diff --git a/lass/1systems/iso.nix b/lass/1systems/iso.nix
deleted file mode 100644
index a7b9f21b3..000000000
--- a/lass/1systems/iso.nix
+++ /dev/null
@@ -1,193 +0,0 @@
-{ config, pkgs, ... }:
-
-with import <stockholm/lib>;
-{
- imports = [
- <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
- <stockholm/krebs>
- <stockholm/lass/3modules>
- <stockholm/lass/2configs/mc.nix>
- <stockholm/lass/2configs/vim.nix>
- {
- # /dev/stderr doesn't work. I don't know why
- # /proc/self doesn't seem to work correctly
- # /dev/pts is empty except for 1 file
- # my life sucks
- nixpkgs.config.packageOverrides = super: {
- irc-announce = super.callPackage <stockholm/krebs/5pkgs/simple/irc-announce> {
- pkgs = pkgs // {
- coreutils = pkgs.symlinkJoin {
- name = "coreutils-hack";
- paths = [
- (pkgs.writeDashBin "tee" ''
- if test "$1" = /dev/stderr; then
- while read -r line; do
- echo "$line"
- echo "$line" >&2
- done
- else
- ${super.coreutils}/bin/tee "$@"
- fi
- '')
- pkgs.coreutils
- ];
- };
- };
- };
- };
- boot.kernelParams = [ "copytoram" ];
- networking.hostName = "lass-iso";
- }
- {
- nixpkgs.config.packageOverrides = import <stockholm/lass/5pkgs> pkgs;
- krebs.enable = true;
- krebs.build.user = config.krebs.users.lass;
- krebs.build.host = {};
- }
- {
- nixpkgs.config.allowUnfree = true;
- }
- {
- users.extraUsers = {
- root = {
- openssh.authorizedKeys.keys = [
- config.krebs.users.lass.pubkey
- ];
- };
- };
- }
- {
- environment.extraInit = ''
- EDITOR=vim
- '';
- }
- {
- environment.systemPackages = with pkgs; [
- #stockholm
- git
- gnumake
- jq
- parallel
- proot
- populate
-
- #style
- most
- rxvt_unicode.terminfo
-
- #monitoring tools
- htop
- iotop
-
- #network
- iptables
- iftop
-
- #stuff for dl
- aria2
-
- #neat utils
- hashPassword
- krebspaste
- pciutils
- pop
- psmisc
- q
- rs
- tmux
- untilport
- usbutils
-
- #unpack stuff
- p7zip
- unzip
- unrar
-
- #data recovery
- ddrescue
- ntfs3g
- dosfstools
- ];
- }
- {
- programs.bash = {
- enableCompletion = true;
- interactiveShellInit = ''
- HISTCONTROL='erasedups:ignorespace'
- HISTSIZE=65536
- HISTFILESIZE=$HISTSIZE
-
- shopt -s checkhash
- shopt -s histappend histreedit histverify
- shopt -s no_empty_cmd_completion
- complete -d cd
- '';
- promptInit = ''
- if test $UID = 0; then
- PS1='\[\033[1;31m\]\w\[\033[0m\] '
- PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
- elif test $UID = 1337; then
- PS1='\[\033[1;32m\]\w\[\033[0m\] '
- PROMPT_COMMAND='echo -ne "\033]0;$$ $PWD\007"'
- else
- PS1='\[\033[1;33m\]\u@\w\[\033[0m\] '
- PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
- fi
- if test -n "$SSH_CLIENT"; then
- PS1='\[\033[35m\]\h'" $PS1"
- PROMPT_COMMAND='echo -ne "\033]0;$$ $HOSTNAME $USER@$PWD\007"'
- fi
- '';
- };
- }
- {
- services.openssh = {
- enable = true;
- hostKeys = [
- # XXX bits here make no science
- { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
- ];
- };
- systemd.services.sshd.wantedBy = mkForce [ "multi-user.target" ];
- }
- {
- networking.firewall = {
- enable = true;
- allowedTCPPorts = [ 22 ];
- };
- }
- {
- krebs.hidden-ssh.enable = true;
- }
- {
- services.xserver = {
- enable = true;
- #videoDrivers = mkForce [ "ati_unfree" ];
-
- desktopManager.xterm.enable = false;
- desktopManager.default = "none";
- displayManager.lightdm.enable = true;
- displayManager.lightdm.autoLogin = {
- enable = true;
- user = "lass";
- };
- windowManager.default = "xmonad";
- windowManager.session = let
- xmonad-lass = pkgs.callPackage <stockholm/lass/5pkgs/custom/xmonad-lass> { inherit config; };
- in [{
- name = "xmonad";
- start = ''
- ${pkgs.xorg.xhost}/bin/xhost +LOCAL:
- ${xmonad-lass}/bin/xmonad &
- waitPID=$!
- '';
- }];
-
- layout = "us";
- xkbModel = "evdev";
- xkbVariant = "altgr-intl";
- xkbOptions = "caps:backspace";
- };
- }
- ];
-}
diff --git a/lass/1systems/iso/default.nix b/lass/1systems/iso/default.nix
new file mode 100644
index 000000000..ba483f5f0
--- /dev/null
+++ b/lass/1systems/iso/default.nix
@@ -0,0 +1,212 @@
+{ config, pkgs, ... }:
+with import <stockholm/lib>;
+
+let
+
+ wizard = pkgs.writers.writeBash "wizard" ''
+ set -x
+ shopt -s extglob
+
+ echo -n '
+ welcome to the computer wizard
+ first we will check for internet connectivity
+ (press enter to continue)
+ '
+ read -n 1 -s
+ if ! ping -c1 lassul.us; then
+ echo 'no internet detectio, you will have to provide credentials'
+ read -n 1 -s
+ nmtui
+ fi
+
+ # ping -c1 lassuls.us || ${pkgs.writeDash "nm-dmenu" ''
+ # set -x
+ # export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
+ # exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
+ # ''}
+
+ mode=$(echo -n '
+ 1. help of the wizard
+ 2. let the wizard watch and help if needed
+ 3. I will do it alone
+ ' | ${pkgs.fzf}/bin/fzf --reverse)
+ case "$mode" in
+ 1*)
+ echo 'mode_1' > /tmp/mode
+ systemctl start hidden-ssh-announce.service
+ tmux new -s help
+ ;;
+ 2*)
+ echo 'mode_2' > /tmp/mode
+ ;;
+ 3*)
+ echo 'mode_3' > /tmp/mode
+ ;;
+ *)
+ echo 'no mode selected'
+ ;;
+ esac
+ '';
+
+in {
+ imports = [
+ <stockholm/krebs>
+ <stockholm/lass/3modules>
+ <stockholm/lass/2configs/vim.nix>
+ {
+ nixpkgs.config.packageOverrides = import <stockholm/lass/5pkgs> pkgs;
+ krebs.enable = true;
+ krebs.build.user = config.krebs.users.lass;
+ krebs.build.host = {};
+ }
+ # {
+ # systemd.services.wizard = {
+ # description = "Computer Wizard";
+ # wantedBy = [ "multi-user.target" ];
+ # serviceConfig = {
+ # ExecStart = pkgs.writers.writeDash "wizard" ''
+ # set -efu
+ # cat <<EOF
+ # welcome to the computer wizard
+ # you can choose between the following modes
+ # echo -n '1\n2\n3' | ${pkgs.fzf}/bin/fzf
+ # EOF
+ # '';
+ # StandardInput = "tty";
+ # StandardOutput = "tty";
+ # # TTYPath = "/dev/tty1";
+ # TTYPath = "/dev/ttyS0";
+ # TTYReset = true;
+ # TTYVTDisallocate = true;
+ # Restart = "always";
+ # };
+ # };
+ # }
+ ];
+
+ networking.hostName = "wizard";
+ nixpkgs.config.allowUnfree = true;
+
+ users.extraUsers = {
+ root = {
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.lass.pubkey
+ config.krebs.users.lass-mors.pubkey
+ ];
+ };
+ };
+
+ environment.systemPackages = with pkgs; [
+ #stockholm
+ git
+ gnumake
+ jq
+ parallel
+ proot
+ populate
+
+ #style
+ most
+ rxvt_unicode.terminfo
+
+ #monitoring tools
+ htop
+ iotop
+
+ #network
+ iptables
+ iftop
+
+ #stuff for dl
+ aria2
+
+ #neat utils
+ dmenu
+ hashPassword
+ krebspaste
+ pciutils
+ pop
+ psmisc
+ q
+ rs
+ tmux
+ untilport
+ usbutils
+
+ #unpack stuff
+ p7zip
+ unzip
+ unrar
+
+ #data recovery
+ ddrescue
+ ntfs3g
+ dosfstools
+ ];
+
+ environment.extraInit = ''
+ EDITOR=vim
+ '';
+
+ programs.bash = {
+ enableCompletion = true;
+ interactiveShellInit = ''
+ HISTCONTROL='erasedups:ignorespace'
+ HISTSIZE=65536
+ HISTFILESIZE=$HISTSIZE
+
+ shopt -s checkhash
+ shopt -s histappend histreedit histverify
+ shopt -s no_empty_cmd_completion
+ complete -d cd
+ '';
+ promptInit = ''
+ if test $UID = 0; then
+ PS1='\[\033[1;31m\]\w\[\033[0m\] '
+ PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
+ elif test $UID = 1337; then
+ PS1='\[\033[1;32m\]\w\[\033[0m\] '
+ PROMPT_COMMAND='echo -ne "\033]0;$$ $PWD\007"'
+ else
+ PS1='\[\033[1;33m\]\u@\w\[\033[0m\] '
+ PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
+ fi
+ if test -n "$SSH_CLIENT"; then
+ PS1='\[\033[35m\]\h'" $PS1"
+ PROMPT_COMMAND='echo -ne "\033]0;$$ $HOSTNAME $USER@$PWD\007"'
+ fi
+ if ! test -e /tmp/mode; then
+ ${wizard}
+ fi
+ '';
+ };
+
+ services.openssh.enable = true;
+ systemd.services.sshd.wantedBy = mkForce [ "multi-user.target" ];
+
+ networking.firewall = {
+ enable = true;
+ allowedTCPPorts = [ 22 ];
+ };
+ networking.networkmanager.enable = true;
+ networking.wireless.enable = mkForce false;
+
+ krebs.hidden-ssh = {
+ enable = true;
+ channel = "##lassulus-wizard";
+
+ };
+ systemd.services.hidden-ssh-announce.wantedBy = mkForce [];
+ services.mingetty.autologinUser = "root";
+
+ nixpkgs.config.packageOverrides = super: {
+ dmenu = pkgs.writeDashBin "dmenu" ''
+ ${pkgs.fzf}/bin/fzf \
+ --history=/dev/null \
+ --print-query \
+ --prompt=\"$PROMPT\"
+ '';
+ };
+
+ boot.tmpOnTmpfs = true;
+}
diff --git a/lass/1systems/iso/generate-iso.sh b/lass/1systems/iso/generate-iso.sh
new file mode 100755
index 000000000..3179b31c1
--- /dev/null
+++ b/lass/1systems/iso/generate-iso.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env nix-shell
+#! nix-shell -i bash -p nixos-generators
+
+set -xefu
+
+WD=$(dirname "$0")
+nixos-generate -I stockholm="$WD"/../../.. -c "$WD"/default.nix -f install-iso