Merge remote-tracking branch 'gum/master'
This commit is contained in:
lassulus
commit
58886abed9
|
|
@ -161,6 +161,7 @@ in
|
|||
|
||||
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.ulrich.pubkey
|
||||
config.krebs.users.raute.pubkey
|
||||
config.krebs.users.makefu-omo.pubkey
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
|
||||
];
|
||||
|
|
|
|||
|
|
@ -38,6 +38,9 @@
|
|||
})
|
||||
];
|
||||
networking.wireless.enable = true;
|
||||
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.Mic92.pubkey
|
||||
];
|
||||
|
||||
# File systems configuration for using the installer's partition layout
|
||||
fileSystems = {
|
||||
|
|
|
|||
|
|
@ -124,7 +124,6 @@ in {
|
|||
<stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
|
||||
# <stockholm/makefu/2configs/nginx/gold.krebsco.de.nix>
|
||||
<stockholm/makefu/2configs/nginx/iso.euer.nix>
|
||||
<stockholm/krebs/2configs/cache.nsupdate.info.nix>
|
||||
|
||||
<stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
|
||||
<stockholm/makefu/2configs/deployment/graphs.nix>
|
||||
|
|
|
|||
|
|
@ -3,6 +3,8 @@
|
|||
with import <stockholm/lib>;
|
||||
let
|
||||
ident = (builtins.readFile ./auphonic.pub);
|
||||
bgtaccess = "/var/spool/nginx/logs/binaergewitter.access.log";
|
||||
bgterror = "/var/spool/nginx/logs/binaergewitter.error.log";
|
||||
in {
|
||||
services.openssh = {
|
||||
allowSFTP = true;
|
||||
|
|
@ -21,6 +23,19 @@ in {
|
|||
useDefaultShell = true;
|
||||
openssh.authorizedKeys.keys = [ ident config.krebs.users.makefu.pubkey ];
|
||||
};
|
||||
services.logrotate = {
|
||||
enable = true;
|
||||
config = ''
|
||||
${bgtaccess} ${bgterror} {
|
||||
rotate 5
|
||||
weekly
|
||||
create 600 nginx nginx
|
||||
postrotate
|
||||
${pkgs.systemd}/bin/systemctl reload nginx
|
||||
endscript
|
||||
}
|
||||
'';
|
||||
};
|
||||
services.nginx = {
|
||||
enable = lib.mkDefault true;
|
||||
recommendedGzipSettings = true;
|
||||
|
|
@ -29,10 +44,21 @@ in {
|
|||
serverAliases = [ "dl2.binaergewitter.de" ];
|
||||
root = "/var/www/binaergewitter";
|
||||
extraConfig = ''
|
||||
access_log /var/spool/nginx/logs/binaergewitter.access.log combined;
|
||||
error_log /var/spool/nginx/logs/binaergewitter.error.log error;
|
||||
access_log ${bgtaccess} combined;
|
||||
error_log ${bgterror} error;
|
||||
autoindex on;
|
||||
'';
|
||||
};
|
||||
};
|
||||
environment.etc."netdata/python.d/web_log.conf".text = ''
|
||||
nginx_log3:
|
||||
name: 'nginx'
|
||||
path: '/var/spool/nginx/logs/access.log'
|
||||
nginx_log4:
|
||||
name: 'bgt'
|
||||
path: '${bgtaccess}'
|
||||
'';
|
||||
|
||||
users.users.netdata.extraGroups = [ "nginx" ];
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -169,6 +169,7 @@ in {
|
|||
( serveCloud [ "o.euer.krebsco.de" ] )
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
services.redis.enable = true;
|
||||
services.mysql = {
|
||||
enable = false;
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
{pkgs, ... }: {
|
||||
imports = [ ./zsh.nix ];
|
||||
home-manager.users.makefu = {
|
||||
services.gpg-agent = {
|
||||
enable = true;
|
||||
|
|
@ -9,7 +10,34 @@
|
|||
enableSshSupport = true;
|
||||
enableScDaemon = true;
|
||||
};
|
||||
programs.fzf.enable = true; # alt-c
|
||||
programs.direnv = {
|
||||
stdlib = ''
|
||||
use_nix() {
|
||||
local cache=".direnv.$(nixos-version --hash)"
|
||||
|
||||
if [[ ! -e "$cache" ]] || \
|
||||
[[ "$HOME/.direnvrc" -nt "$cache" ]] || \
|
||||
[[ ".envrc" -nt "$cache" ]] || \
|
||||
[[ "default.nix" -nt "$cache" ]] || \
|
||||
[[ "shell.nix" -nt "$cache" ]];
|
||||
then
|
||||
local tmp="$(mktemp "$${cache}.tmp-XXXXXXXX")"
|
||||
trap "rm -rf '$tmp' >/dev/null" EXIT
|
||||
nix-shell --show-trace "$@" --run 'direnv dump' > "$tmp" && \
|
||||
mv "$tmp" "$cache"
|
||||
fi
|
||||
|
||||
direnv_load cat "$cache"
|
||||
|
||||
if [[ $# = 0 ]]; then
|
||||
watch_file default.nix
|
||||
watch_file shell.nix
|
||||
rm direnv.* 2>/dev/null
|
||||
fi
|
||||
}
|
||||
'';
|
||||
enableZshIntegration = true;
|
||||
};
|
||||
};
|
||||
services.udev.packages = [
|
||||
pkgs.libu2f-host
|
||||
|
|
|
|||
|
|
@ -1,11 +1,13 @@
|
|||
{ pkgs, lib, ... }:
|
||||
{ pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
users.users.makefu.packages = with pkgs;[ bat direnv ];
|
||||
home-manager.users.makefu = {
|
||||
programs.browserpass = { browsers = [ "firefox" ] ; enable = true; };
|
||||
programs.firefox.enable = true;
|
||||
programs.obs-studio.enable = true;
|
||||
xdg.enable = true;
|
||||
services.network-manager-applet.enable = true;
|
||||
systemd.user.services.network-manager-applet.Service.Environment = ''XDG_DATA_DIRS=/etc/profiles/per-user/makefu/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
|
||||
services.blueman-applet.enable = true;
|
||||
services.pasystray.enable = true;
|
||||
systemd.user.services.pasystray.Service.Environment = "PATH=" + (lib.makeBinPath (with pkgs;[ pavucontrol paprefs /* pavumeter */ /* paman */ ]) );
|
||||
|
|
@ -34,7 +36,6 @@
|
|||
};
|
||||
|
||||
Service = {
|
||||
Environment = ''XDG_DATA_DIRS=/etc/profiles/per-user/makefu/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
|
||||
ExecStart = "${pkgs.clipit}/bin/clipit";
|
||||
Restart = "on-abort";
|
||||
};
|
||||
|
|
|
|||
126
makefu/2configs/home-manager/zsh.nix
Normal file
126
makefu/2configs/home-manager/zsh.nix
Normal file
|
|
@ -0,0 +1,126 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
{ #direnv
|
||||
home-manager.users.makefu.home.packages = [ pkgs.direnv ];
|
||||
home-manager.users.makefu.home.file.".direnvrc".text = ''
|
||||
use_nix() {
|
||||
local path="$(nix-instantiate --find-file nixpkgs)"
|
||||
|
||||
if [ -f "$${path}/.version-suffix" ]; then
|
||||
local version="$(< $path/.version-suffix)"
|
||||
elif [ -f "$path/.version" ]; then
|
||||
local version="$(< $path/.version)"
|
||||
else
|
||||
local version="$(< $(< $path/.git/HEAD))"
|
||||
fi
|
||||
|
||||
local cache=".direnv/cache-''${version:-unknown}"
|
||||
|
||||
if [[ ! -e "$cache" ]] || \
|
||||
[[ "$HOME/.direnvrc" -nt "$cache" ]] || \
|
||||
[[ .envrc -nt "$cache" ]] || \
|
||||
[[ default.nix -nt "$cache" ]] || \
|
||||
[[ shell.nix -nt "$cache" ]];
|
||||
then
|
||||
[ -d .direnv ] || mkdir .direnv
|
||||
local tmp=$(nix-shell --show-trace "$@" \
|
||||
--run "\"$direnv\" dump bash")
|
||||
echo "$tmp" > "$cache"
|
||||
fi
|
||||
|
||||
local path_backup=$PATH term_backup=$TERM
|
||||
direnv_load cat "$cache"
|
||||
|
||||
export PATH=$PATH:$path_backup TERM=$term_backup
|
||||
|
||||
if [[ $# = 0 ]]; then
|
||||
watch_file default.nix
|
||||
watch_file shell.nix
|
||||
fi
|
||||
}
|
||||
'';
|
||||
home-manager.users.makefu.programs.zsh.initExtra = ''
|
||||
nixify() {
|
||||
if [ ! -e ./.envrc ]; then
|
||||
echo "use nix" > .envrc
|
||||
direnv allow
|
||||
fi
|
||||
if [ ! -e default.nix ]; then
|
||||
cat > default.nix <<'EOF'
|
||||
with import <nixpkgs> {};
|
||||
stdenv.mkDerivation {
|
||||
name = "env";
|
||||
buildInputs = [
|
||||
bashInteractive
|
||||
];
|
||||
}
|
||||
EOF
|
||||
${EDITOR:-vim} default.nix
|
||||
fi
|
||||
}
|
||||
eval "$(direnv hook zsh)"
|
||||
'';
|
||||
}
|
||||
{ # bat
|
||||
home-manager.users.makefu.home.packages = [ pkgs.bat ];
|
||||
home-manager.users.makefu.programs.zsh.shellAliases = {
|
||||
cat = "bat";
|
||||
catn = "${pkgs.coreutils}/bin/cat";
|
||||
};
|
||||
}
|
||||
];
|
||||
environment.pathsToLink = [ "/share/zsh" ];
|
||||
home-manager.users.makefu = {
|
||||
programs.fzf.enable = false; # alt-c
|
||||
programs.zsh = {
|
||||
enable = true;
|
||||
enableAutosuggestions = false;
|
||||
enableCompletion = true;
|
||||
oh-my-zsh.enable = false;
|
||||
history = {
|
||||
size = 900001;
|
||||
save = 900001;
|
||||
ignoreDups = true;
|
||||
extended = true;
|
||||
share = true;
|
||||
};
|
||||
sessionVariables = {
|
||||
TERM = "rxvt-unicode-256color";
|
||||
LANG = "en_US.UTF8";
|
||||
LS_COLORS = ":di=1;31:";
|
||||
EDITOR = "vim";
|
||||
};
|
||||
shellAliases = {
|
||||
lsl = "ls -lAtr";
|
||||
t = "task";
|
||||
xo = "mimeopen";
|
||||
nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml";
|
||||
};
|
||||
initExtra = ''
|
||||
bindkey -e
|
||||
# shift-tab
|
||||
bindkey '^[[Z' reverse-menu-complete
|
||||
bindkey "\e[3~" delete-char
|
||||
zstyle ':completion:*' menu select
|
||||
|
||||
setopt HIST_IGNORE_ALL_DUPS
|
||||
setopt HIST_IGNORE_SPACE
|
||||
setopt HIST_FIND_NO_DUPS
|
||||
|
||||
unset SSH_AGENT_PID
|
||||
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
|
||||
compdef _pass brain
|
||||
zstyle ':completion::complete:brain::' prefix "$HOME/brain"
|
||||
compdef _pass secrets
|
||||
zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/"
|
||||
|
||||
# ctrl-x ctrl-e
|
||||
autoload -U edit-command-line
|
||||
zle -N edit-command-line
|
||||
bindkey '^xe' edit-command-line
|
||||
bindkey '^x^e' edit-command-line
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -1,83 +1,11 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
##
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
mainUser = config.krebs.build.user.name;
|
||||
in
|
||||
{
|
||||
users.extraUsers.${mainUser}.shell = "/run/current-system/sw/bin/zsh";
|
||||
programs.zsh= {
|
||||
enable = true;
|
||||
enableCompletion = true ; #manually at the end
|
||||
interactiveShellInit = ''
|
||||
HISTSIZE=900001
|
||||
HISTFILESIZE=$HISTSIZE
|
||||
SAVEHIST=$HISTSIZE
|
||||
HISTFILE=$HOME/.zsh_history
|
||||
|
||||
setopt HIST_IGNORE_ALL_DUPS
|
||||
setopt HIST_IGNORE_SPACE
|
||||
setopt HIST_FIND_NO_DUPS
|
||||
bindkey -e
|
||||
# shift-tab
|
||||
bindkey '^[[Z' reverse-menu-complete
|
||||
bindkey "\e[3~" delete-char
|
||||
zstyle ':completion:*' menu select
|
||||
|
||||
${pkgs.gnupg}/bin/gpg-connect-agent updatestartuptty /bye >/dev/null
|
||||
GPG_TTY=$(tty)
|
||||
export GPG_TTY
|
||||
LS_COLORS=$LS_COLORS:'di=1;31:' ; export LS_COLORS
|
||||
|
||||
unset SSH_AGENT_PID
|
||||
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
|
||||
|
||||
# fzf
|
||||
__fsel_fzf() {
|
||||
local cmd="''${FZF_CTRL_T_COMMAND:-"command find -L . -mindepth 1 \\( -path '*/\\.*' -o -fstype 'sysfs' -o -fstype 'devfs' -o -fstype 'devtmpfs' -o -fstype 'proc' \\) -prune \
|
||||
-o -type f -print \
|
||||
-o -type d -print \
|
||||
-o -type l -print 2> /dev/null | cut -b3-"}"
|
||||
setopt localoptions pipefail 2> /dev/null
|
||||
eval "$cmd" | FZF_DEFAULT_OPTS="--height ''${FZF_TMUX_HEIGHT:-40%} --reverse $FZF_DEFAULT_OPTS $FZF_CTRL_T_OPTS" $(__fzfcmd) -m "$@" | while read item; do
|
||||
echo -n "''${(q)item} "
|
||||
done
|
||||
local ret=$?
|
||||
echo
|
||||
return $ret
|
||||
}
|
||||
|
||||
__fzf_use_tmux__() {
|
||||
[ -n "$TMUX_PANE" ] && [ "''${FZF_TMUX:-0}" != 0 ] && [ ''${LINES:-40} -gt 15 ]
|
||||
}
|
||||
|
||||
__fzfcmd() {
|
||||
__fzf_use_tmux__ &&
|
||||
echo "fzf-tmux -d''${FZF_TMUX_HEIGHT:-40%}" || echo "fzf"
|
||||
}
|
||||
|
||||
fzf-file-widget() {
|
||||
LBUFFER="''${LBUFFER}$(__fsel_fzf)"
|
||||
local ret=$?
|
||||
zle redisplay
|
||||
typeset -f zle-line-init >/dev/null && zle zle-line-init
|
||||
return $ret
|
||||
}
|
||||
zle -N fzf-file-widget
|
||||
bindkey '^T' fzf-file-widget
|
||||
|
||||
compdef _pass brain
|
||||
zstyle ':completion::complete:brain::' prefix "$HOME/brain"
|
||||
compdef _pass secrets
|
||||
zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/"
|
||||
|
||||
# ctrl-x ctrl-e
|
||||
autoload -U edit-command-line
|
||||
zle -N edit-command-line
|
||||
bindkey '^xe' edit-command-line
|
||||
bindkey '^x^e' edit-command-line
|
||||
|
||||
'';
|
||||
enableCompletion = false; #manually at the end
|
||||
|
||||
promptInit = ''
|
||||
RPROMPT=""
|
||||
|
|
@ -93,8 +21,8 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
users.users.${mainUser}.packages = [
|
||||
pkgs.nix-zsh-completions
|
||||
pkgs.fzf
|
||||
];
|
||||
users.users.${mainUser} = {
|
||||
shell = "/run/current-system/sw/bin/zsh";
|
||||
packages = [ pkgs.nix-zsh-completions ];
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue