";
feeds = pkgs.writeText "feeds" ''
[SPAM]aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews
[SPAM]allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews
[SPAM]antirez|http://antirez.com/rss|#snews
[SPAM]archlinux|http://www.archlinux.org/feeds/news/|#snews
[SPAM]ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#snews
[SPAM]augustl|http://augustl.com/atom.xml|#snews
[SPAM]bbc|http://feeds.bbci.co.uk/news/rss.xml|#snews
[SPAM]bdt_aktuelle_themen|http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss|#snews
[SPAM]bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#snews
[SPAM]bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#snews
[SPAM]bdt_pressemitteilungen|http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss|#snews
[SPAM]bitcoinpakistan|https://bitcoinspakistan.com/feed/|#snews
[SPAM]cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#snews
[SPAM]carta|http://feeds2.feedburner.com/carta-standard-rss|#snews
[SPAM]catholic_news|http://feeds.feedburner.com/catholicnewsagency/dailynews|#snews
[SPAM]cbc_busi|http://rss.cbc.ca/lineup/business.xml|#snews
[SPAM]cbc_offbeat|http://www.cbc.ca/cmlink/rss-offbeat|#snews
[SPAM]cbc_pol|http://rss.cbc.ca/lineup/politics.xml|#snews
[SPAM]cbc_tech|http://rss.cbc.ca/lineup/technology.xml|#snews
[SPAM]cbc_top|http://rss.cbc.ca/lineup/topstories.xml|#snews
[SPAM]ccc|http://www.ccc.de/rss/updates.rdf|#snews
[SPAM]chan_biz|http://boards.4chan.org/biz/index.rss|#snews
[SPAM]chan_g|http://boards.4chan.org/g/index.rss|#snews
[SPAM]chan_int|http://boards.4chan.org/int/index.rss|#snews
[SPAM]chan_sci|http://boards.4chan.org/sci/index.rss|#snews
[SPAM]chan_x|http://boards.4chan.org/x/index.rss|#snews
[SPAM]c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#snews
[SPAM]cryptogon|http://www.cryptogon.com/?feed=rss2|#snews
[SPAM]csm|http://rss.csmonitor.com/feeds/csm|#snews
[SPAM]csm_world|http://rss.csmonitor.com/feeds/world|#snews
[SPAM]danisch|http://www.danisch.de/blog/feed/|#snews
[SPAM]dod|http://www.defense.gov/news/afps2.xml|#snews
[SPAM]dwn|http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/|#snews
[SPAM]ecat|http://ecat.com/feed|#snews
[SPAM]eia_press|http://www.eia.gov/rss/press_rss.xml|#snews
[SPAM]eia_today|http://www.eia.gov/rss/todayinenergy.xml|#snews
[SPAM]embargowatch|https://embargowatch.wordpress.com/feed/|#snews
[SPAM]ethereum-comments|http://blog.ethereum.org/comments/feed|#snews
[SPAM]ethereum|http://blog.ethereum.org/feed|#snews
[SPAM]europa_ric|http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml|#snews
[SPAM]eu_survei|http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx|#snews
[SPAM]exploitdb|http://www.exploit-db.com/rss.xml|#snews
[SPAM]fars|http://www.farsnews.com/rss.php|#snews #test
[SPAM]faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#snews
[SPAM]faz_politik|http://www.faz.net/rss/aktuell/politik/|#snews
[SPAM]faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#snews
[SPAM]fbi|https://www.fbi.gov/news/rss.xml|#snews
[SPAM]fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#snews
[SPAM]fefe|http://blog.fefe.de/rss.xml|#snews
[SPAM]forbes|http://www.forbes.com/forbes/feed2/|#snews
[SPAM]forbes_realtime|http://www.forbes.com/real-time/feed2/|#snews
[SPAM]fox|http://feeds.foxnews.com/foxnews/latest|#snews
[SPAM]geheimorganisation|http://geheimorganisation.org/feed/|#snews
[SPAM]GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#snews
[SPAM]gmanet|http://www.gmanetwork.com/news/rss/news|#snews
[SPAM]golem|http://rss.golem.de/rss.php|#snews
[SPAM]google|http://news.google.com/?output=rss|#snews
[SPAM]greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#snews
[SPAM]guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#snews
[SPAM]gulli|http://ticker.gulli.com/rss/|#snews
[SPAM]hackernews|https://news.ycombinator.com/rss|#snews
[SPAM]handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#snews
[SPAM]heise|https://www.heise.de/newsticker/heise-atom.xml|#snews
[SPAM]hindu_business|http://www.thehindubusinessline.com/?service=rss|#snews
[SPAM]hindu|http://www.thehindu.com/?service=rss|#snews
[SPAM]ign|http://feeds.ign.com/ign/all|#snews
[SPAM]independent|http://www.independent.com/rss/headlines/|#snews
[SPAM]indymedia|https://de.indymedia.org/rss.xml|#snews
[SPAM]info_libera|http://www.informationliberation.com/rss.xml|#snews
[SPAM]klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#snews
[SPAM]korea_herald|http://www.koreaherald.com/rss_xml.php|#snews
[SPAM]linuxinsider|http://www.linuxinsider.com/perl/syndication/rssfull.pl|#snews
[SPAM]lisp|http://planet.lisp.org/rss20.xml|#snews
[SPAM]liveleak|http://www.liveleak.com/rss|#snews
[SPAM]lolmythesis|http://lolmythesis.com/rss|#snews
[SPAM]LtU|http://lambda-the-ultimate.org/rss.xml|#snews
[SPAM]lukepalmer|http://lukepalmer.wordpress.com/feed/|#snews
[SPAM]mit|http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss|#snews
[SPAM]mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#snews
[SPAM]nds|http://www.nachdenkseiten.de/?feed=atom|#snews
[SPAM]netzpolitik|https://netzpolitik.org/feed/|#snews
[SPAM]newsbtc|http://newsbtc.com/feed/|#snews
[SPAM]nnewsg|http://www.net-news-global.net/rss/rssfeed.xml|#snews
[SPAM]npr_busi|http://www.npr.org/rss/rss.php?id=1006|#snews
[SPAM]npr_headlines|http://www.npr.org/rss/rss.php?id=1001|#snews
[SPAM]npr_pol|http://www.npr.org/rss/rss.php?id=1012|#snews
[SPAM]npr_world|http://www.npr.org/rss/rss.php?id=1004|#snews
[SPAM]nsa|https://www.nsa.gov/rss.xml|#snews #bullerei
[SPAM]nytimes|http://rss.nytimes.com/services/xml/rss/nyt/World.xml|#snews
[SPAM]painload|https://github.com/krebs/painload/commits/master.atom|#snews
[SPAM]phys|http://phys.org/rss-feed/|#snews
[SPAM]piraten|https://www.piratenpartei.de/feed/|#snews
[SPAM]polizei_berlin|http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml|#snews
[SPAM]presse_polizei|http://www.presseportal.de/rss/polizei.rss2|#snews
[SPAM]presseportal|http://www.presseportal.de/rss/presseportal.rss2|#snews
[SPAM]prisonplanet|http://prisonplanet.com/feed.rss|#snews
[SPAM]rawstory|http://www.rawstory.com/rs/feed/|#snews
[SPAM]reddit_4chan|http://www.reddit.com/r/4chan/new/.rss|#snews
[SPAM]reddit_anticonsum|http://www.reddit.com/r/Anticonsumption/new/.rss|#snews
[SPAM]reddit_btc|http://www.reddit.com/r/Bitcoin/new/.rss|#snews
[SPAM]reddit_consp|http://reddit.com/r/conspiracy/.rss|#snews
[SPAM]reddit_haskell|http://www.reddit.com/r/haskell/.rss|#snews
[SPAM]reddit_nix|http://www.reddit.com/r/nixos/.rss|#snews
[SPAM]reddit_prog|http://www.reddit.com/r/programming/new/.rss|#snews
[SPAM]reddit_sci|http://www.reddit.com/r/science/.rss|#snews
[SPAM]reddit_tech|http://www.reddit.com/r/technology/.rss|#snews
[SPAM]reddit_tpp|http://www.reddit.com/r/twitchplayspokemon/.rss|#snews
[SPAM]reddit_world|http://www.reddit.com/r/worldnews/.rss|#snews
[SPAM]r-ethereum|http://www.reddit.com/r/ethereum/.rss|#snews
[SPAM]reuters|http://feeds.reuters.com/Reuters/worldNews|#snews
[SPAM]reuters-odd|http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml|#snews
[SPAM]rt|http://rt.com/rss/news/|#snews
[SPAM]schallurauch|http://feeds.feedburner.com/SchallUndRauch|#snews
[SPAM]sciencemag|http://news.sciencemag.org/rss/current.xml|#snews
[SPAM]scmp|http://www.scmp.com/rss/91/feed|#snews
[SPAM]sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#snews
[SPAM]shackspace|http://shackspace.de/atom.xml|#snews
[SPAM]shz_news|http://www.shz.de/nachrichten/newsticker/rss|#snews
[SPAM]sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#snews
[SPAM]sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#snews
[SPAM]sky_strange|http://feeds.skynews.com/feeds/rss/strange.xml|#snews
[SPAM]sky_tech|http://feeds.skynews.com/feeds/rss/technology.xml|#snews
[SPAM]sky_world|http://feeds.skynews.com/feeds/rss/world.xml|#snews
[SPAM]slashdot|http://rss.slashdot.org/Slashdot/slashdot|#snews
[SPAM]slate|http://feeds.slate.com/slate|#snews
[SPAM]spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#snews
[SPAM]spiegel_top|http://www.spiegel.de/schlagzeilen/tops/index.rss|#snews
[SPAM]standardmedia_ke|http://www.standardmedia.co.ke/rss/headlines.php|#snews
[SPAM]stern|http://www.stern.de/feed/standard/all/|#snews
[SPAM]stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#snews
[SPAM]sz_politik|http://rss.sueddeutsche.de/rss/Politik|#snews
[SPAM]sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#snews
[SPAM]sz_wissen|http://rss.sueddeutsche.de/rss/Wissen|#snews
[SPAM]tagesschau|http://www.tagesschau.de/newsticker.rdf|#snews
[SPAM]taz|http://taz.de/Themen-des-Tages/!p15;rss/|#snews
[SPAM]telegraph|http://www.telegraph.co.uk/rss.xml|#snews
[SPAM]telepolis|http://www.heise.de/tp/rss/news-atom.xml|#snews
[SPAM]the_insider|http://www.theinsider.org/rss/news/headlines-xml.asp|#snews
[SPAM]tigsource|http://www.tigsource.com/feed/|#snews
[SPAM]tinc|http://tinc-vpn.org/news/index.rss|#snews
[SPAM]torr_bits|http://feeds.feedburner.com/TorrentfreakBits|#snews
[SPAM]torrentfreak|http://feeds.feedburner.com/Torrentfreak|#snews
[SPAM]torr_news|http://feed.torrentfreak.com/Torrentfreak/|#snews
[SPAM]travel_warnings|http://feeds.travel.state.gov/ca/travelwarnings-alerts|#snews
[SPAM]un_afr|http://www.un.org/apps/news/rss/rss_africa.asp|#snews
[SPAM]un_am|http://www.un.org/apps/news/rss/rss_americas.asp|#snews
[SPAM]un_eu|http://www.un.org/apps/news/rss/rss_europe.asp|#snews
[SPAM]un_me|http://www.un.org/apps/news/rss/rss_mideast.asp|#snews
[SPAM]un_pac|http://www.un.org/apps/news/rss/rss_asiapac.asp|#snews
[SPAM]un_top|http://www.un.org/apps/news/rss/rss_top.asp|#snews
[SPAM]us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#snews
[SPAM]vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#snews
[SPAM]weechat|http://dev.weechat.org/feed/atom|#snews
[SPAM]xkcd|https://xkcd.com/rss.xml|#snews
[SPAM]zdnet|http://www.zdnet.com/news/rss.xml|#snews
_aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews
_allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews
_antirez|http://antirez.com/rss|#snews
_archlinux|http://www.archlinux.org/feeds/news/|#snews
_ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#snews
_augustl|http://augustl.com/atom.xml|#snews
_bbc|http://feeds.bbci.co.uk/news/rss.xml|#snews
_bdt_aktuelle_themen|http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss|#snews
_bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#snews
_bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#snews
_bdt_pressemitteilungen|http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss|#snews
_bitcoinpakistan|https://bitcoinspakistan.com/feed/|#snews
_cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#snews
_carta|http://feeds2.feedburner.com/carta-standard-rss|#snews
_catholic_news|http://feeds.feedburner.com/catholicnewsagency/dailynews|#snews
_cbc_busi|http://rss.cbc.ca/lineup/business.xml|#snews
_cbc_offbeat|http://www.cbc.ca/cmlink/rss-offbeat|#snews
_cbc_pol|http://rss.cbc.ca/lineup/politics.xml|#snews
_cbc_tech|http://rss.cbc.ca/lineup/technology.xml|#snews
_cbc_top|http://rss.cbc.ca/lineup/topstories.xml|#snews
_ccc|http://www.ccc.de/rss/updates.rdf|#snews
_chan_biz|http://boards.4chan.org/biz/index.rss|#snews
_chan_g|http://boards.4chan.org/g/index.rss|#snews
_chan_int|http://boards.4chan.org/int/index.rss|#snews
_chan_sci|http://boards.4chan.org/sci/index.rss|#snews
_chan_x|http://boards.4chan.org/x/index.rss|#snews
_c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#snews
_cryptogon|http://www.cryptogon.com/?feed=rss2|#snews
_csm|http://rss.csmonitor.com/feeds/csm|#snews
_csm_world|http://rss.csmonitor.com/feeds/world|#snews
_danisch|http://www.danisch.de/blog/feed/|#snews
_dod|http://www.defense.gov/news/afps2.xml|#snews
_dwn|http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/|#snews
_ecat|http://ecat.com/feed|#snews
_eia_press|http://www.eia.gov/rss/press_rss.xml|#snews
_eia_today|http://www.eia.gov/rss/todayinenergy.xml|#snews
_embargowatch|https://embargowatch.wordpress.com/feed/|#snews
_ethereum-comments|http://blog.ethereum.org/comments/feed|#snews
_ethereum|http://blog.ethereum.org/feed|#snews
_europa_ric|http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml|#snews
_eu_survei|http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx|#snews
_exploitdb|http://www.exploit-db.com/rss.xml|#snews
_fars|http://www.farsnews.com/rss.php|#snews #test
_faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#snews
_faz_politik|http://www.faz.net/rss/aktuell/politik/|#snews
_faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#snews
_fbi|https://www.fbi.gov/news/rss.xml|#snews
_fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#snews
_fefe|http://blog.fefe.de/rss.xml|#snews
_forbes|http://www.forbes.com/forbes/feed2/|#snews
_forbes_realtime|http://www.forbes.com/real-time/feed2/|#snews
_fox|http://feeds.foxnews.com/foxnews/latest|#snews
_geheimorganisation|http://geheimorganisation.org/feed/|#snews
_GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#snews
_gmanet|http://www.gmanetwork.com/news/rss/news|#snews
_golem|http://rss.golem.de/rss.php|#snews
_google|http://news.google.com/?output=rss|#snews
_greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#snews
_guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#snews
_gulli|http://ticker.gulli.com/rss/|#snews
_hackernews|https://news.ycombinator.com/rss|#snews
_handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#snews
_heise|https://www.heise.de/newsticker/heise-atom.xml|#snews
_hindu_business|http://www.thehindubusinessline.com/?service=rss|#snews
_hindu|http://www.thehindu.com/?service=rss|#snews
_ign|http://feeds.ign.com/ign/all|#snews
_independent|http://www.independent.com/rss/headlines/|#snews
_indymedia|https://de.indymedia.org/rss.xml|#snews
_info_libera|http://www.informationliberation.com/rss.xml|#snews
_klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#snews
_korea_herald|http://www.koreaherald.com/rss_xml.php|#snews
_linuxinsider|http://www.linuxinsider.com/perl/syndication/rssfull.pl|#snews
_lisp|http://planet.lisp.org/rss20.xml|#snews
_liveleak|http://www.liveleak.com/rss|#snews
_lolmythesis|http://lolmythesis.com/rss|#snews
_LtU|http://lambda-the-ultimate.org/rss.xml|#snews
_lukepalmer|http://lukepalmer.wordpress.com/feed/|#snews
_mit|http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss|#snews
_mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#snews
_nds|http://www.nachdenkseiten.de/?feed=atom|#snews
_netzpolitik|https://netzpolitik.org/feed/|#snews
_newsbtc|http://newsbtc.com/feed/|#snews
_nnewsg|http://www.net-news-global.net/rss/rssfeed.xml|#snews
_npr_busi|http://www.npr.org/rss/rss.php?id=1006|#snews
_npr_headlines|http://www.npr.org/rss/rss.php?id=1001|#snews
_npr_pol|http://www.npr.org/rss/rss.php?id=1012|#snews
_npr_world|http://www.npr.org/rss/rss.php?id=1004|#snews
_nsa|https://www.nsa.gov/rss.xml|#snews #bullerei
_nytimes|http://rss.nytimes.com/services/xml/rss/nyt/World.xml|#snews
_painload|https://github.com/krebs/painload/commits/master.atom|#snews
_phys|http://phys.org/rss-feed/|#snews
_piraten|https://www.piratenpartei.de/feed/|#snews
_polizei_berlin|http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml|#snews
_presse_polizei|http://www.presseportal.de/rss/polizei.rss2|#snews
_presseportal|http://www.presseportal.de/rss/presseportal.rss2|#snews
_prisonplanet|http://prisonplanet.com/feed.rss|#snews
_rawstory|http://www.rawstory.com/rs/feed/|#snews
_reddit_4chan|http://www.reddit.com/r/4chan/new/.rss|#snews
_reddit_anticonsum|http://www.reddit.com/r/Anticonsumption/new/.rss|#snews
_reddit_btc|http://www.reddit.com/r/Bitcoin/new/.rss|#snews
_reddit_consp|http://reddit.com/r/conspiracy/.rss|#snews
_reddit_haskell|http://www.reddit.com/r/haskell/.rss|#snews
_reddit_nix|http://www.reddit.com/r/nixos/.rss|#snews
_reddit_prog|http://www.reddit.com/r/programming/new/.rss|#snews
_reddit_sci|http://www.reddit.com/r/science/.rss|#snews
_reddit_tech|http://www.reddit.com/r/technology/.rss|#snews
_reddit_tpp|http://www.reddit.com/r/twitchplayspokemon/.rss|#snews
_reddit_world|http://www.reddit.com/r/worldnews/.rss|#snews
_r-ethereum|http://www.reddit.com/r/ethereum/.rss|#snews
_reuters|http://feeds.reuters.com/Reuters/worldNews|#snews
_reuters-odd|http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml|#snews
_rt|http://rt.com/rss/news/|#snews
_schallurauch|http://feeds.feedburner.com/SchallUndRauch|#snews
_sciencemag|http://news.sciencemag.org/rss/current.xml|#snews
_scmp|http://www.scmp.com/rss/91/feed|#snews
_sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#snews
_shackspace|http://shackspace.de/atom.xml|#snews
_shz_news|http://www.shz.de/nachrichten/newsticker/rss|#snews
_sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#snews
_sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#snews
_sky_strange|http://feeds.skynews.com/feeds/rss/strange.xml|#snews
_sky_tech|http://feeds.skynews.com/feeds/rss/technology.xml|#snews
_sky_world|http://feeds.skynews.com/feeds/rss/world.xml|#snews
_slashdot|http://rss.slashdot.org/Slashdot/slashdot|#snews
_slate|http://feeds.slate.com/slate|#snews
_spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#snews
_spiegel_top|http://www.spiegel.de/schlagzeilen/tops/index.rss|#snews
_standardmedia_ke|http://www.standardmedia.co.ke/rss/headlines.php|#snews
_stern|http://www.stern.de/feed/standard/all/|#snews
_stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#snews
_sz_politik|http://rss.sueddeutsche.de/rss/Politik|#snews
_sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#snews
_sz_wissen|http://rss.sueddeutsche.de/rss/Wissen|#snews
_tagesschau|http://www.tagesschau.de/newsticker.rdf|#snews
_taz|http://taz.de/Themen-des-Tages/!p15;rss/|#snews
_telegraph|http://www.telegraph.co.uk/rss.xml|#snews
_telepolis|http://www.heise.de/tp/rss/news-atom.xml|#snews
_the_insider|http://www.theinsider.org/rss/news/headlines-xml.asp|#snews
_tigsource|http://www.tigsource.com/feed/|#snews
_tinc|http://tinc-vpn.org/news/index.rss|#snews
_torr_bits|http://feeds.feedburner.com/TorrentfreakBits|#snews
_torrentfreak|http://feeds.feedburner.com/Torrentfreak|#snews
_torr_news|http://feed.torrentfreak.com/Torrentfreak/|#snews
_travel_warnings|http://feeds.travel.state.gov/ca/travelwarnings-alerts|#snews
_un_afr|http://www.un.org/apps/news/rss/rss_africa.asp|#snews
_un_am|http://www.un.org/apps/news/rss/rss_americas.asp|#snews
_un_eu|http://www.un.org/apps/news/rss/rss_europe.asp|#snews
_un_me|http://www.un.org/apps/news/rss/rss_mideast.asp|#snews
_un_pac|http://www.un.org/apps/news/rss/rss_asiapac.asp|#snews
_un_top|http://www.un.org/apps/news/rss/rss_top.asp|#snews
_us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#snews
_vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#snews
_weechat|http://dev.weechat.org/feed/atom|#snews
_xkcd|https://xkcd.com/rss.xml|#snews
_zdnet|http://www.zdnet.com/news/rss.xml|#snews
'';
};
}

View file

@ -8,7 +8,7 @@ let
out = {
options.krebs.Reaktor = api;
config = imp;
config = mkIf (cfg != {}) imp;
};
api = mkOption {

View file

@ -143,12 +143,12 @@ let
) cfg.servers;
users.extraUsers.bepasty = {
uid = genid "bepasty";
uid = genid_uint31 "bepasty";
group = "bepasty";
home = "/var/lib/bepasty-server";
};
users.extraGroups.bepasty = {
gid = genid "bepasty";
gid = genid_uint31 "bepasty";
};
};

View file

@ -109,6 +109,7 @@ let
};
imp = lib.mkMerge [
{ krebs = import ./external { inherit config; }; }
{ krebs = import ./jeschli { inherit config; }; }
{ krebs = import ./krebs { inherit config; }; }
{ krebs = import ./lass { inherit config; }; }

312
krebs/3modules/external/default.nix vendored Normal file
View file

@ -0,0 +1,312 @@
{ config, ... }:
with import <stockholm/lib>;
{
hosts = mapAttrs (_: recursiveUpdate {
ci = false;
external = true;
monitoring = false;
}) {
sokrateslaptop = {
owner = config.krebs.users.sokratess;
nets = {
retiolum = {
ip4.addr = "10.243.142.104";
ip6.addr = "42:f8a1:044d:0f75:9d73:56d8:f432:c6cc";
aliases = [
"sokrateslaptop.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2
t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ
rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW
egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5
aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V
VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
};
kruck = {
owner = config.krebs.users.palo;
nets = {
retiolum = {
ip4.addr = "10.243.29.201";
ip6.addr = "42:4234:6a6d:600::1";
aliases = [
"kruck.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh
QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA
EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U
uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/
/RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR
9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s
qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH
gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj
jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs
fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5
TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
scardanelli = {
owner = config.krebs.users.kmein;
nets = {
retiolum = {
ip4.addr = "10.243.2.2";
ip6.addr = "42:2:5ca:da:3111::1";
aliases = [
"scardanelli.r"
];
tinc.pubkey = ''
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxM93+YgGhk5PtcOrE7E/
MAOMF/c9c4Ps6m8xd4VZat3ru07yH8Yfox1yM6jwZBwIwK2AC9DK0/k3WIvZQUge
UKSTiXpE4z/0ceaesugLQ9KTjUty1e/2vQ78bOqmd7EG3aPV2QsjlgpjJ6qQxeFi
kjlHoFi9NNBLVkIyaAdlAhwvZuYFmAY/FQEmm6+XOb+Nmo+fccQlG6+NinA2GOg0
gdY/dKYxa04Ns/yu7TK3sBQIt6cg/YUk9VpyC4yIIRPMdyVcAPz3Kd2mp23fhSvx
we80prWXYtdct4vXaBZm9FUY5y4SL3c0TEScuM73VXtr2tPAxjD5W4XMWhrjnIiY
QzoyAquVS9rR4fCaoP+hw3Tjy7Att3voa/YlHEDaendxjZ3nuO0m0vcgOa+SfCNm
SqLsqb8to1y8yJ8LnR2og4MbtasxqSe1L9VLTsb4k/AGfmAdlqyG4Q1h5pCBh0GL
2F6FbYHzwrwqBvVCz4DTPygPtta5o7THpP50PgojtzNLm1yKWpfdcWeMgGQJSI0f
m3yenytM1u0jjw7KbBG79Z3etFNIYZy4Uq/dryEJnwpTFls+zZn9Q3tDEnO4a38Q
FgzV0VLQpRM/uf1powSDzoWp+/JYgB9464OKcTsSlVJpi3crxF86xFqqc39U2/u5
lM61fOMcVW1KREdWypiDtu8CAwEAAQ==
-----END PUBLIC KEY-----
'';
};
};
};
homeros = {
owner = config.krebs.users.kmein;
nets = {
retiolum = {
ip4.addr = "10.243.2.1";
ip6.addr = "42:2::0:3:05::1";
aliases = [
"homeros.r"
];
tinc.pubkey = ''
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd
ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc
6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v
RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd
vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3
+LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc
QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm
fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh
VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7
k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX
gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N
mJ/hywVtvLxNkNimyztoKKMCAwEAAQ==
-----END PUBLIC KEY-----
'';
};
};
};
turingmachine = {
owner = config.krebs.users.Mic92;
nets = {
retiolum = {
ip4.addr = "10.243.29.168";
ip6.addr = "42:4992:6a6d:600::1";
aliases = [
"turingmachine.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAxh+5HD1oAFTvMWEra2pYrA3HF8T4EnkP917lIUiuN7xUj7sawu0C
t1/1IfIlH9dbxgFe5CD/gXvokxHdovPTGVH11L+thZgq6hg/xbYvZAl76yLxj7t9
6+Ocac08TQZYMqWKShz5jqTVE/DLz4Cdy0Qk9sMJ1++OmH8jsWgK5BkogF99Gwf8
ZiI0t3n3lCZsm3v592lveDcVIh6hjuCIvFVxc+7cOj0MKm1LxLWbCHZlUIE3he4g
nZu4XiYaE4Y2LicMs8zKehnQkkXrP1amT56SqUfbSnWR+HZc2+KjwRDI5BPeTS06
5WHwkQs0ScOn7vFZci3rElIc7vilu2eKGF1VLce9kXw9SU2RFciqavaEUXbwPnwT
1WF35Ct+qIOP0rXoObm6mrsj7hJnlBPlVpb58/kTxLHMSHPzqQRbFZ35f6tZodJ1
gRMKKEnMX8/VWm6TqLUIpFCCTZ5PH1fxaAnulHCxksK03UyfUOvExCTU4x8KS9fl
DIoLlV9PFBlAW8mTuIgRKYtHacsc31/5Tehcx0If09NuMFT9Qfl2/Q3p6QJomRFL
W5SCP9wx2ONhvZUkRbeihBiTN5/h3DepjOeNWd1DvE6K0Ag8SXMyBGtyKfer4ykW
OR0iCiRQQ5QBmNuJrBLRUyfoPqFUXBATT1SrRj8vzXO1TjTmANEMFD0CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
eddie = {
owner = config.krebs.users.Mic92;
nets = rec {
internet = {
# eddie.thalheim.io
ip4.addr = "129.215.197.11";
aliases = [ "eddie.i" ];
};
retiolum = rec {
via = internet;
addrs = [
ip4.addr
ip6.addr
];
ip4.addr = "10.243.29.170";
ip6.addr = "42:4992:6a6d:700::1";
aliases = [ "eddie.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d
j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm
3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF
2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua
KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq
iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t
6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD
kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u
hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay
pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ
lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.subnets = [
# edinburgh university
"129.215.0.0/16"
];
};
};
};
rock = {
owner = config.krebs.users.Mic92;
nets = {
retiolum = {
ip4.addr = "10.243.29.171";
ip6.addr = "42:4992:6a6d:700::2";
aliases = [ "rock.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM
DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7
HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh
mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf
Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M
Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD
91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4
fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv
3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav
ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q
cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
inspector = {
owner = config.krebs.users.Mic92;
nets = rec {
internet = {
ip4.addr = "141.76.44.154";
aliases = [ "inspector.i" ];
};
retiolum = {
via = internet;
ip4.addr = "10.243.29.172";
ip6.addr = "42:4992:6a6d:800::1";
aliases = [ "inspector.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAr3l/u7qcxmFa2hUICU3oPDhB2ij2R3lKHyjSsVFVLNfl6TpOdppG
EDXOapeXL0s+PfBRHdRI3v/dibj4PG9eyKmFxsUJ2gRz4ghb1UE23aQ3pkr3x8sZ
7GR+nJYATYf+jolFF9O1x+f0Uo5xaYWkGOMH8wVVzm6+kcsZOYuTEbJAsbTRZywF
m1MdRfk54hLiDsj2rjGRZIR+ZfUKVs2MTWOLCpBAHLJK+r3HfUiR2nAgeNkJCFLw
WIir1ftDIViT3Ly6b7enaOkVZ695FNYdPWFZCE4AJI0s9wsbMClzUqCl+0mUkumd
eRXgWXkmvBsxR4GECnxUhxs6U8Wh3kbQavvemt4vcIKNhkw32+toYc1AFK/n4G03
OUJBbRqgJYx9wIvo8PEu4DTTdsPlQZnMwiaKsn+Gi4Ap6JAnG/iLN8sChoQf7Dau
ARZA3sf9CkKx5sZ+9dVrLbzGynKE18Z/ysvf1BLd/rVVOps1B/YRBxDwPj8MZJ0x
B7b0j+hRVV5palp3RRdcExuWaBrMQQGsXwLUZOFHJJaZUHF9XRdy+5XVJdNOArkG
q1+yGhosL1DLTQE/VwCxmBHyYTr3L7yZ2lSaeWdIeYvcRvouDROUjREVFrQjdqwj
7vIP1cvDxSSqA07h/xEC4YZKACBYc/PI2mqYK5dvAUG3mGrEsjHktPUCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
dpdkm = {
owner = config.krebs.users.Mic92;
nets = rec {
retiolum = {
ip4.addr = "10.243.29.173";
ip6.addr = "42:4992:6a6d:900::1";
aliases = [ "dpdkm.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj
NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp
qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP
X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn
f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa
bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL
Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T
B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w
tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n
dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls
mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
eve = {
owner = config.krebs.users.Mic92;
nets = rec {
internet = {
# eve.thalheim.io
ip4.addr = "188.68.39.17";
ip6.addr = "2a03:4000:13:31e::1";
aliases = [ "eve.i" ];
};
retiolum = rec {
via = internet;
addrs = [
ip4.addr
ip6.addr
];
ip4.addr = "10.243.29.174";
ip6.addr = "42:4992:6a6d:a00::1";
aliases = [ "eve.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82
08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk
6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI
+xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3
dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW
pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP
c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi
YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI
61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13
Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
};
users = {
Mic92 = {
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE";
mail = "joerg@higgsboson.tk";
};
kmein = {
};
palo = {
};
sokratess = {
};
};
}

View file

@ -53,7 +53,7 @@ let
imp = {
users.users.fetchWallpaper = {
name = "fetchWallpaper";
uid = genid "fetchWallpaper";
uid = genid_uint31 "fetchWallpaper";
description = "fetchWallpaper user";
home = cfg.stateDir;
createHome = true;

View file

@ -427,7 +427,7 @@ let
system.activationScripts.cgit = ''
mkdir -m 0770 -p ${cfg.cgit.settings.cache-root}
chmod 0770 ${cfg.cgit.settings.cache-root}
chown ${toString cfg.cgit.fcgiwrap.user.uid}:${toString cfg.cgit.fcgiwrap.group.gid} ${cfg.cgit.settings.cache-root}
chown ${toString cfg.cgit.fcgiwrap.user.name}:${toString cfg.cgit.fcgiwrap.group.name} ${cfg.cgit.settings.cache-root}
'';
services.nginx.virtualHosts.cgit = {

View file

@ -129,29 +129,10 @@ with import <stockholm/lib>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
};
domsen-nas = {
ci = false;
monitoring = false;
external = true;
nets = rec {
internet = {
aliases = [
"domsen-nas.internet"
];
ip4.addr = "87.138.180.167";
ssh.port = 2223;
};
};
};
uriel = {
monitoring = false;
cores = 1;
nets = {
gg23 = {
ip4.addr = "10.23.1.12";
aliases = ["uriel.gg23"];
ssh.port = 45621;
};
retiolum = {
ip4.addr = "10.243.81.176";
ip6.addr = "42:dc25:60cf:94ef:759b:d2b6:98a9:2e56";
@ -178,11 +159,6 @@ with import <stockholm/lib>;
mors = {
cores = 2;
nets = {
gg23 = {
ip4.addr = "10.23.1.11";
aliases = ["mors.gg23"];
ssh.port = 45621;
};
retiolum = {
ip4.addr = "10.243.0.2";
ip6.addr = "42:0:0:0:0:0:0:dea7";
@ -351,258 +327,6 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzb9BPFClubs6wSOi/ivqPFVPlowXwAxBS0jHaB29hX";
};
iso = {
monitoring = false;
ci = false;
cores = 1;
};
sokrateslaptop = {
monitoring = false;
ci = false;
external = true;
nets = {
retiolum = {
ip4.addr = "10.243.142.104";
ip6.addr = "42:f8a1:044d:0f75:9d73:56d8:f432:c6cc";
aliases = [
"sokrateslaptop.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2
t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ
rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW
egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5
aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V
VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
};
kruck = {
monitoring = false;
ci = false;
external = true;
nets = {
retiolum = {
ip4.addr = "10.243.29.201";
ip6.addr = "42:4234:6a6d:600::1";
aliases = [
"kruck.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh
QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA
EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U
uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/
/RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR
9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s
qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH
gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj
jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs
fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5
TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
turingmachine = {
monitoring = false;
ci = false;
external = true;
nets = {
retiolum = {
ip4.addr = "10.243.29.168";
ip6.addr = "42:4992:6a6d:600::1";
aliases = [
"turingmachine.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAxh+5HD1oAFTvMWEra2pYrA3HF8T4EnkP917lIUiuN7xUj7sawu0C
t1/1IfIlH9dbxgFe5CD/gXvokxHdovPTGVH11L+thZgq6hg/xbYvZAl76yLxj7t9
6+Ocac08TQZYMqWKShz5jqTVE/DLz4Cdy0Qk9sMJ1++OmH8jsWgK5BkogF99Gwf8
ZiI0t3n3lCZsm3v592lveDcVIh6hjuCIvFVxc+7cOj0MKm1LxLWbCHZlUIE3he4g
nZu4XiYaE4Y2LicMs8zKehnQkkXrP1amT56SqUfbSnWR+HZc2+KjwRDI5BPeTS06
5WHwkQs0ScOn7vFZci3rElIc7vilu2eKGF1VLce9kXw9SU2RFciqavaEUXbwPnwT
1WF35Ct+qIOP0rXoObm6mrsj7hJnlBPlVpb58/kTxLHMSHPzqQRbFZ35f6tZodJ1
gRMKKEnMX8/VWm6TqLUIpFCCTZ5PH1fxaAnulHCxksK03UyfUOvExCTU4x8KS9fl
DIoLlV9PFBlAW8mTuIgRKYtHacsc31/5Tehcx0If09NuMFT9Qfl2/Q3p6QJomRFL
W5SCP9wx2ONhvZUkRbeihBiTN5/h3DepjOeNWd1DvE6K0Ag8SXMyBGtyKfer4ykW
OR0iCiRQQ5QBmNuJrBLRUyfoPqFUXBATT1SrRj8vzXO1TjTmANEMFD0CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
eddie = {
monitoring = false;
ci = false;
external = true;
nets = rec {
internet = {
# eddie.thalheim.io
ip4.addr = "129.215.197.11";
aliases = [ "eddie.i" ];
};
retiolum = rec {
via = internet;
addrs = [
ip4.addr
ip6.addr
];
ip4.addr = "10.243.29.170";
ip6.addr = "42:4992:6a6d:700::1";
aliases = [ "eddie.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d
j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm
3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF
2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua
KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq
iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t
6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD
kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u
hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay
pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ
lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.subnets = [
# edinburgh university
"129.215.0.0/16"
];
};
};
};
rock = {
monitoring = false;
ci = false;
external = true;
nets = {
retiolum = {
ip4.addr = "10.243.29.171";
ip6.addr = "42:4992:6a6d:700::2";
aliases = [ "rock.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM
DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7
HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh
mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf
Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M
Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD
91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4
fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv
3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav
ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q
cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
inspector = {
monitoring = false;
ci = false;
external = true;
nets = rec {
internet = {
ip4.addr = "141.76.44.154";
aliases = [ "inspector.i" ];
};
retiolum = {
via = internet;
ip4.addr = "10.243.29.172";
ip6.addr = "42:4992:6a6d:800::1";
aliases = [ "inspector.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAr3l/u7qcxmFa2hUICU3oPDhB2ij2R3lKHyjSsVFVLNfl6TpOdppG
EDXOapeXL0s+PfBRHdRI3v/dibj4PG9eyKmFxsUJ2gRz4ghb1UE23aQ3pkr3x8sZ
7GR+nJYATYf+jolFF9O1x+f0Uo5xaYWkGOMH8wVVzm6+kcsZOYuTEbJAsbTRZywF
m1MdRfk54hLiDsj2rjGRZIR+ZfUKVs2MTWOLCpBAHLJK+r3HfUiR2nAgeNkJCFLw
WIir1ftDIViT3Ly6b7enaOkVZ695FNYdPWFZCE4AJI0s9wsbMClzUqCl+0mUkumd
eRXgWXkmvBsxR4GECnxUhxs6U8Wh3kbQavvemt4vcIKNhkw32+toYc1AFK/n4G03
OUJBbRqgJYx9wIvo8PEu4DTTdsPlQZnMwiaKsn+Gi4Ap6JAnG/iLN8sChoQf7Dau
ARZA3sf9CkKx5sZ+9dVrLbzGynKE18Z/ysvf1BLd/rVVOps1B/YRBxDwPj8MZJ0x
B7b0j+hRVV5palp3RRdcExuWaBrMQQGsXwLUZOFHJJaZUHF9XRdy+5XVJdNOArkG
q1+yGhosL1DLTQE/VwCxmBHyYTr3L7yZ2lSaeWdIeYvcRvouDROUjREVFrQjdqwj
7vIP1cvDxSSqA07h/xEC4YZKACBYc/PI2mqYK5dvAUG3mGrEsjHktPUCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
dpdkm = {
monitoring = false;
ci = false;
external = true;
nets = rec {
retiolum = {
ip4.addr = "10.243.29.173";
ip6.addr = "42:4992:6a6d:900::1";
aliases = [ "dpdkm.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj
NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp
qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP
X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn
f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa
bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL
Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T
B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w
tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n
dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls
mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
eve = {
monitoring = false;
ci = false;
external = true;
nets = rec {
internet = {
# eve.thalheim.io
ip4.addr = "188.68.39.17";
ip6.addr = "2a03:4000:13:31e::1";
aliases = [ "eve.i" ];
};
retiolum = rec {
via = internet;
addrs = [
ip4.addr
ip6.addr
];
ip4.addr = "10.243.29.174";
ip6.addr = "42:4992:6a6d:a00::1";
aliases = [ "eve.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82
08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk
6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI
+xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3
dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW
pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP
c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi
YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI
61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13
Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
xerxes = {
cores = 2;
nets = rec {
@ -644,47 +368,6 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n";
};
cabal = {
cores = 2;
nets = rec {
retiolum = {
ip4.addr = "10.243.1.4";
ip6.addr = "42::1:4";
aliases = [
"cabal.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEAukXm8xPpC6/F+wssYqQbqt1QDwsPrF3TJ9ToLFcN1WgDlhDhjM3A
SuRDMNjRT1fvVTuXyplH5g16eokW/yLOpNnznMS3/VR372pLPEOqfuRf7wAy18jj
rZkW3EO7nyZ8KMb+SXA8Q0KIpHY50Ezh+tqGoTZDICwoK6N5dKLgAZShS55JXwwK
qRG3vyzV3mDjgVyT0FNfyL1/BN1qvJ+tQQ40lEbkcQauMunMzNbH058kAd6H2/0e
LK4JkxI9XpZHE6Pf1epXyClHW7vT7APFRp9gL9tZS/XMC18+aEMFfQrNW9jb3FIq
rU5MfJ7aubboe7dT6CRaRSWpduiKLVzY/JCoGvUziyvmR7qHsQWTEjtNuQX9joc3
6iq1o+gmLV0G8Xwq8cEcg5USlLxNsGBQPwYnTG6iTPPHqOv7BKucekE/opnVZseE
fSNCGl1+tGwa3soSMI97LkpQTZxdeqf+jWZve0RbSa2Ihyod91ldFCqi1+PZx68v
yBI0PJamlt+dBx6WQKbPngWYeD8hXo7tg0XVRVa3ZQyX+Mq6uCCb2GM8ewMUPl+A
kcY1osFt6+sdkFGdiv3FMyijAiZumPoPprXC/4SGIsMnkoI4JfSAbTpHi2QuesqR
KMeairdB7XGUYlMvWpDLKN2dbMdRc+l3kDUKT7hALjKeyWS/27WYeK/STxvZXEXi
TZGHopvOFv6wcrb6nI49vIJo5mDLFamAPN3ZjeR20wP95UP7cUUSaTYX49M4lX6U
oL5BaFrcLn2PTvS84pUxcXKAp70FgTpvGJbaWwETgDjW+H+qlGmI/BTejpL7flVs
TOtaP/uCMxhVZSFv9bzo0ih10o+4gtU8lqxfJsVxlf2K7LVZ++LQba/u+XxRY+xw
3IFBfg34tnO6zYlV8XgAiJ6IUOHUZANsuBD4iMoFSVOig6t5eIOkgXR6GEkP8FBD
rkroRMmxcu4lTCOzWIuAVOxCd4XXguoGQ4HAzpGd5ccdcb8Ev4RYEvNJY7B5tIQZ
4J0F9ECzJuSu1HvWTL+T6a36d2MDTkXU2IJ2tSHciXqiP+QMMF7p9Ux0tiAq4mtf
luA94uKWg3cSyTyEM/jF66CgO6Ts3AivNE0MRNupV6AbUdr+TjzotGn9rxi168py
w/49OVbpR9EIGC2wxx7qcSEk5chFOcgvNQMRqgIx51bbOL7JYb0f4XuA38GUqLkG
09PXmPeyqGzR9HsV2XZDprZdD3Dy4ojdexw0+YILg9bHaAxLHYs6WFZvzfaLLsf1
K2I39vvrEEOy8tHi4jvMk7oVX6RWG+DOZMeXTvyUCaBHyYkA0eDlC6NeKOHxnW/g
ZtN1W93UdklEqc5okM0/ZIke1HDRt3ZLdQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
secure = true;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPsTeSAedrbp7/KmZX8Mvka702fIUy77Mvqo9HwzCbym";
};
red = {
monitoring = false;
cores = 1;
@ -716,6 +399,36 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd/6eCR8yxC14zBJLIQgVa4Zbutv5yr2S8k08ztmBpp";
};
yellow = {
cores = 1;
nets = {
retiolum = {
ip4.addr = "10.243.0.14";
ip6.addr = "42:0:0:0:0:0:0:14";
aliases = [
"yellow.r"
];
tinc.pubkey = ''
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6lHmzq8+04h3zivJmIbP
MkYiW7KflcTWQrl/4jJ7DVFbrtS6BSSI0wIibW5ygtLrp2nYgWv1jhg7K9q8tWMY
b6tDv/ze02ywCwStbjytW3ymSZUJlRkK2DQ4Ld7JEyKmLQIjxXYah+2P3QeUxLfU
Uwk6vSRuTlcb94rLFOrCUDRy1cZC73ZmtdbEP2UZz3ey6beo3l/K5O4OOz+lNXgd
OXPls4CeNm6NYhSGTBomS/zZBzGqb+4sOtLSPraNQuc75ZVpT8nFa/7tLVytWCOP
vWglPTJOyQSygSoVwGU9I8pq8xF1aTE72hLGHprIJAGgQE9rmS9/3mbiGLVZpny6
C6Q9t6vkYBRb+jg3WozIXdUvPP19qTEFaeb08kAuf1xhjZhirfDQjI7K6SFaDOUp
Y/ZmCrCuaevifaXYza/lM+4qhPXmh82WD5ONOhX0Di98HBtij2lybIRUG/io4DAU
52rrNAhRvMkUTBRlGG6LPC4q6khjuYgo9uley5BbyWWbCB1A9DUfbc6KfLUuxSwg
zLybZs/SHgXw+pJSXNgFJTYGv1i/1YQdpnbTgW4QsEp05gb+gA9/6+IjSIJdJE3p
DSZGcJz3gNSR1vETk8I2sSC/N8wlYXYV7wxQvSlQsehfEPrFtXM65k3RWzAAbNIJ
Akz4E3+xLVIMqKmHaGWi0usCAwEAAQ==
-----END PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC03TCO73NQZHo7NKZiVJp2iiUbe6PQP14Kg3Bnlkqje ";
};
blue = {
cores = 1;
nets = {
@ -789,9 +502,6 @@ with import <stockholm/lib>;
mail = "lass@daedalus.r";
pubkey = builtins.readFile ./ssh/daedalus.rsa;
};
fritz = {
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540";
};
prism-repo-sync = {
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhpCKTnSq6VDJPB+0NiHu2ZxSKEIxHN6uPAPnbXYNCe";
mail = "lass@prism.r";
@ -800,14 +510,8 @@ with import <stockholm/lib>;
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv6N/UjFnX5vUicT9Sw0+3x4mR0760iaVWZ/JDtdV4h";
mail = "lass@mors.r";
};
sokratess = {
};
wine-mors = {
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEKfTIKmbe1RjX1fjAn//08363zAsI0CijWnaYyAC842";
};
Mic92 = {
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE";
mail = "joerg@higgsboson.tk";
};
};
}

View file

@ -77,7 +77,190 @@ let
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.realwallpaper}/realwallpaper.sh";
ExecStart = pkgs.writeDash "generate-wallpaper" ''
set -xeuf
# usage: getimg FILENAME URL
fetch() {
echo "fetch $1"
curl -LsS -z "$1" -o "$1" "$2"
}
# usage: check_type FILENAME TYPE
check_type() {
if ! file -ib "$1" | grep -q "^$2/"; then
echo "$1 is not of type $2" >&2
rm "$1"
return 1
fi
}
# usage: image_size FILENAME
image_size() {
identify "$1" | awk '{print$3}'
}
# usage: make_mask DST SRC MASK
make_layer() {
if needs_rebuild "$@"; then
echo "make $1 (apply mask)" >&2
convert "$2" "$3" -alpha off -compose copy_opacity -composite "$1"
fi
}
# usage: flatten DST HILAYER LOLAYER
flatten() {
if needs_rebuild "$@"; then
echo "make $1 (flatten)" >&2
composite "$2" "$3" "$1"
fi
}
# usage: needs_rebuild DST SRC...
needs_rebuild() {
a="$1"
shift
if ! test -e "$a"; then
#echo " $a does not exist" >&2
result=0
else
result=1
for b; do
if test "$b" -nt "$a"; then
#echo " $b is newer than $a" >&2
result=0
fi
done
fi
#case $result in
# 0) echo "$a needs rebuild" >&2;;
#esac
return $result
}
main() {
cd ${cfg.workingDir}
# fetch source images in parallel
fetch nightmap-raw.jpg \
${cfg.nightmap} &
fetch daymap-raw.png \
${cfg.daymap} &
fetch clouds-raw.jpg \
${cfg.cloudmap} &
fetch marker.json \
${cfg.marker} &
wait
check_type nightmap-raw.jpg image
check_type daymap-raw.png image
check_type clouds-raw.jpg image
in_size=2048x1024
xplanet_out_size=1466x1200
out_geometry=1366x768+100+160
nightsnow_color='#0c1a49' # nightmap
for raw in \
nightmap-raw.jpg \
daymap-raw.png \
clouds-raw.jpg \
;
do
normal=''${raw%-raw.*}.png
if needs_rebuild $normal $raw; then
echo "make $normal; normalize $raw" >&2
convert $raw -scale $in_size $normal
fi
done
# create nightmap-fullsnow
if needs_rebuild nightmap-fullsnow.png; then
convert -size $in_size xc:$nightsnow_color nightmap-fullsnow.png
fi
# extract daymap-snowmask from daymap-final
if needs_rebuild daymap-snowmask.png daymap.png; then
convert daymap.png -threshold 95% daymap-snowmask.png
fi
# extract nightmap-lightmask from nightmap
if needs_rebuild nightmap-lightmask.png nightmap.png; then
convert nightmap.png -threshold 25% nightmap-lightmask.png
fi
# create layers
make_layer nightmap-snowlayer.png nightmap-fullsnow.png daymap-snowmask.png
make_layer nightmap-lightlayer.png nightmap.png nightmap-lightmask.png
# apply layers
flatten nightmap-lightsnowlayer.png \
nightmap-lightlayer.png \
nightmap-snowlayer.png
flatten nightmap-final.png \
nightmap-lightsnowlayer.png \
nightmap.png
# create marker file from json
if [ -s marker.json ]; then
jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude)"' marker.json > marker_file
fi
# make all unmodified files as final
for normal in \
daymap.png \
clouds.png \
;
do
final=''${normal%.png}-final.png
needs_rebuild $final &&
ln $normal $final
done
# rebuild every time to update shadow
xplanet --num_times 1 --geometry $xplanet_out_size \
--output xplanet-output.png --projection merc \
-config ${pkgs.writeText "xplanet.config" ''
[earth]
"Earth"
map=daymap-final.png
night_map=nightmap-final.png
cloud_map=clouds-final.png
cloud_threshold=10
shade=15
''}
xplanet --num_times 1 --geometry $xplanet_out_size \
--output xplanet-krebs-output.png --projection merc \
-config ${pkgs.writeText "xplanet-krebs.config" ''
[earth]
"Earth"
map=daymap-final.png
night_map=nightmap-final.png
cloud_map=clouds-final.png
cloud_threshold=10
marker_file=marker_file
shade=15
''}
# trim xplanet output
if needs_rebuild realwallpaper.png xplanet-output.png; then
convert xplanet-output.png -crop $out_geometry \
realwallpaper-tmp.png
mv realwallpaper-tmp.png realwallpaper.png
fi
if needs_rebuild realwallpaper-krebs.png xplanet-krebs-output.png; then
convert xplanet-krebs-output.png -crop $out_geometry \
realwallpaper-krebs-tmp.png
mv realwallpaper-krebs-tmp.png realwallpaper-krebs.png
fi
}
main "$@"
'';
User = "realwallpaper";
};
};

View file

@ -124,7 +124,7 @@ let
};
users.extraUsers.tinc_graphs = {
uid = genid "tinc_graphs";
uid = genid_uint31 "tinc_graphs";
home = "/var/spool/tinc_graphs";
};
services.nginx = mkIf cfg.nginx.enable {

View file

@ -1,24 +0,0 @@
{ stdenv, fetchgit, xplanet, imagemagick, curl, file }:
stdenv.mkDerivation {
name = "realwallpaper";
src = fetchgit {
url = https://github.com/Lassulus/realwallpaper;
rev = "847faebc9b7e87e4bea078e3a2304ec00b4cdfc0";
sha256 = "10zihkwj9vpshlxw2jk67zbsy8g4i8b1y4jzna9fdcsgn7s12jrr";
};
phases = [
"unpackPhase"
"installPhase"
];
buildInputs = [
];
installPhase = ''
mkdir -p $out
cp realwallpaper.sh $out/realwallpaper.sh
'';
}

View file

@ -6,26 +6,10 @@ with import <stockholm/lib>;
<stockholm/lass>
<stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/libvirt.nix>
{
services.nginx.enable = true;
imports = [
<stockholm/lass/2configs/websites/domsen.nix>
<stockholm/lass/2configs/websites/lassulus.nix>
];
# needed by domsen.nix ^^
lass.usershadow = {
enable = true;
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport http"; target = "ACCEPT"; }
{ predicate = "-p tcp --dport https"; target = "ACCEPT"; }
];
}
{ # TODO make new hfos.nix out of this vv
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
users.users.riot = {
uid = genid "riot";
uid = genid_uint31 "riot";
isNormalUser = true;
extraGroups = [ "libvirtd" ];
openssh.authorizedKeys.keys = [
@ -42,153 +26,7 @@ with import <stockholm/lib>;
{ v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.179"; }
];
}
{
users.users.tv = {
uid = genid "tv";
isNormalUser = true;
openssh.authorizedKeys.keys = [
config.krebs.users.tv.pubkey
];
};
users.users.makefu = {
uid = genid "makefu";
isNormalUser = true;
openssh.authorizedKeys.keys = [
config.krebs.users.makefu.pubkey
];
};
users.extraUsers.dritter = {
uid = genid "dritter";
isNormalUser = true;
extraGroups = [
"download"
];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnqOWDDk7QkSAvrSLkEoz7dY22+xPyv5JDn2zlfUndfavmTMfZvPx9REMjgULbcCSM4m3Ncf40yUjciDpVleGoEz82+p/ObHAkVWPQyXRS3ZRM2IJJultBHEFc61+61Pi8k3p5pBhPPaig6VncJ4uUuuNqen9jqLesSTVXNtdntU2IvnC8B8k1Kq6fu9q1T2yEOMxkD31D5hVHlqAly0LdRiYvtsRIoCSmRvlpGl70uvPprhQxhtoiEUeDqmIL7BG9x7gU0Swdl7R0/HtFXlFuOwSlNYDmOf/Zrb1jhOpj4AlCliGUkM0iKIJhgH0tnJna6kfkGKHDwuzITGIh6SpZ dritter@Janeway"
];
};
users.extraUsers.juhulian = {
uid = 1339;
isNormalUser = true;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBQhLGvfv4hyQ/nqJGy1YgHXPSVl6igeWTroJSvAhUFgoh+rG+zvqY0EahKXNb3sq0/OYDCTJVuucc0hgCg7T2KqTqMtTb9EEkRmCFbD7F7DWZojCrh/an6sHneqT5eFvzAPZ8E5hup7oVQnj5P5M3I9keRHBWt1rq6q0IcOEhsFvne4qJc73aLASTJkxzlo5U8ju3JQOl6474ECuSn0lb1fTrQ/SR1NgF7jV11eBldkS8SHEB+2GXjn4Yrn+QUKOnDp+B85vZmVlJSI+7XR1/U/xIbtAjGTEmNwB6cTbBv9NCG9jloDDOZG4ZvzzHYrlBXjaigtQh2/4mrHoKa5eV juhulian@juhulian"
];
};
users.users.hellrazor = {
uid = genid "hellrazor";
isNormalUser = true;
extraGroups = [
"download"
];
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQFaYOWRUvHP6I37q9Dd4PJOq8FNQqAeJZ8pLx0G62uC450kbPGcG80rHHvXmk7HqQP6biJmMg48bOsvXAScPot2Qhp1Qc35CuUqVhLiTvUAsi8l/iJjhjZ23yRGDCAmW5+JIOzIvECkcbMnG7YoYAQ9trNGHe9qwGzQGhpt3QVClE23WtE3PVKRLQx1VbiabSnAm6tXVd2zpUoSdpWt8Gpi2taM4XXJ5+l744MNxFHvDapN5xqpYzwrA34Ii13jNLWcGbtgxESpR+VjnamdWByrkBsW4X5/xn2K1I1FrujaM/DBHV1QMaDKst9V8+uL5X7aYNt0OUBu2eyZdg6aujY2BYovB9uRyR1JIuSbA/a54MM96yN9WirMUufJF/YZrV0L631t9EW8ORyWUo1GRzMuBHVHQlfApj7NCU/jEddUuTqKgwyRgTmMFMUI4M0tRULAB/7pBE1Vbcx9tg6RsKIk8VkskfbBJW9Y6Sx6YoFlxPdgMNIrBefqEjIV62piP7YLMlvfIDCJ7TNd9dLN86XGggZ/nD5zt6SL1o61vVnw9If8pHosppxADPJsJvcdN6fOe16/tFAeE0JRo0jTcyFVTBGfhpey+rFfuW8wtUyuO5WPUxkOn7xMHGMWHJAtWX2vwVIDtLxvqn48B4SmEOpPD6ii+vcpwqAex3ycqBUQ==" ];
};
}
{
#hotdog
systemd.services."container@hotdog".reloadIfChanged = mkForce false;
containers.hotdog = {
config = { ... }: {
imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
];
};
autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.1";
localAddress = "10.233.2.2";
};
}
<stockholm/lass/2configs/exim-smarthost.nix>
<stockholm/lass/2configs/ts3.nix>
<stockholm/lass/2configs/privoxy-retiolum.nix>
<stockholm/lass/2configs/radio.nix>
<stockholm/lass/2configs/binary-cache/server.nix>
<stockholm/lass/2configs/iodined.nix>
<stockholm/lass/2configs/paste.nix>
<stockholm/lass/2configs/syncthing.nix>
<stockholm/lass/2configs/ciko.nix>
<stockholm/lass/2configs/container-networking.nix>
<stockholm/lass/2configs/monitoring/prometheus-server.nix>
{ # quasi bepasty.nix
imports = [
<stockholm/lass/2configs/bepasty.nix>
];
krebs.bepasty.servers."paste.r".nginx.extraConfig = ''
if ( $server_addr = "${config.krebs.build.host.nets.internet.ip4.addr}" ) {
return 403;
}
'';
}
{
services.tor = {
enable = true;
};
}
{
lass.ejabberd = {
enable = true;
hosts = [ "lassul.us" ];
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport xmpp-client"; target = "ACCEPT"; }
{ predicate = "-p tcp --dport xmpp-server"; target = "ACCEPT"; }
];
}
{
imports = [
<stockholm/lass/2configs/realwallpaper.nix>
];
services.nginx.virtualHosts."lassul.us".locations."/wallpaper.png".extraConfig = ''
alias /var/realwallpaper/realwallpaper.png;
'';
}
{
users.users.jeschli = {
uid = genid "jeschli";
isNormalUser = true;
openssh.authorizedKeys.keys = with config.krebs.users; [
jeschli.pubkey
jeschli-bln.pubkey
jeschli-bolide.pubkey
jeschli-brauerei.pubkey
];
};
krebs.git.rules = [
{
user = with config.krebs.users; [
jeschli
jeschli-bln
jeschli-bolide
jeschli-brauerei
];
repo = [ config.krebs.git.repos.xmonad-stockholm ];
perm = with git; push "refs/heads/jeschli*" [ fast-forward non-fast-forward create delete merge ];
}
{
user = with config.krebs.users; [
jeschli
jeschli-bln
jeschli-bolide
jeschli-brauerei
];
repo = [ config.krebs.git.repos.stockholm ];
perm = with git; push "refs/heads/staging/jeschli*" [ fast-forward non-fast-forward create delete merge ];
}
];
}
{
krebs.repo-sync.repos.stockholm.timerConfig = {
OnBootSec = "5min";
OnUnitInactiveSec = "2min";
RandomizedDelaySec = "2min";
};
}
<stockholm/lass/2configs/downloading.nix>
<stockholm/lass/2configs/minecraft.nix>
{
services.taskserver = {
enable = true;
@ -201,123 +39,11 @@ with import <stockholm/lib>;
{ predicate = "-p tcp --dport 53589"; target = "ACCEPT"; }
];
}
#<stockholm/lass/2configs/go.nix>
{
environment.systemPackages = [ pkgs.cryptsetup ];
systemd.services."container@red".reloadIfChanged = mkForce false;
containers.red = {
config = { ... }: {
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
];
};
autoStart = false;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.3";
localAddress = "10.233.2.4";
};
services.nginx.virtualHosts."rote-allez-fraktion.de" = {
enableACME = true;
forceSSL = true;
locations."/" = {
extraConfig = ''
proxy_set_header Host rote-allez-fraktion.de;
proxy_pass http://10.233.2.4;
'';
};
};
}
#{
# imports = [ <stockholm/lass/2configs/backup.nix> ];
# lass.restic = genAttrs [
# "daedalus"
# "icarus"
# "littleT"
# "mors"
# "shodan"
# "skynet"
# ] (dest: {
# dirs = [
# "/home/chat/.weechat"
# "/bku/sql_dumps"
# ];
# passwordFile = (toString <secrets>) + "/restic/${dest}";
# repo = "sftp:backup@${dest}.r:/backups/prism";
# extraArguments = [
# "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'"
# ];
# timerConfig = {
# OnCalendar = "00:05";
# RandomizedDelaySec = "5h";
# };
# });
#}
{
users.users.download.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACADLPxtB2f2tocXHxD3ul9D1537hTht6/un87JYZNnoYABveasyIcdFIfp5lPJmj3PjwqXNTA4M/3V+ufrpZ91dxFeXWI5mOI4YB3xRu+Elja8g7nfvCz1HrH3sD1equos/7ltQ1GZYvHGw40qD1/ZtOODwRwrYJ7l/DUBrjk/tzXRjm0+ZgyQsb3G9a80cA8d3fiuQDxbAzdoJF46wt36ZfuSMpJ/Td8CbCoLlV/uL9QZemOglyxNxR607qGfRNXF1An+P+fFq24GmdHpMJ00DfjZ/dJRL9QSs7vd07uyB4Qty4VHwRhc46XH6KL7VTF1D3INF/BeBZx90GBxOvpgEji7Zrf7O5eSAjM2Do1+t+Ev2IIuiltB+QqTir4rZcrCBrJ2+zD3DDymKffVi8sz15AvdrFkIplzZxpOcgm9Ns2w/uh8sxeV6J58aoLEVmd2KRUfJFYiS1EuEjYo2OHlj8ltIh3VlfYdWksGpQc71IT0iEWvzvjYcfCda9uzFLKdLfBy4GB8+s4zR2CX9aGDyJaIY1kt/xqDeztnYwW1owG+fLMrDJlq3Mu+KmJljb30jzrOPhFYVZgWenmMFgH2RBzVEmnsR0f2LFVLj6N/a9fpEJ3WhxMOc5Ybdpgg/l9KUdgvWLk6KOtba+z9fuYT1YgwtZBoMgHAdZLmZ/DGtff palo@pepe"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGMjbYFmmvpF60YBShyFISbjN+O3e4GPkfsre6xFqz20joi8YqpD/5PtrMsGrPd1ZoZ9qSwXJtbb1WBomFg0xzRSNa1/FliKiE1ilcaB3aUZRtP0OWHIvWD3/YL/0h+/YXDGTfb8FNvpgJmnbN3Q0gw8cwWw+eve5BMyqDhzFvycxO4qDuP2JXkGpdhJqjaYZhP5rPH2mgv1oU1RnOA3A7APZVGf1m6JSmV7FZR514aGlFV+NpsvS29Mib8fcswgpoGhMN6jeh/nf49tp01LUAOmXSqdHIWNOTt3Mt7S4rU7RZwEhswdSRbKdKFRMj+uRkhJ4CPcNuuGtSY3id0Ja7IvrvxNaQUk1L8nBcza709jvSBYWSY5/aGL1ocA/PNWXDpOTp2PWwxkh39aPMqZXPTH3KC4IkRp5SiKibEhdmjnToV7nUAJe4IWn1b7QdoqS03ib0X87DnHWIbvi8UZlImM7pn0rs+rwnOo4lQwrTz7kbBHPaa6XOZAuDYND2728vtcrhwzVrKgiXWbyF6VzvwxPeeStmn1gENvozbj1hl9gbQ1cH/a4pZFBV/OFl/ryzDnB2ghM4acNJazXx/6/us9hX+np1YxIzJaxENj677MLc6HitM2g6XJGaixBQ0U2NNjcjIuQT0ZaeKXsSLnu1Y7+uslbVAwsQ4pJmSxxMMQ== palo@workhorse"
];
}
{
}
{
lass.nichtparasoup.enable = true;
services.nginx = {
enable = true;
virtualHosts."lol.lassul.us" = {
forceSSL = true;
enableACME = true;
locations."/".extraConfig = ''
proxy_pass http://localhost:5001;
'';
};
};
}
{
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p udp --dport 51820"; target = "ACCEPT"; }
];
krebs.iptables.tables.nat.PREROUTING.rules = [
{ v6 = false; precedence = 1000; predicate = "-s 10.244.1.0/24"; target = "ACCEPT"; }
];
krebs.iptables.tables.filter.FORWARD.rules = [
{ v6 = false; precedence = 1000; predicate = "-s 10.244.1.0/24"; target = "ACCEPT"; }
{ v6 = false; precedence = 1000; predicate = "-s 10.243.0.0/16 -d 10.244.1.0/24"; target = "ACCEPT"; }
];
krebs.iptables.tables.nat.POSTROUTING.rules = [
{ v6 = false; predicate = "-s 10.244.1.0/24 ! -d 10.244.1.0/24"; target = "MASQUERADE"; }
];
networking.wireguard.interfaces.wg0 = {
ips = [ "10.244.1.1/24" ];
listenPort = 51820;
privateKeyFile = (toString <secrets>) + "/wireguard.key";
allowedIPsAsRoutes = true;
peers = [
{
# lass-android
allowedIPs = [ "10.244.1.2/32" ];
publicKey = "zVunBVOxsMETlnHkgjfH71HaZjjNUOeYNveAVv5z3jw=";
}
];
};
}
{
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
];
}
{
services.murmur.enable = true;
services.murmur.registerName = "lassul.us";
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
];
}
];
krebs.build.host = config.krebs.hosts.archprism;

View file

@ -1,16 +0,0 @@
{ config, pkgs, ... }:
{
imports = [
<stockholm/lass>
<stockholm/lass/2configs/mouse.nix>
<stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/exim-retiolum.nix>
<stockholm/lass/2configs/baseX.nix>
<stockholm/lass/2configs/AP.nix>
<stockholm/lass/2configs/blue-host.nix>
];
krebs.build.host = config.krebs.hosts.cabal;
}

View file

@ -1,12 +0,0 @@
{
imports = [
./config.nix
<stockholm/lass/2configs/hw/x220.nix>
<stockholm/lass/2configs/boot/stock-x220.nix>
];
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:45:85:ac", NAME="wl0"
SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:62:2b:1b", NAME="et0"
'';
}

View file

@ -25,9 +25,5 @@
macchanger
dpass
];
services.redshift = {
enable = true;
provider = "geoclue2";
};
programs.adb.enable = true;
}

View file

@ -102,6 +102,7 @@ with import <stockholm/lib>;
urban
mk_sql_pair
remmina
transmission
iodine
@ -148,10 +149,6 @@ with import <stockholm/lib>;
programs.adb.enable = true;
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
virtualisation.docker.enable = true;
services.redshift = {
enable = true;
provider = "geoclue2";
};
lass.restic = genAttrs [
"daedalus"

View file

@ -25,7 +25,7 @@ with import <stockholm/lib>;
{ # TODO make new hfos.nix out of this vv
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
users.users.riot = {
uid = genid "riot";
uid = genid_uint31 "riot";
isNormalUser = true;
extraGroups = [ "libvirtd" ];
openssh.authorizedKeys.keys = [
@ -44,21 +44,21 @@ with import <stockholm/lib>;
}
{
users.users.tv = {
uid = genid "tv";
uid = genid_uint31 "tv";
isNormalUser = true;
openssh.authorizedKeys.keys = [
config.krebs.users.tv.pubkey
];
};
users.users.makefu = {
uid = genid "makefu";
uid = genid_uint31 "makefu";
isNormalUser = true;
openssh.authorizedKeys.keys = [
config.krebs.users.makefu.pubkey
];
};
users.extraUsers.dritter = {
uid = genid "dritter";
uid = genid_uint31 "dritter";
isNormalUser = true;
extraGroups = [
"download"
@ -75,7 +75,7 @@ with import <stockholm/lib>;
];
};
users.users.hellrazor = {
uid = genid "hellrazor";
uid = genid_uint31 "hellrazor";
isNormalUser = true;
extraGroups = [
"download"
@ -168,7 +168,7 @@ with import <stockholm/lib>;
}
{
users.users.jeschli = {
uid = genid "jeschli";
uid = genid_uint31 "jeschli";
isNormalUser = true;
openssh.authorizedKeys.keys = with config.krebs.users; [
jeschli.pubkey
@ -207,7 +207,6 @@ with import <stockholm/lib>;
RandomizedDelaySec = "2min";
};
}
<stockholm/lass/2configs/downloading.nix>
<stockholm/lass/2configs/minecraft.nix>
{
services.taskserver = {
@ -324,6 +323,15 @@ with import <stockholm/lib>;
}
];
};
services.dnsmasq = {
enable = true;
resolveLocalQueries = false;
extraConfig= ''
except-interface=lo
interface=wg0
'';
};
}
{
krebs.iptables.tables.filter.INPUT.rules = [
@ -338,6 +346,61 @@ with import <stockholm/lib>;
];
}
{
systemd.services."container@yellow".reloadIfChanged = mkForce false;
containers.yellow = {
config = { ... }: {
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
];
};
autoStart = false;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.13";
localAddress = "10.233.2.14";
};
services.nginx.virtualHosts."lassul.us".locations."^~ /transmission".extraConfig = ''
if ($scheme != "https") {
rewrite ^ https://$host$uri permanent;
}
auth_basic "Restricted Content";
auth_basic_user_file ${pkgs.writeText "transmission-user-pass" ''
krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0
''};
proxy_pass http://10.233.2.14:9091;
'';
users.groups.download = {};
users.users = {
download = {
createHome = true;
group = "download";
name = "download";
home = "/var/download";
useDefaultShell = true;
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
lass-shodan.pubkey
lass-icarus.pubkey
lass-daedalus.pubkey
lass-helios.pubkey
makefu.pubkey
wine-mors.pubkey
];
};
};
system.activationScripts.downloadFolder = ''
mkdir -p /var/download
chmod 775 /var/download
ln -fnsT /var/lib/containers/yellow/var/download/finished /var/download/finished || :
chown download: /var/download/finished
'';
}
];
krebs.build.host = config.krebs.hosts.prism;

View file

@ -25,6 +25,11 @@
fsType = "zfs";
};
fileSystems."/var/download" = {
device = "tank/download";
fsType = "zfs";
};
fileSystems."/var/lib/containers" = {
device = "tank/containers";
fsType = "zfs";

View file

@ -8,14 +8,13 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/mouse.nix>
<stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/baseX.nix>
<stockholm/lass/2configs/git.nix>
<stockholm/lass/2configs/exim-retiolum.nix>
<stockholm/lass/2configs/browsers.nix>
<stockholm/lass/2configs/programs.nix>
<stockholm/lass/2configs/fetchWallpaper.nix>
<stockholm/lass/2configs/wine.nix>
<stockholm/lass/2configs/bitcoin.nix>
<stockholm/lass/2configs/backup.nix>
<stockholm/lass/2configs/blue-host.nix>
];
krebs.build.host = config.krebs.hosts.shodan;

View file

@ -7,6 +7,7 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/fetchWallpaper.nix>
<stockholm/lass/2configs/blue-host.nix>
<stockholm/lass/2configs/power-action.nix>
{
services.xserver.enable = true;
services.xserver.desktopManager.xfce.enable = true;

View file

@ -0,0 +1,167 @@
with import <stockholm/lib>;
{ config, lib, pkgs, ... }:
{
imports = [
<stockholm/lass>
<stockholm/lass/2configs>
<stockholm/lass/2configs/retiolum.nix>
];
krebs.build.host = config.krebs.hosts.yellow;
system.activationScripts.downloadFolder = ''
mkdir -p /var/download
chown download:download /var/download
chmod 775 /var/download
'';
users.users.download = { uid = genid "download"; };
users.groups.download.members = [ "transmission" ];
users.users.transmission.group = mkForce "download";
systemd.services.transmission.serviceConfig.bindsTo = [ "openvpn-nordvpn.service" ];
services.transmission = {
enable = true;
settings = {
download-dir = "/var/download/finished";
incomplete-dir = "/var/download/incoming";
incomplete-dir-enable = true;
umask = "002";
rpc-whitelist-enabled = false;
rpc-host-whitelist-enabled = false;
};
};
services.nginx = {
enable = true;
package = pkgs.nginx.override {
modules = with pkgs.nginxModules; [
fancyindex
];
};
virtualHosts."dl" = {
default = true;
locations."/Nginx-Fancyindex-Theme-dark" = {
extraConfig = ''
alias ${pkgs.fetchFromGitHub {
owner = "Naereen";
repo = "Nginx-Fancyindex-Theme";
rev = "e84f7d6a32085c2b6238f85f5fdebe9ceb710fc4";
sha256 = "0wzl4ws2w8f0749vxfd1c8c21p3jw463wishgfcmaljbh4dwplg6";
}}/Nginx-Fancyindex-Theme-dark;
autoindex on;
'';
};
locations."/" = {
root = "/var/download/finished";
extraConfig = ''
fancyindex on;
fancyindex_header "/Nginx-Fancyindex-Theme-dark/header.html";
fancyindex_footer "/Nginx-Fancyindex-Theme-dark/footer.html";
dav_methods PUT DELETE MKCOL COPY MOVE;
create_full_put_path on;
dav_access all:r;
'';
};
};
};
krebs.iptables = {
enable = true;
tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 80"; target = "ACCEPT"; }
{ predicate = "-p tcp --dport 9091"; target = "ACCEPT"; }
{ predicate = "-p tcp --dport 51413"; target = "ACCEPT"; }
{ predicate = "-p udp --dport 51413"; target = "ACCEPT"; }
];
};
services.openvpn.servers.nordvpn.config = ''
client
dev tun
proto udp
remote 82.102.16.229 1194
resolv-retry infinite
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0
comp-lzo no
explicit-exit-notify 3
remote-cert-tls server
#mute 10000
auth-user-pass ${toString <secrets/nordvpn.txt>}
verb 3
pull
fast-io
cipher AES-256-CBC
auth SHA512
<ca>
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIJANIxRSmgmjW6MA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH
Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUyMjkubm9yZHZw
bi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEWEGNlcnRAbm9y
ZHZwbi5jb20wHhcNMTcxMTIyMTQ1MTQ2WhcNMjcxMTIwMTQ1MTQ2WjCBnjELMAkG
A1UEBhMCUEExCzAJBgNVBAgTAlBBMQ8wDQYDVQQHEwZQYW5hbWExEDAOBgNVBAoT
B05vcmRWUE4xEDAOBgNVBAsTB05vcmRWUE4xGjAYBgNVBAMTEWRlMjI5Lm5vcmR2
cG4uY29tMRAwDgYDVQQpEwdOb3JkVlBOMR8wHQYJKoZIhvcNAQkBFhBjZXJ0QG5v
cmR2cG4uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv++dfZlG
UeFF2sGdXjbreygfo78Ujti6X2OiMDFnwgqrhELstumXl7WrFf5EzCYbVriNuUny
mNCx3OxXxw49xvvg/KplX1CE3rKBNnzbeaxPmeyEeXe+NgA7rwOCbYPQJScFxK7X
+D16ZShY25GyIG7hqFGML0Qz6gpZRGaHSd0Lc3wSgoLzGtsIg8hunhfi00dNqMBT
ukCzgfIqbQUuqmOibsWnYvZoXoYKnbRL0Bj8IYvwvu4p2oBQpvM+JR4DC+rv52LI
583Q6g3LebQ4JuQf8jgxvEEV4UL1CsUBqN3mcRpVUKJS3ijXmzEX9MfpBRcp1rBA
VsiE4Mrk7PXhkwIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFFIv1UuKN2NXaVjRNXDT
Rs/+LT/9MIHTBgNVHSMEgcswgciAFFIv1UuKN2NXaVjRNXDTRs/+LT/9oYGkpIGh
MIGeMQswCQYDVQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQ
MA4GA1UEChMHTm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUy
Mjkubm9yZHZwbi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEW
EGNlcnRAbm9yZHZwbi5jb22CCQDSMUUpoJo1ujAMBgNVHRMEBTADAQH/MA0GCSqG
SIb3DQEBCwUAA4IBAQBf1vr93OIkIFehXOCXYFmAYai8/lK7OQH0SRMYdUPvADjQ
e5tSDK5At2Ew9YLz96pcDhzLqtbQsRqjuqWKWs7DBZ8ZiJg1nVIXxE+C3ezSyuVW
//DdqMeUD80/FZD5kPS2yJJOWfuBBMnaN8Nxb0BaJi9AKFHnfg6Zxqa/FSUPXFwB
wH+zeymL2Dib2+ngvCm9VP3LyfIdvodEJ372H7eG8os8allUnkUzpVyGxI4pN/IB
KROBRPKb+Aa5FWeWgEUHIr+hNrEMvcWfSvZAkSh680GScQeJh5Xb4RGMCW08tb4p
lrojzCvC7OcFeUNW7Ayiuukx8rx/F4+IZ1yJGff9
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
49b2f54c6ee58d2d97331681bb577d55
054f56d92b743c31e80b684de0388702
ad3bf51088cd88f3fac7eb0729f2263c
51d82a6eb7e2ed4ae6dfa65b1ac764d0
b9dedf1379c1b29b36396d64cb6fd6b2
e61f869f9a13001dadc02db171f04c4d
c46d1132c1f31709e7b54a6eabae3ea8
fbd2681363c185f4cb1be5aa42a27c31
21db7b2187fd11c1acf224a0d5a44466
b4b5a3cc34ec0227fe40007e8b379654
f1e8e2b63c6b46ee7ab6f1bd82f57837
92c209e8f25bc9ed493cb5c1d891ae72
7f54f4693c5b20f136ca23e639fd8ea0
865b4e22dd2af43e13e6b075f12427b2
08af9ffd09c56baa694165f57fe2697a
3377fa34aebcba587c79941d83deaf45
-----END OpenVPN Static key V1-----
</tls-auth>
'';
}

View file

@ -0,0 +1,8 @@
{
imports = [
./config.nix
];
boot.isContainer = true;
networking.useDHCP = false;
environment.variables.NIX_REMOTE = "daemon";
}

View file

@ -126,6 +126,12 @@ in {
restartIfChanged = false;
};
nixpkgs.config.packageOverrides = super: {
dmenu = pkgs.writeDashBin "dmenu" ''
${pkgs.fzfmenu}/bin/fzfmenu "$@"
'';
};
krebs.xresources.enable = true;
lass.screenlock.enable = true;
}

View file

@ -26,6 +26,7 @@
'';
};
virtualHosts."cache.krebsco.de" = {
forceSSL = true;
serverAliases = [ "cache.lassul.us" ];
enableACME = true;
locations."/".extraConfig = ''

View file

@ -81,6 +81,7 @@ in {
host = "${host}.r",
targetdir = "/var/lib/containers/.blue",
rsync = {
archive = true,
owner = true,
group = true,
};

View file

@ -1,65 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
users.extraUsers = {
download = {
name = "download";
home = "/var/download";
createHome = true;
useDefaultShell = true;
extraGroups = [
"download"
];
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
lass-shodan.pubkey
lass-icarus.pubkey
lass-daedalus.pubkey
lass-helios.pubkey
makefu.pubkey
wine-mors.pubkey
];
};
transmission = {
extraGroups = [
"download"
];
};
};
users.extraGroups = {
download = {
members = [
"download"
"transmission"
];
};
};
krebs.rtorrent = {
enable = true;
web = {
enable = true;
port = 9091;
basicAuth = import <secrets/torrent-auth>;
};
rutorrent.enable = true;
enableXMLRPC = true;
listenPort = 51413;
downloadDir = "/var/download/finished";
# dump old torrents into watch folder to have them re-added
watchDir = "/var/download/watch";
};
krebs.iptables = {
enable = true;
tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 9091"; target = "ACCEPT"; }
{ predicate = "-p tcp --dport 51413"; target = "ACCEPT"; }
{ predicate = "-p udp --dport 51413"; target = "ACCEPT"; }
];
};
}

View file

@ -93,6 +93,7 @@ with import <stockholm/lib>;
{ from = "neocron@lassul.us"; to = lass.mail; }
{ from = "osmocom@lassul.us"; to = lass.mail; }
{ from = "lesswrong@lassul.us"; to = lass.mail; }
{ from = "nordvpn@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }

View file

@ -174,6 +174,16 @@ let
macro pager a "<modify-labels>-archive\n" # tag as Archived
bind index U noop
bind index u noop
bind pager U noop
bind pager u noop
macro index U "<modify-labels>+unread\n"
macro index u "<modify-labels>-unread\n"
macro pager U "<modify-labels>+unread\n"
macro pager u "<modify-labels>-unread\n"
bind index t noop
bind pager t noop
macro index t "<modify-labels>" # tag as Archived

View file

@ -5,7 +5,6 @@ with import <stockholm/lib>;
let
name = "radio";
mainUser = config.users.extraUsers.mainUser;
inherit (import <stockholm/lib>) genid;
admin-password = import <secrets/icecast-admin-pw>;
source-password = import <secrets/icecast-source-pw>;
@ -31,7 +30,7 @@ in {
"${name}" = rec {
inherit name;
group = name;
uid = genid name;
uid = genid_uint31 name;
description = "radio manager";
home = "/home/${name}";
useDefaultShell = true;

View file

@ -1,70 +0,0 @@
{ config, pkgs, lib, ... }:
with lib;
let
inherit (import <stockholm/lib>)
genid
head
;
inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})
servePage
serveWordpress
;
msmtprc = pkgs.writeText "msmtprc" ''
account default
host localhost
'';
sendmail = pkgs.writeDash "msmtp" ''
exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@"
'';
in {
services.nginx.enable = true;
imports = [
./default.nix
./sqlBackup.nix
(serveWordpress [ "radical-dreamers.de" "www.radical-dreamers.de" ])
(serveWordpress [ "gs-maubach.de" "www.gs-maubach.de" ])
(serveWordpress [ "spielwaren-kern.de" "www.spielwaren-kern.de" ])
(servePage [ "familienpraxis-korntal.de" "www.familienpraxis-korntal.de" ])
(serveWordpress [ "ttf-kleinaspach.de" "www.ttf-kleinaspach.de" ])
(serveWordpress [ "eastuttgart.de" "www.eastuttgart.de" ])
(serveWordpress [ "goldbarrendiebstahl.radical-dreamers.de" ])
];
lass.mysqlBackup.config.all.databases = [
"eastuttgart_de"
"radical_dreamers_de"
"spielwaren_kern_de"
"ttf_kleinaspach_de"
];
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.fritz.pubkey
];
users.users.goldbarrendiebstahl = {
home = "/srv/http/goldbarrendiebstahl.radical-dreamers.de";
uid = genid "goldbarrendiebstahl";
createHome = true;
useDefaultShell = true;
openssh.authorizedKeys.keys = [
config.krebs.users.fritz.pubkey
];
};
services.phpfpm.phpOptions = ''
sendmail_path = ${sendmail} -t
'';
}

View file

@ -3,7 +3,7 @@
with lib;
let
inherit (import <stockholm/lib>)
genid
genid_uint31
;
in {
@ -22,7 +22,7 @@ in {
krebs.tinc_graphs.enable = true;
users.users.lass-stuff = {
uid = genid "lass-stuff";
uid = genid_uint31 "lass-stuff";
description = "lassul.us blog cgi stuff";
home = "/var/empty";
};
@ -66,22 +66,6 @@ in {
locations."/tinc".extraConfig = ''
alias ${config.krebs.tinc_graphs.workingDir}/external;
'';
locations."/urlaubyay2018".extraConfig = ''
autoindex on;
alias /srv/http/lassul.us-media/india2018;
auth_basic "Restricted Content";
auth_basic_user_file ${pkgs.writeText "pics-user-pass" ''
paolo:$apr1$aQ6mYNR3$ho.aJ7icqSO.y.xKo3GQf0
''};
'';
locations."/heilstadt".extraConfig = ''
autoindex on;
alias /srv/http/lassul.us-media/grabowsee2018;
auth_basic "Restricted Content";
auth_basic_user_file ${pkgs.writeText "pics-user-pass" ''
c-base:$apr1$aQ6mYNR3$ho.aJ7icqSO.y.xKo3GQf0
''};
'';
locations."/krebspage".extraConfig = ''
default_type "text/html";
alias ${pkgs.krebspage}/index.html;
@ -140,7 +124,7 @@ in {
};
users.users.blog = {
uid = genid "blog";
uid = genid_uint31 "blog";
description = "lassul.us blog deployment";
home = "/srv/http/lassul.us";
useDefaultShell = true;

View file

@ -142,7 +142,7 @@ with import <stockholm/lib>;
users.users = mapAttrs' (_: cfg:
nameValuePair cfg.name {
uid = genid cfg.name;
uid = genid_uint31 cfg.name;
home = "/home/${cfg.name}";
useDefaultShell = true;
createHome = true;

View file

@ -38,7 +38,7 @@ import XMonad.Hooks.EwmhDesktops (ewmh)
import XMonad.Hooks.FloatNext (floatNext)
import XMonad.Hooks.FloatNext (floatNextHook)
import XMonad.Hooks.ManageDocks (avoidStruts, ToggleStruts(ToggleStruts))
import XMonad.Hooks.Place (placeHook, smart)
import XMonad.Hooks.ManageHelpers (composeOne, doCenterFloat, (-?>))
import XMonad.Hooks.UrgencyHook (focusUrgent)
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
import XMonad.Layout.FixedColumn (FixedColumn(..))
@ -84,7 +84,7 @@ main' = do
{ terminal = myTerm
, modMask = mod4Mask
, layoutHook = smartBorders $ myLayoutHook
, manageHook = placeHook (smart (1,0)) <+> floatNextHook <+> floatHooks
, manageHook = floatHooks <+> floatNextHook
, startupHook =
whenJustM (liftIO (lookupEnv "XMONAD_STARTUP_HOOK"))
(\path -> forkFile path [] Nothing)
@ -99,13 +99,12 @@ myLayoutHook = defLayout
defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat)
floatHooks :: Query (Endo WindowSet)
floatHooks = composeAll . concat $
[ [ title =? t --> doFloat | t <- myTitleFloats]
, [ className =? c --> doFloat | c <- myClassFloats ] ]
where
myTitleFloats = []
myClassFloats = ["Pinentry"] -- for gpg passphrase entry
floatHooks = composeOne
[ className =? "Pinentry" -?> doCenterFloat
, title =? "fzfmenu" -?> doCenterFloat
, title =? "glxgears" -?> doCenterFloat
, resource =? "Dialog" -?> doFloat
]
myKeyMap :: [([Char], X ())]
myKeyMap =
@ -114,6 +113,7 @@ myKeyMap =
, ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type")
, ("M4-o", spawn "${pkgs.brain}/bin/brainmenu --type")
, ("M4-i", spawn "${pkgs.dpass}/bin/dpassmenu --type")
, ("M4-z", spawn "${pkgs.emot-menu}/bin/emoticons")
, ("<XF86AudioMute>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-mute @DEFAULT_SINK@ toggle")
, ("<XF86AudioRaiseVolume>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ +4%")
@ -163,6 +163,9 @@ myKeyMap =
, ("M4-<F7>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 33")
, ("M4-<F8>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 100")
, ("M4-<F9>", spawn "${pkgs.redshift}/bin/redshift -O 4000 -g 0.9:0.8:0.8")
, ("M4-<F10>", spawn "${pkgs.redshift}/bin/redshift -x")
, ("<Pause>", spawn "${pkgs.xcalib}/bin/xcalib -invert -alter")
, ("M4-s", spawn "${pkgs.knav}/bin/knav")

View file

@ -0,0 +1,31 @@
{ coreutils, dmenu, gnused, writeDashBin, writeText, xdotool }: let
emoticons = writeText "emoticons" ''
¯\(°_o)/¯ | dunno lol shrug dlol
¯\_()_/¯ | dunno lol shrug dlol
( ͡° ͜ʖ ͡°) | lenny
¯\_( ͡° ͜ʖ ͡°)_/¯ | lenny shrug dlol
( д) | aaah sad noo
(^o^)丿 | hi yay hello
(^o^; | ups hehe
(^^) | yay
(´) | angry argh
(^_^) byebye!! | bye
<(^.^<) <(^.^)> (>^.^)> (7^.^)7 (>^.^<) | dance
(-.-)Zzz... | sleep
() | oh noes woot
| tm
ζ | zeta
(°° | table flip
() | why woot
'';
in
writeDashBin "emoticons" ''
set -efu
data=$(${coreutils}/bin/cat ${emoticons})
emoticon=$(echo "$data" | ${dmenu}/bin/dmenu | ${gnused}/bin/sed 's/ | .*//')
${xdotool}/bin/xdotool type -- "$emoticon"
exit 0
''

View file

@ -0,0 +1,45 @@
{ pkgs, ... }:
pkgs.writeDashBin "fzfmenu" ''
set -efu
PROMPT=">"
for i in "$@"
do
case $i in
-p)
PROMPT="$2"
shift
shift
break
;;
-l)
# no reason to filter number of lines
LINES="$2"
shift
shift
break
;;
-i)
# we do this anyway
shift
break
;;
*)
echo "Unknown option $1" >&2
shift
;;
esac
done
INPUT=$(${pkgs.coreutils}/bin/cat)
OUTPUT="$(${pkgs.coreutils}/bin/mktemp)"
${pkgs.rxvt_unicode}/bin/urxvt \
-name fzfmenu -title fzfmenu \
-e ${pkgs.dash}/bin/dash -c \
"echo \"$INPUT\" | ${pkgs.fzf}/bin/fzf \
--history=/dev/null \
--no-sort \
--prompt=\"$PROMPT\" \
> \"$OUTPUT\"" 2>/dev/null
${pkgs.coreutils}/bin/cat "$OUTPUT"
${pkgs.coreutils}/bin/rm "$OUTPUT"
''

View file

@ -13,8 +13,9 @@ let
ne = x: y: x != y;
mod = x: y: x - y * (x / y);
genid = import ./genid.nix { inherit lib; };
genid_uint31 = x: ((lib.genid x) + 16777216) / 2;
genid = lib.genid_uint32; # TODO remove
genid_uint31 = x: ((lib.genid_uint32 x) + 16777216) / 2;
genid_uint32 = import ./genid.nix { inherit lib; };
lpad = n: c: s:
if lib.stringLength s < n

View file

@ -19,7 +19,7 @@ rec {
default = config._module.args.name;
};
cores = mkOption {
type = positive;
type = uint;
};
nets = mkOption {
type = attrsOf net;

View file

@ -10,7 +10,7 @@ with import <stockholm/lib>;
];
# TODO: NIX_PATH and nix.nixPath are being set by default.nix right now
# cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos
krebs.build.host = config.krebs.hosts.iso;
krebs.build.host = { cores = 0; };
isoImage.isoBaseName = lib.mkForce "stockholm";
krebs.hidden-ssh.enable = true;
environment.systemPackages = with pkgs; [