Merge remote-tracking branch 'lass/master'
This commit is contained in:
commit
35c7e1c375
|
@ -68,7 +68,7 @@ let
|
||||||
# TODO search-domains :: listOf hostname
|
# TODO search-domains :: listOf hostname
|
||||||
search-domain = mkOption {
|
search-domain = mkOption {
|
||||||
type = types.hostname;
|
type = types.hostname;
|
||||||
default = "retiolum";
|
default = "r";
|
||||||
};
|
};
|
||||||
zone-head-config = mkOption {
|
zone-head-config = mkOption {
|
||||||
type = with types; attrsOf str;
|
type = with types; attrsOf str;
|
||||||
|
|
|
@ -27,7 +27,7 @@ let
|
||||||
};
|
};
|
||||||
systemd.services.hidden-ssh-announce = {
|
systemd.services.hidden-ssh-announce = {
|
||||||
description = "irc announce hidden ssh";
|
description = "irc announce hidden ssh";
|
||||||
after = [ "tor.service" ];
|
after = [ "tor.service" "network-online.target" ];
|
||||||
wants = [ "tor.service" ];
|
wants = [ "tor.service" ];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
|
|
|
@ -32,9 +32,9 @@ let
|
||||||
default = "http://xplanetclouds.com/free/local/clouds_2048.jpg";
|
default = "http://xplanetclouds.com/free/local/clouds_2048.jpg";
|
||||||
};
|
};
|
||||||
|
|
||||||
outFile = mkOption {
|
marker = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "/tmp/wallpaper.png";
|
default = "http://graphs.r/marker.json";
|
||||||
};
|
};
|
||||||
|
|
||||||
timerConfig = mkOption {
|
timerConfig = mkOption {
|
||||||
|
@ -43,7 +43,6 @@ let
|
||||||
OnCalendar = "*:0/15";
|
OnCalendar = "*:0/15";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
imp = {
|
imp = {
|
||||||
|
@ -63,6 +62,7 @@ let
|
||||||
imagemagick
|
imagemagick
|
||||||
curl
|
curl
|
||||||
file
|
file
|
||||||
|
jq
|
||||||
];
|
];
|
||||||
|
|
||||||
environment = {
|
environment = {
|
||||||
|
@ -70,7 +70,7 @@ let
|
||||||
nightmap_url = cfg.nightmap;
|
nightmap_url = cfg.nightmap;
|
||||||
daymap_url = cfg.daymap;
|
daymap_url = cfg.daymap;
|
||||||
cloudmap_url = cfg.cloudmap;
|
cloudmap_url = cfg.cloudmap;
|
||||||
out_file = cfg.outFile;
|
marker_url = cfg.marker;
|
||||||
};
|
};
|
||||||
|
|
||||||
restartIfChanged = true;
|
restartIfChanged = true;
|
||||||
|
|
|
@ -12,7 +12,7 @@ with import <stockholm/lib>;
|
||||||
nets = {
|
nets = {
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.21.1";
|
ip4.addr = "10.243.21.1";
|
||||||
ip6.addr = "42:0:0:0:0:0:0:2101";
|
ip6.addr = "42::2101";
|
||||||
aliases = [
|
aliases = [
|
||||||
"alnus.r"
|
"alnus.r"
|
||||||
];
|
];
|
||||||
|
@ -53,7 +53,7 @@ with import <stockholm/lib>;
|
||||||
retiolum = {
|
retiolum = {
|
||||||
via = config.krebs.hosts.caxi.nets.internet;
|
via = config.krebs.hosts.caxi.nets.internet;
|
||||||
ip4.addr = "10.243.113.226";
|
ip4.addr = "10.243.113.226";
|
||||||
ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af6";
|
ip6.addr = "42:4522:25f8:36bb:8ccb:150:231a:2af6";
|
||||||
aliases = [
|
aliases = [
|
||||||
"caxi.r"
|
"caxi.r"
|
||||||
];
|
];
|
||||||
|
@ -94,7 +94,7 @@ with import <stockholm/lib>;
|
||||||
retiolum = {
|
retiolum = {
|
||||||
via = config.krebs.hosts.cd.nets.internet;
|
via = config.krebs.hosts.cd.nets.internet;
|
||||||
ip4.addr = "10.243.113.222";
|
ip4.addr = "10.243.113.222";
|
||||||
ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af3";
|
ip6.addr = "42:4522:25f8:36bb:8ccb:150:231a:2af3";
|
||||||
aliases = [
|
aliases = [
|
||||||
"cd.r"
|
"cd.r"
|
||||||
"cgit.cd.r"
|
"cgit.cd.r"
|
||||||
|
@ -129,7 +129,7 @@ with import <stockholm/lib>;
|
||||||
};
|
};
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.13.39";
|
ip4.addr = "10.243.13.39";
|
||||||
ip6.addr = "42:0:0:0:0:0:0:1339";
|
ip6.addr = "42::1339";
|
||||||
aliases = [
|
aliases = [
|
||||||
"ju.r"
|
"ju.r"
|
||||||
];
|
];
|
||||||
|
@ -164,7 +164,7 @@ with import <stockholm/lib>;
|
||||||
};
|
};
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.166.2";
|
ip4.addr = "10.243.166.2";
|
||||||
ip6.addr = "42:0b9d:6660:d07c:2bb7:4e91:1a01:2e7d";
|
ip6.addr = "42:b9d:6660:d07c:2bb7:4e91:1a01:2e7d";
|
||||||
aliases = [
|
aliases = [
|
||||||
"kaepsele.r"
|
"kaepsele.r"
|
||||||
];
|
];
|
||||||
|
@ -187,7 +187,7 @@ with import <stockholm/lib>;
|
||||||
nets = {
|
nets = {
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.20.1";
|
ip4.addr = "10.243.20.1";
|
||||||
ip6.addr = "42:0:0:0:0:0:0:2001";
|
ip6.addr = "42::2001";
|
||||||
aliases = [
|
aliases = [
|
||||||
"mu.r"
|
"mu.r"
|
||||||
];
|
];
|
||||||
|
@ -226,7 +226,7 @@ with import <stockholm/lib>;
|
||||||
retiolum = {
|
retiolum = {
|
||||||
via = config.krebs.hosts.ni.nets.internet;
|
via = config.krebs.hosts.ni.nets.internet;
|
||||||
ip4.addr = "10.243.113.223";
|
ip4.addr = "10.243.113.223";
|
||||||
ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af4";
|
ip6.addr = "42:4522:25f8:36bb:8ccb:150:231a:2af4";
|
||||||
aliases = [
|
aliases = [
|
||||||
"ni.r"
|
"ni.r"
|
||||||
"cgit.ni.r"
|
"cgit.ni.r"
|
||||||
|
@ -260,7 +260,7 @@ with import <stockholm/lib>;
|
||||||
};
|
};
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.0.110";
|
ip4.addr = "10.243.0.110";
|
||||||
ip6.addr = "42:02d5:733f:d6da:c0f5:2bb7:2b18:09ec";
|
ip6.addr = "42:2d5:733f:d6da:c0f5:2bb7:2b18:9ec";
|
||||||
aliases = [
|
aliases = [
|
||||||
"nomic.r"
|
"nomic.r"
|
||||||
"cgit.nomic.r"
|
"cgit.nomic.r"
|
||||||
|
@ -318,7 +318,7 @@ with import <stockholm/lib>;
|
||||||
};
|
};
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.13.37";
|
ip4.addr = "10.243.13.37";
|
||||||
ip6.addr = "42:0:0:0:0:0:0:1337";
|
ip6.addr = "42::1337";
|
||||||
aliases = [
|
aliases = [
|
||||||
"wu.r"
|
"wu.r"
|
||||||
"cgit.wu.r"
|
"cgit.wu.r"
|
||||||
|
@ -355,7 +355,7 @@ with import <stockholm/lib>;
|
||||||
};
|
};
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.13.38";
|
ip4.addr = "10.243.13.38";
|
||||||
ip6.addr = "42:0:0:0:0:0:0:1338";
|
ip6.addr = "42::1338";
|
||||||
aliases = [
|
aliases = [
|
||||||
"xu.r"
|
"xu.r"
|
||||||
];
|
];
|
||||||
|
@ -387,7 +387,7 @@ with import <stockholm/lib>;
|
||||||
};
|
};
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.13.40";
|
ip4.addr = "10.243.13.40";
|
||||||
ip6.addr = "42:0:0:0:0:0:0:1340";
|
ip6.addr = "42::1340";
|
||||||
aliases = [
|
aliases = [
|
||||||
"zu.r"
|
"zu.r"
|
||||||
];
|
];
|
||||||
|
|
|
@ -1,26 +1,26 @@
|
||||||
{ bash, coreutils, gnused, stdenv, fetchgit, ucspi-tcp }:
|
{ coreutils, dash, fetchgit, gnused, stdenv, ucspi-tcp }:
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
version = "1.1";
|
version = "1.2.2";
|
||||||
in stdenv.mkDerivation {
|
in stdenv.mkDerivation {
|
||||||
name = "htgen-${version}";
|
name = "htgen-${version}";
|
||||||
|
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
url = "http://cgit.krebsco.de/htgen";
|
url = "http://cgit.krebsco.de/htgen";
|
||||||
rev = "refs/tags/v${version}";
|
rev = "refs/tags/v${version}";
|
||||||
sha256 = "1zxj0fv9vdrqyl3x2hgq7a6xdlzpclf93akygysrzsqk9wjapp4z";
|
sha256 = "0a8vn35vq6pxgk6d3d2cjp0vdxzq9nqf0zgkvnd6668v4cmdf91b";
|
||||||
};
|
};
|
||||||
|
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
mkdir -p $out/bin
|
mkdir -p $out/bin
|
||||||
{
|
{
|
||||||
echo '#! ${bash}/bin/bash'
|
echo '#! ${dash}/bin/dash'
|
||||||
echo 'export PATH=${makeBinPath [
|
echo 'export PATH=${makeBinPath [
|
||||||
ucspi-tcp
|
|
||||||
coreutils
|
coreutils
|
||||||
gnused
|
gnused
|
||||||
|
ucspi-tcp
|
||||||
]}''${PATH+":$PATH"}'
|
]}''${PATH+":$PATH"}'
|
||||||
cat htgen
|
sed 's:^Server=htgen$:&/${version}:' htgen
|
||||||
} > $out/bin/htgen
|
} > $out/bin/htgen
|
||||||
chmod +x $out/bin/htgen
|
chmod +x $out/bin/htgen
|
||||||
cp -r examples $out
|
cp -r examples $out
|
||||||
|
|
|
@ -24,7 +24,7 @@ pkgs.writeDashBin "irc-announce" ''
|
||||||
# echo2 and cat2 are used output to both, stdout and stderr
|
# echo2 and cat2 are used output to both, stdout and stderr
|
||||||
# This is used to see what we send to the irc server. (debug output)
|
# This is used to see what we send to the irc server. (debug output)
|
||||||
echo2() { echo "$*"; echo "$*" >&2; }
|
echo2() { echo "$*"; echo "$*" >&2; }
|
||||||
cat2() { tee /dev/stderr; }
|
cat2() { awk '{print;print > "/dev/stderr"}'; }
|
||||||
|
|
||||||
# privmsg_cat transforms stdin to a privmsg
|
# privmsg_cat transforms stdin to a privmsg
|
||||||
privmsg_cat() { awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; }
|
privmsg_cat() { awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; }
|
||||||
|
|
|
@ -5,8 +5,8 @@ stdenv.mkDerivation {
|
||||||
|
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
url = https://github.com/Lassulus/realwallpaper;
|
url = https://github.com/Lassulus/realwallpaper;
|
||||||
rev = "c2778c3c235fc32edc8115d533a0d0853ab101c5";
|
rev = "b8408cfb295b6ce5b965309b30358ca6c6409efd";
|
||||||
sha256 = "0yhbjz19zk8sj5dsvccm6skkqq2vardn1yi70qmd5li7qvp17mvs";
|
sha256 = "0yyl8hhqshw9bx04xs8glvir3c0qzvfrwzmbvyg318mnz5xalcl0";
|
||||||
};
|
};
|
||||||
|
|
||||||
phases = [
|
phases = [
|
||||||
|
@ -15,10 +15,6 @@ stdenv.mkDerivation {
|
||||||
];
|
];
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
xplanet
|
|
||||||
imagemagick
|
|
||||||
curl
|
|
||||||
file
|
|
||||||
];
|
];
|
||||||
|
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
|
|
|
@ -15,7 +15,6 @@ with import <stockholm/lib>;
|
||||||
krebs.enable = true;
|
krebs.enable = true;
|
||||||
krebs.build.user = config.krebs.users.lass;
|
krebs.build.user = config.krebs.users.lass;
|
||||||
krebs.build.host = config.krebs.hosts.iso;
|
krebs.build.host = config.krebs.hosts.iso;
|
||||||
krebs.build.source.nixos-config.symlink = "stockholm/lass/1systems/${config.krebs.buil.host.name}.nix";
|
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
@ -122,18 +121,12 @@ with import <stockholm/lib>;
|
||||||
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
systemd.services.sshd.wantedBy = mkForce [ "multi-user.target" ];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
krebs.iptables = {
|
krebs.iptables = {
|
||||||
enable = true;
|
enable = true;
|
||||||
tables = {
|
tables = {
|
||||||
nat.PREROUTING.rules = [
|
|
||||||
{ predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; }
|
|
||||||
{ predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; }
|
|
||||||
];
|
|
||||||
nat.OUTPUT.rules = [
|
|
||||||
{ predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; }
|
|
||||||
];
|
|
||||||
filter.INPUT.policy = "DROP";
|
filter.INPUT.policy = "DROP";
|
||||||
filter.FORWARD.policy = "DROP";
|
filter.FORWARD.policy = "DROP";
|
||||||
filter.INPUT.rules = [
|
filter.INPUT.rules = [
|
||||||
|
@ -148,5 +141,8 @@ with import <stockholm/lib>;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
krebs.hidden-ssh.enable = true;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,6 +25,7 @@ with import <stockholm/lib>;
|
||||||
../2configs/repo-sync.nix
|
../2configs/repo-sync.nix
|
||||||
../2configs/ircd.nix
|
../2configs/ircd.nix
|
||||||
../2configs/logf.nix
|
../2configs/logf.nix
|
||||||
|
../2configs/syncthing.nix
|
||||||
{
|
{
|
||||||
#risk of rain port
|
#risk of rain port
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
|
@ -76,10 +77,6 @@ with import <stockholm/lib>;
|
||||||
{
|
{
|
||||||
services.redis.enable = true;
|
services.redis.enable = true;
|
||||||
}
|
}
|
||||||
{
|
|
||||||
#ipfs-testing
|
|
||||||
services.ipfs.enable = true;
|
|
||||||
}
|
|
||||||
{
|
{
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
pkgs.krebszones
|
pkgs.krebszones
|
||||||
|
@ -89,6 +86,12 @@ with import <stockholm/lib>;
|
||||||
#ps vita stuff
|
#ps vita stuff
|
||||||
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
|
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
services.tor = {
|
||||||
|
enable = true;
|
||||||
|
client.enable = true;
|
||||||
|
};
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.mors;
|
krebs.build.host = config.krebs.hosts.mors;
|
||||||
|
|
|
@ -46,6 +46,7 @@ in {
|
||||||
../2configs/monitoring/server.nix
|
../2configs/monitoring/server.nix
|
||||||
../2configs/monitoring/monit-alarms.nix
|
../2configs/monitoring/monit-alarms.nix
|
||||||
../2configs/paste.nix
|
../2configs/paste.nix
|
||||||
|
../2configs/syncthing.nix
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../2configs/bepasty.nix
|
../2configs/bepasty.nix
|
||||||
|
@ -158,7 +159,7 @@ in {
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
users.users.chat.openssh.authorizedKeys.keys = [
|
users.users.chat.openssh.authorizedKeys.keys = [
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCkmIvB8BekIE2W24+I0gnzkvkEoeulz/zQkDUVJK4oScbIvgTYmcHzQuHJyPueTm67bJCOcYaTwEDNhcR/ZvcyiCQ7Jwa5cLDTkCkcR9LQq8ry5jMNEanvTgrnBIEcwfS7jFpyFb/PRVG6hh2bPOfP+ksFplkq1BTzKt/UTaCBwVEZqi5XuFIlq/MqJg+FIjh+wyeNR5jHtqgAhVjR+YLVNXLgtVPE+dlSfbyRQHuA9FTkUj8BxxnTdwM5Sx33S61ddik1XvRn++IYqFl68fZhzyTME7t/Mvjdz8J7ew2bF2IbJrXt37yQCAOEEp9/RC5OloA7dd/5ZJjZxSzT2HnYROILsYr3S0WV4e+H2G66ZN0ftdUCYh1o5rtY7IrSes6yHsKYbpoij1IAkRkyt2XgEH5EZCk1Omx8AY3ekW1KFIEhz2DZEfnCEjPf4AGCYZ0uy4XEztxzTDkh25TVs/tym1+96qCJ1yAxwWZDbVhS/Z6aSBpsyeDRKcak8qoWVC2dEPdYuTUmwvmo3pmGn/a4UfOLNJTn0jSRjy3kSv1hYzosN4NSYZqEylFB0ABnlqoLpX3tmWtrkiKv19S+djVGxbaaYm3hjPJfds3qCWTJWPvxPPeCE8wGXVLYqOQxa5ZPYeoTwRof5YNSbj5RFYy9sDLTlHl+U4ASTHZM5S3akQ== JuiceSSH"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDjesiOnhpT9XgWZqw/64M5lVQg3q0k22BtMyCv+33sGX8VmfTyD11GuwSjNGf5WiswKLqFvYBQsHfDDtS3k0ZNTDncGw3Pbilm6QoCuHEyDPaQYin0P+JmkocrL/6QF5uhZVFnsXCH5wntwOa00VFGwpMgQYSfRlReRx42Pu9Jk+iJduZMRBbOMvJI68Z7iJ4DgW/1U9J4MQdCsk7QlFgUstQQfV1zk4VfVfXuxDP3hjx6Q05nDChjpmzJbFunzb7aiy/1/Sl0QhROTpvxrQLksg7yYLw4BRs9ptjehX45A2Sxi8WKOb/g5u3xJNy0X07rE+N+o5v2hS7wF0DLQdK5+4TGtO+Y+ABUCqqA+T1ynAjNBWvsgY5uD4PZjuPgCMSw0JBmIy/P0THi3v5/8Cohvfnspl7Jpf80qENMu3unvvE9EePzgSRZY1PvDjPQfkWy0yBX1yQMhHuVGke9QgaletitwuahRujml37waeUuOl8Rpz+2iV+6OIS4tfO368uLFHKWbobXTbTDXODBgxZ/IyvO7vxM2uDX/kIWaeYKrip3nSyWBYnixwrcS4vm6ZQcoejwp2KCfGQwIE4MnGYRlwcOEYjvyjLkZHDiZEivUQ0rThMYBzec8bQ08QW8oxF+NXkFKG3awt3f7TKTRkYqQcOMpFKmV24KDiwgwm0miQ== JuiceSSH"
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
|
@ -194,7 +195,7 @@ in {
|
||||||
../2configs/realwallpaper.nix
|
../2configs/realwallpaper.nix
|
||||||
];
|
];
|
||||||
services.nginx.virtualHosts."lassul.us".locations."/wallpaper.png".extraConfig = ''
|
services.nginx.virtualHosts."lassul.us".locations."/wallpaper.png".extraConfig = ''
|
||||||
alias /tmp/wallpaper.png;
|
alias /var/realwallpaper/realwallpaper.png;
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
|
@ -254,19 +255,20 @@ in {
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
krebs.Reaktor.coders = let
|
krebs.Reaktor.coders = {
|
||||||
lambdabot = (import (pkgs.fetchFromGitHub {
|
nickname = "Reaktor|lass";
|
||||||
owner = "NixOS"; repo = "nixpkgs";
|
|
||||||
rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac";
|
|
||||||
sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy";
|
|
||||||
}) {}).lambdabot;
|
|
||||||
in {
|
|
||||||
nickname = "reaktor-lass";
|
|
||||||
channels = [ "#coders" ];
|
channels = [ "#coders" ];
|
||||||
extraEnviron = {
|
extraEnviron = {
|
||||||
REAKTOR_HOST = "irc.hackint.org";
|
REAKTOR_HOST = "irc.hackint.org";
|
||||||
};
|
};
|
||||||
plugins = with pkgs.ReaktorPlugins; let
|
plugins = with pkgs.ReaktorPlugins; let
|
||||||
|
|
||||||
|
lambdabot = (import (pkgs.fetchFromGitHub {
|
||||||
|
owner = "NixOS"; repo = "nixpkgs";
|
||||||
|
rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac";
|
||||||
|
sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy";
|
||||||
|
}) {}).lambdabot;
|
||||||
|
|
||||||
lambdabotflags = ''
|
lambdabotflags = ''
|
||||||
-XStandaloneDeriving -XGADTs -XFlexibleContexts \
|
-XStandaloneDeriving -XGADTs -XFlexibleContexts \
|
||||||
-XFlexibleInstances -XMultiParamTypeClasses \
|
-XFlexibleInstances -XMultiParamTypeClasses \
|
||||||
|
@ -349,6 +351,18 @@ in {
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
krebs.Reaktor.prism = {
|
||||||
|
nickname = "Reaktor|lass";
|
||||||
|
channels = [ "#retiolum" ];
|
||||||
|
extraEnviron = {
|
||||||
|
REAKTOR_HOST = "ni.r";
|
||||||
|
};
|
||||||
|
plugins = with pkgs.ReaktorPlugins; [
|
||||||
|
sed-plugin
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.prism;
|
krebs.build.host = config.krebs.hosts.prism;
|
||||||
|
|
|
@ -151,6 +151,10 @@ with import <stockholm/lib>;
|
||||||
p7zip
|
p7zip
|
||||||
unzip
|
unzip
|
||||||
unrar
|
unrar
|
||||||
|
|
||||||
|
(pkgs.writeDashBin "sshn" ''
|
||||||
|
${pkgs.openssh}/bin/ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "$@"
|
||||||
|
'')
|
||||||
];
|
];
|
||||||
|
|
||||||
programs.bash = {
|
programs.bash = {
|
||||||
|
|
|
@ -163,7 +163,6 @@ let
|
||||||
us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#news
|
us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#news
|
||||||
vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news
|
vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news
|
||||||
weechat|http://dev.weechat.org/feed/atom|#news
|
weechat|http://dev.weechat.org/feed/atom|#news
|
||||||
wired_sci|http://www.wired.com/category/science/feed/|#news
|
|
||||||
wp_world|http://feeds.washingtonpost.com/rss/rss_blogpost|#news
|
wp_world|http://feeds.washingtonpost.com/rss/rss_blogpost|#news
|
||||||
xkcd|https://xkcd.com/rss.xml|#news
|
xkcd|https://xkcd.com/rss.xml|#news
|
||||||
zdnet|http://www.zdnet.com/news/rss.xml|#news
|
zdnet|http://www.zdnet.com/news/rss.xml|#news
|
||||||
|
|
|
@ -3,6 +3,6 @@
|
||||||
{
|
{
|
||||||
krebs.build.source.nixpkgs.git = {
|
krebs.build.source.nixpkgs.git = {
|
||||||
url = https://cgit.lassul.us/nixpkgs;
|
url = https://cgit.lassul.us/nixpkgs;
|
||||||
ref = "a563923";
|
ref = "5acb454";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,11 +10,23 @@ in {
|
||||||
krebs.realwallpaper.enable = true;
|
krebs.realwallpaper.enable = true;
|
||||||
|
|
||||||
services.nginx.virtualHosts.wallpaper = {
|
services.nginx.virtualHosts.wallpaper = {
|
||||||
|
extraConfig = ''
|
||||||
|
if ( $server_addr = "${config.krebs.build.host.nets.internet.ip4.addr}" ) {
|
||||||
|
return 403;
|
||||||
|
}
|
||||||
|
'';
|
||||||
serverAliases = [
|
serverAliases = [
|
||||||
hostname
|
hostname
|
||||||
|
"${hostname}.r"
|
||||||
];
|
];
|
||||||
locations."/wallpaper.png".extraConfig = ''
|
locations."/realwallpaper.png".extraConfig = ''
|
||||||
root /tmp/;
|
root /var/realwallpaper/;
|
||||||
|
'';
|
||||||
|
locations."/realwallpaper-sat.png".extraConfig = ''
|
||||||
|
root /var/realwallpaper/;
|
||||||
|
'';
|
||||||
|
locations."/realwallpaper-sat-krebs.png".extraConfig = ''
|
||||||
|
root /var/realwallpaper/;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
12
lass/2configs/syncthing.nix
Normal file
12
lass/2configs/syncthing.nix
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
{
|
||||||
|
services.syncthing = {
|
||||||
|
enable = true;
|
||||||
|
useInotify = true;
|
||||||
|
};
|
||||||
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
|
{ predicate = "-p tcp --dport 22000"; target = "ACCEPT";}
|
||||||
|
{ predicate = "-p udp --dport 21027"; target = "ACCEPT";}
|
||||||
|
];
|
||||||
|
}
|
|
@ -41,6 +41,52 @@ let
|
||||||
|
|
||||||
indent = replaceChars ["\n"] ["\n "];
|
indent = replaceChars ["\n"] ["\n "];
|
||||||
|
|
||||||
|
# https://tools.ietf.org/html/rfc5952
|
||||||
|
normalize-ip6-addr =
|
||||||
|
let
|
||||||
|
max-run-0 =
|
||||||
|
let
|
||||||
|
both = v: { off = v; pos = v; };
|
||||||
|
gt = a: b: a.pos - a.off > b.pos - b.off;
|
||||||
|
|
||||||
|
chkmax = ctx: {
|
||||||
|
cur = both (ctx.cur.pos + 1);
|
||||||
|
max = if gt ctx.cur ctx.max then ctx.cur else ctx.max;
|
||||||
|
};
|
||||||
|
|
||||||
|
incpos = ctx: recursiveUpdate ctx {
|
||||||
|
cur.pos = ctx.cur.pos + 1;
|
||||||
|
};
|
||||||
|
|
||||||
|
f = ctx: blk: (if blk == "0" then incpos else chkmax) ctx;
|
||||||
|
z = { cur = both 0; max = both 0; };
|
||||||
|
in
|
||||||
|
blks: (chkmax (foldl' f z blks)).max;
|
||||||
|
|
||||||
|
group-zeros = a:
|
||||||
|
let
|
||||||
|
blks = splitString ":" a;
|
||||||
|
max = max-run-0 blks;
|
||||||
|
lhs = take max.off blks;
|
||||||
|
rhs = drop max.pos blks;
|
||||||
|
in
|
||||||
|
if max.pos == 0
|
||||||
|
then a
|
||||||
|
else "${concatStringsSep ":" lhs}::${concatStringsSep ":" rhs}";
|
||||||
|
|
||||||
|
drop-leading-zeros =
|
||||||
|
let
|
||||||
|
f = block:
|
||||||
|
let
|
||||||
|
res = match "0*(.+)" block;
|
||||||
|
in
|
||||||
|
if res == null
|
||||||
|
then block # empty block
|
||||||
|
else elemAt res 0;
|
||||||
|
in
|
||||||
|
a: concatStringsSep ":" (map f (splitString ":" a));
|
||||||
|
in
|
||||||
|
a: toLower (group-zeros (drop-leading-zeros a));
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
|
|
||||||
|
|
|
@ -103,6 +103,7 @@ rec {
|
||||||
options = {
|
options = {
|
||||||
addr = mkOption {
|
addr = mkOption {
|
||||||
type = addr6;
|
type = addr6;
|
||||||
|
apply = lib.normalize-ip6-addr;
|
||||||
};
|
};
|
||||||
prefix = mkOption ({
|
prefix = mkOption ({
|
||||||
type = str; # TODO routing prefix (CIDR)
|
type = str; # TODO routing prefix (CIDR)
|
||||||
|
|
|
@ -14,7 +14,7 @@ with import <stockholm/lib>;
|
||||||
stockholm.file = "/home/tv/stockholm";
|
stockholm.file = "/home/tv/stockholm";
|
||||||
nixpkgs.git = {
|
nixpkgs.git = {
|
||||||
url = https://github.com/NixOS/nixpkgs;
|
url = https://github.com/NixOS/nixpkgs;
|
||||||
ref = "69d9061908162bd973fcf34d0fc6dc9d9f8cf9ed"; # nixos-17.03
|
ref = "5acb454e2ad3e3783e63b86a9a31e800d2507e66"; # nixos-17.03
|
||||||
};
|
};
|
||||||
} // optionalAttrs host.secure {
|
} // optionalAttrs host.secure {
|
||||||
secrets-master.file = "/home/tv/secrets/master";
|
secrets-master.file = "/home/tv/secrets/master";
|
||||||
|
|
Loading…
Reference in a new issue