makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions 1 Packages Projects Releases Wiki Activity

jeschli: +bln

Browse source
This commit is contained in:
Markus Hihn 2017-12-14 17:10:28 +01:00
parent 3a235667ca
commit 98e5141a8d
9 changed files with 411 additions and 509 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

189
jeschli/1systems/bln/config.nix Normal file
View file

@ -0,0 +1,189 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
<stockholm/jeschli>
./hardware-configuration.nix
# ./dcso-vpn.nix
];
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# boot.loader.grub.efiSupport = true;
# boot.loader.grub.efiInstallAsRemovable = true;
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
boot.loader.grub.extraEntries = ''
menuentry "Debian GNU/Linux, kernel 4.9.0-4-amd64" {
search --set=drive1 --fs-uuid f169fd32-bf96-4da0-bc34-294249ffa606
linux ($drive1)/vmlinuz-4.9.0-4-amd64 root=/dev/mapper/pool-debian ro
initrd ($drive1)/initrd.img-4.9.0-4-amd64
}
'';
boot.initrd.luks.devices = [
{
name = "root";
device = "/dev/disk/by-uuid/cba5d550-c3c8-423e-a913-14b5210bdd32";
preLVM = true;
allowDiscards = true;
}
];
networking.hostName = "BLN02NB0154"; # Define your hostname.
networking.networkmanager.enable = true;
#networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Select internationalisation properties.
# i18n = {
# consoleFont = "Lat2-Terminus16";
# consoleKeyMap = "us";
# defaultLocale = "en_US.UTF-8";
# };
# Set your time zone.
time.timeZone = "Europe/Berlin";
# List packages installed in system profile. To search by name, run:
# $ nix-env -qaP | grep wget
nixpkgs.config.allowUnfree = true;
environment.shellAliases = { n = "nix-shell"; };
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
environment.systemPackages = with pkgs; [
# system helper
ag
copyq
dmenu
git
i3lock
keepass
networkmanagerapplet
rsync
terminator
tmux
wget
rxvt_unicode
# editors
emacs
# internet
thunderbird
hipchat
chromium
google-chrome
# programming languages
go
gcc
ghc
python35
python35Packages.pip
# go tools
golint
gotools
# dev tools
gnumake
jetbrains.pycharm-professional
jetbrains.webstorm
jetbrains.goland
texlive.combined.scheme-full
pandoc
redis
# document viewer
zathura
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
programs.bash.enableCompletion = true;
programs.vim.defaultEditor = true;
# programs.mtr.enable = true;
# programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Enable CUPS to print documents.
services.printing.enable = true;
services.printing.drivers = [ pkgs.postscript-lexmark ];
# Enable the X11 windowing system.
services.xserver.enable = true;
# services.xserver.xrandrHeads = [
# { output = "eDP1"; }
# { output = "DP-2-2-8"; primary = true; }
# { output = "DP-2-1-8"; monitorConfig = ''Option "Rotate" "left"''; }
# ];
# services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
# Enable touchpad support.
# services.xserver.libinput.enable = true;
# Enable the KDE Desktop Environment.
# services.xserver.displayManager.lightdm.enable = true;
services.xserver.windowManager.xmonad.enable = true;
services.xserver.windowManager.xmonad.enableContribAndExtras = true;
# services.xserver.desktopManager.gnome3.enable = true;
# services.xserver.displayManager.gdm.enable = true;
services.xserver.displayManager.sddm.enable = true;
#services.xserver.desktopManager.plasma5.enable = true;
# services.xserver.displayManager.sessionCommands = ''
# (sleep 1 && ${pkgs.xorg.xrandr}/bin/xrandr --output VIRTUAL1 --off --output eDP1 --mode 1920x1080 --pos 5120x688 --rotate normal --output DP1 --off --output DP2-1 --mode 2560x1440 --pos 2560x328 --rotate normal --output DP2-2 --primary --mode 2560x1440 --pos 0x328 --rotate normal --output DP2-3 --off --output HDMI2 --off --output HDMI1 --off --output DP2 --off
#'';
# Define a user account. Don't forget to set a password with passwd.
users.extraUsers.markus = {
isNormalUser = true;
extraGroups = ["docker"];
uid = 1000;
};
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "17.09"; # Did you read the comment?
# Gogland Debugger workaround
# nixpkgs.config.packageOverrides = super: {
# idea.gogland = lib.overrideDerivation super.idea.gogland (attrs: {
# postFixup = ''
# interp="$(cat $NIX_CC/nix-support/dynamic-linker)"
# patchelf --set-interpreter $interp $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
# chmod +x $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
# '';
# });
# };
# virtualisation.docker.enable = true;
# DCSO Certificates
security.pki.certificateFiles = [
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "14vz9c0fk6li0a26vx0s5ha6y3yivnshx9pjlh9vmnpkbph5a7rh"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "0r1dd48a850cv7whk4g2maik550rd0vsrsl73r6x0ivzz7ap1xz5"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "0b5cdchdkvllnr0kz35d8jrmrf9cjw0kd98mmvzr0x6nkc8hwpdy"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "0rn57zv1ry9vj4p2248mxmafmqqmdhbrfx1plszrxsphshbk2hfz"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "0w88qaqhwxzvdkx40kzj2gka1yi85ipppjdkxah4mscwfhlryrnk"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; })
];
hardware.bluetooth.enable = true;
krebs.build.host = config.krebs.hosts.bln;
}

34
jeschli/1systems/bln/hardware-configuration.nix Normal file
View file

@ -0,0 +1,34 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, ... }:
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" "rtsx_pci_sdmmc" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/02144ea4-947d-440e-bbf9-99cab0dccf05";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/f169fd32-bf96-4da0-bc34-294249ffa606";
fsType = "ext2";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/68ef2163-7b3d-4dbb-add9-d3543ad7c738";
fsType = "ext4";
};
swapDevices = [ ];
nix.maxJobs = lib.mkDefault 4;
powerManagement.cpuFreqGovernor = "powersave";
}

4
jeschli/1systems/bln/source.nix Normal file
View file

@ -0,0 +1,4 @@
import <stockholm/jeschli/source.nix> {
name = "bln";
secure = true;
}

102
jeschli/2configs/copy-vim.nix
View file

@ -1,102 +0,0 @@
{ config, pkgs, ... }:
# let
# customPlugins.ultisnips = pkgs.vimUtils.buildVimPlugin {
# name = "ultisnips";
# src = pkgs.fetchFromGitHub {
# owner = "SirVer";
# repo = "ultisnips";
# rev = "3.1";
# sha256 = "0p9d91h9pm0nx0d77lqsgv6158q052cyj4nm1rd6zvbay9bkkf8b";
# };
# };
#
let
customPlugins.vim-javascript = pkgs.vimUtils.buildVimPlugin {
name = "vim-javascript";
src = pkgs.fetchFromGitHub {
owner = "pangloss";
repo = "vim-javascript";
rev = "1.2.5.1";
sha256 = "08l7ricd3j5h2bj9i566byh39v9n5wj5mj75f2c8a5dsc732b2k7";
};
};
customPlugins.vim-jsx = pkgs.vimUtils.buildVimPlugin {
name = "vim-jsx";
src = pkgs.fetchFromGitHub {
owner = "mxw";
repo = "vim-jsx";
rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a";
sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a";
};
};
in {
# {
environment.systemPackages = [
(pkgs.vim_configurable.customize {
name = "vim";
vimrcConfig.customRC = ''
:imap jk <Esc>
:vmap v v
:map gr :GoRun<Enter>
:nnoremap <S-TAB> :bnext<CR>
:nnoremap <C-TAB> <c-w><c-w>
set autowrite
set number
set ruler
noremap x "_x
set clipboard=unnamedplus
let g:jsx_ext_required = 0
let g:go_list_type = "quickfix"
let g:go_test_timeout = '10s'
let g:go_fmt_command = "goimports"
let g:go_snippet_case_type = "camelcase"
let g:go_highlight_types = 1
let g:go_highlight_fields = 1
let g:go_highlight_functions = 1
let g:go_highlight_methods = 1
let g:go_highlight_extra_types = 1
autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4
let g:rehash256 = 1
let g:molokai_original = 1
colorscheme molokai
let g:go_metalinter_enabled = ['vet', 'golint', 'errcheck']
let g:go_metalinter_autosave = 1
" let g:go_metalinter_autosave_enabled = ['vet', 'golint']
" let g:go_def_mode = 'godef'
" let g:go_decls_includes = "func,type"
" Trigger configuration. Do not use <tab> if you use https://github.com/Valloric/YouCompleteMe.
let g:UltiSnipsExpandTrigger="<c-e>"
let g:UltiSnipsJumpForwardTrigger="<c-t>"
let g:UltiSnipsJumpBackwardTrigger="<c-q>"
" If you want :UltiSnipsEdit to split your window.
let g:UltiSnipsEditSplit="vertical"
if has('persistent_undo') "check if your vim version supports it
set undofile "turn on the feature
set undodir=$HOME/.vim/undo "directory where the undo files will be stored
endif
'';
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
vimrcConfig.vam.pluginDictionaries = [
{ names = [ "undotree" "molokai" ]; } # wanted: fatih/molokai
# vim-nix handles indentation better but does not perform sanity
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
{ names = [ "vim-go" ]; ft_regex = "^go\$"; } # wanted: nsf/gocode
{ names = [ "vim-javascript" ]; ft_regex = "^js\$"; }
{ names = [ "vim-jsx" ]; ft_regex = "^js\$"; }
{ names = [ "UltiSnips" ]; ft_regex = "^go\$"; }
];
})
];
}

451
jeschli/2configs/vim.nix
View file

@ -1,373 +1,92 @@
{ config, lib, pkgs, ... }:
{ config, pkgs, ... }:
with import <stockholm/lib>;
let
out = {
environment.systemPackages = [
(hiPrio vim)
pkgs.python35Packages.flake8
];
environment.etc.vimrc.source = vimrc;
environment.variables.EDITOR = mkForce "vim";
environment.variables.VIMINIT = ":so /etc/vimrc";
customPlugins.vim-javascript = pkgs.vimUtils.buildVimPlugin {
name = "vim-javascript";
src = pkgs.fetchFromGitHub {
owner = "pangloss";
repo = "vim-javascript";
rev = "1.2.5.1";
sha256 = "08l7ricd3j5h2bj9i566byh39v9n5wj5mj75f2c8a5dsc732b2k7";
};
};
vimrc = pkgs.writeText "vimrc" ''
set nocompatible
set autoindent
set backspace=indent,eol,start
set backup
set backupdir=${dirs.backupdir}/
set directory=${dirs.swapdir}//
set hlsearch
set incsearch
set mouse=a
set ruler
set pastetoggle=<INS>
set runtimepath=${extra-runtimepath},$VIMRUNTIME
set shortmess+=I
set showcmd
set showmatch
set ttimeoutlen=0
set undodir=${dirs.undodir}
set undofile
set undolevels=1000000
set undoreload=1000000
set viminfo='20,<1000,s100,h,n${files.viminfo}
set visualbell
set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
set wildmenu
set wildmode=longest,full
set title
set titleold=
set titlestring=(vim)\ %t%(\ %M%)%(\ (%{expand(\"%:p:h\")})%)%(\ %a%)\ -\ %{v:servername}
set et ts=2 sts=2 sw=2
filetype plugin indent on
set t_Co=256
colorscheme hack
syntax on
au Syntax * syn match Garbage containedin=ALL /\s\+$/
\ | syn match TabStop containedin=ALL /\t\+/
\ | syn keyword Todo containedin=ALL TODO
au BufRead,BufNewFile *.hs so ${hs.vim}
au BufRead,BufNewFile *.nix so ${nix.vim}
au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile
"Syntastic config
let g:syntastic_python_checkers=['flake8']
let g:syntastic_python_flake8_post_args='--ignore=E501'
nmap <esc>q :buffer
nmap <M-q> :buffer
cnoremap <C-A> <Home>
noremap <C-c> :q<cr>
vnoremap < <gv
vnoremap > >gv
nnoremap <esc>[5^ :tabp<cr>
nnoremap <esc>[6^ :tabn<cr>
nnoremap <esc>[5@ :tabm -1<cr>
nnoremap <esc>[6@ :tabm +1<cr>
nnoremap <f1> :tabp<cr>
nnoremap <f2> :tabn<cr>
inoremap <f1> <esc>:tabp<cr>
inoremap <f2> <esc>:tabn<cr>
" <C-{Up,Down,Right,Left>
noremap <esc>Oa <nop> | noremap! <esc>Oa <nop>
noremap <esc>Ob <nop> | noremap! <esc>Ob <nop>
noremap <esc>Oc <nop> | noremap! <esc>Oc <nop>
noremap <esc>Od <nop> | noremap! <esc>Od <nop>
" <[C]S-{Up,Down,Right,Left>
noremap <esc>[a <nop> | noremap! <esc>[a <nop>
noremap <esc>[b <nop> | noremap! <esc>[b <nop>
noremap <esc>[c <nop> | noremap! <esc>[c <nop>
noremap <esc>[d <nop> | noremap! <esc>[d <nop>
" search with ack
let g:ackprg = 'ag --vimgrep'
cnoreabbrev Ack Ack!
" copy/paste from/to xclipboard
noremap x "_x
set clipboard=unnamedplus
'';
extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [
pkgs.vimPlugins.ack-vim
pkgs.vimPlugins.Gundo
pkgs.vimPlugins.Syntastic
pkgs.vimPlugins.undotree
pkgs.vimPlugins.vim-go
(pkgs.vimUtils.buildVimPlugin {
name = "file-line-1.0";
src = pkgs.fetchFromGitHub {
owner = "bogado";
repo = "file-line";
rev = "1.0";
sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0";
};
})
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "hack";
in {
name = "vim-color-${name}-1.0.2";
destination = "/colors/${name}.vim";
text = /* vim */ ''
set background=dark
hi clear
if exists("syntax_on")
syntax clear
endif
let colors_name = ${toJSON name}
hi Normal ctermbg=235
hi Comment ctermfg=242
hi Constant ctermfg=062
hi Identifier ctermfg=068
hi Function ctermfg=041
hi Statement ctermfg=167
hi PreProc ctermfg=167
hi Type ctermfg=041
hi Delimiter ctermfg=251
hi Special ctermfg=062
hi Garbage ctermbg=088
hi TabStop ctermbg=016
hi Todo ctermfg=174 ctermbg=NONE
hi NixCode ctermfg=148
hi NixData ctermfg=149
hi NixQuote ctermfg=150
hi diffNewFile ctermfg=207
hi diffFile ctermfg=207
hi diffLine ctermfg=207
hi diffSubname ctermfg=207
hi diffAdded ctermfg=010
hi diffRemoved ctermfg=009
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
customPlugins.vim-jsx = pkgs.vimUtils.buildVimPlugin {
name = "vim-jsx";
src = pkgs.fetchFromGitHub {
owner = "mxw";
repo = "vim-jsx";
rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a";
sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a";
};
};
in {
# {
environment.systemPackages = [
(pkgs.vim_configurable.customize {
name = "vim";
in {
name = "vim-syntax-${name}-1.0.0";
destination = "/syntax/${name}.vim";
text = /* vim */ ''
${concatMapStringsSep "\n" (s: /* vim */ ''
syn keyword vimColor${s} ${s}
\ containedin=ALLBUT,vimComment,vimLineComment
hi vimColor${s} ctermfg=${s}
'') (map (i: lpad 3 "0" (toString i)) (range 0 255))}
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "showsyntax";
in {
name = "vim-plugin-${name}-1.0.0";
destination = "/plugin/${name}.vim";
text = /* vim */ ''
if exists('g:loaded_showsyntax')
finish
endif
let g:loaded_showsyntax = 0
fu! ShowSyntax()
let id = synID(line("."), col("."), 1)
let name = synIDattr(id, "name")
let transName = synIDattr(synIDtrans(id),"name")
if name != transName
let name .= " (" . transName . ")"
endif
echo "Syntax: " . name
endfu
vimrcConfig.customRC = ''
set nocompatible
command! -n=0 -bar ShowSyntax :call ShowSyntax()
'';
})))
:imap jk <Esc>
:vmap v v
:map gr :GoRun<Enter>
:nnoremap <S-TAB> :bnext<CR>
:nnoremap <C-TAB> <c-w><c-w>
:map nf :NERDTreeToggle<CR>
set autowrite
set number
set ruler
set path+=**
set wildmenu
noremap x "_x
set clipboard=unnamedplus
let g:jsx_ext_required = 0
let g:go_list_type = "quickfix"
let g:go_test_timeout = '10s'
let g:go_fmt_command = "goimports"
let g:go_snippet_case_type = "camelcase"
let g:go_highlight_types = 1
let g:go_highlight_fields = 1
let g:go_highlight_functions = 1
let g:go_highlight_methods = 1
let g:go_highlight_extra_types = 1
autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4
let g:rehash256 = 1
let g:molokai_original = 1
colorscheme molokai
let g:go_metalinter_enabled = ['vet', 'golint', 'errcheck']
let g:go_metalinter_autosave = 1
" let g:go_metalinter_autosave_enabled = ['vet', 'golint']
" let g:go_def_mode = 'godef'
" let g:go_decls_includes = "func,type"
" Trigger configuration. Do not use <tab> if you use https://github.com/Valloric/YouCompleteMe.
let g:UltiSnipsExpandTrigger="<c-e>"
let g:UltiSnipsJumpForwardTrigger="<c-t>"
let g:UltiSnipsJumpBackwardTrigger="<c-q>"
" If you want :UltiSnipsEdit to split your window.
let g:UltiSnipsEditSplit="vertical"
if has('persistent_undo') "check if your vim version supports it
set undofile "turn on the feature
set undodir=$HOME/.vim/undo "directory where the undo files will be stored
endif
'';
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
vimrcConfig.vam.pluginDictionaries = [
{ names = [ "undotree" "molokai" "Syntastic" "ctrlp" "surround" "snipmate" "nerdtree" "easymotion"]; }
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
{ names = [ "vim-go" ]; ft_regex = "^go\$"; } # wanted: nsf/gocode
{ names = [ "vim-javascript" ]; ft_regex = "^js\$"; }
{ names = [ "vim-jsx" ]; ft_regex = "^js\$"; }
];
})
];
dirs = {
backupdir = "$HOME/.cache/vim/backup";
swapdir = "$HOME/.cache/vim/swap";
undodir = "$HOME/.cache/vim/undo";
};
files = {
viminfo = "$HOME/.cache/vim/info";
};
mkdirs = let
dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s));
in assert out != ""; out;
alldirs = attrValues dirs ++ map dirOf (attrValues files);
in unique (sort lessThan alldirs);
vim = pkgs.symlinkJoin {
name = "vim";
paths = [
(pkgs.writeDashBin "vim" ''
set -efu
(umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
exec ${pkgs.vim}/bin/vim "$@"
'')
pkgs.vim
];
};
hs.vim = pkgs.writeText "hs.vim" ''
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
hi link ConId Identifier
hi link VarId Identifier
hi link hsDelimiter Delimiter
'';
nix.vim = pkgs.writeText "nix.vim" ''
setf nix
" Ref <nix/src/libexpr/lexer.l>
syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/
syn match NixINT /\<[0-9]\+\>/
syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/
syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/
syn region NixSTRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
syn region NixIND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
syn match NixOther /[():/;=.,?\[\]]/
syn match NixCommentMatch /\(^\|\s\)#.*/
syn region NixCommentRegion start="/\*" end="\*/"
hi link NixCode Statement
hi link NixData Constant
hi link NixComment Comment
hi link NixCommentMatch NixComment
hi link NixCommentRegion NixComment
hi link NixID NixCode
hi link NixINT NixData
hi link NixPATH NixData
hi link NixHPATH NixData
hi link NixSPATH NixData
hi link NixURI NixData
hi link NixSTRING NixData
hi link NixIND_STRING NixData
hi link NixEnter NixCode
hi link NixOther NixCode
hi link NixQuote NixData
syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
syn cluster nix_ind_strings contains=NixIND_STRING
syn cluster nix_strings contains=NixSTRING
${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let
startAlts = filter isString [
''/\* ${lang} \*/''
extraStart
];
sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*'';
in /* vim */ ''
syn include @nix_${lang}_syntax syntax/${lang}.vim
unlet b:current_syntax
syn match nix_${lang}_sigil
\ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X
\ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
\ transparent
syn region nix_${lang}_region_STRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn region nix_${lang}_region_IND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn cluster nix_ind_strings
\ add=nix_${lang}_region_IND_STRING
syn cluster nix_strings
\ add=nix_${lang}_region_STRING
syn cluster nix_has_dollar_curly
\ add=@nix_${lang}_syntax
'') {
c = {};
cabal = {};
haskell = {};
sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
vim.extraStart =
''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
})}
" Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
syn clear shVarAssign
syn region nixINSIDE_DOLLAR_CURLY
\ matchgroup=NixEnter
\ start="[$]{"
\ end="}"
\ contains=TOP
\ containedin=@nix_has_dollar_curly
\ transparent
syn region nix_inside_curly
\ matchgroup=NixEnter
\ start="{"
\ end="}"
\ contains=TOP
\ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
\ transparent
syn match NixQuote /'''\([''$']\|\\.\)/he=s+2
\ containedin=@nix_ind_strings
\ contained
syn match NixQuote /\\./he=s+1
\ containedin=@nix_strings
\ contained
syn sync fromstart
let b:current_syntax = "nix"
set isk=@,48-57,_,192-255,-,'
'';
in
out
}

2
jeschli/source.nix
View file

@ -14,7 +14,7 @@ in
};
secrets.file = getAttr builder {
buildbot = toString <stockholm/jeschli/2configs/tests/dummy-secrets>;
jeschli = "/home/jeschli/secrets/${name}";
jeschli = "${getEnv "HOME"}/secrets/${name}";
};
stockholm.file = toString <stockholm>;
}

3
krebs/3modules/default.nix
View file

@ -104,8 +104,9 @@ let
};
imp = lib.mkMerge [
{ krebs = import ./lass { inherit config; }; }
{ krebs = import ./jeschli { inherit config; }; }
{ krebs = import ./krebs { inherit config; }; }
{ krebs = import ./lass { inherit config; }; }
{ krebs = import ./makefu { inherit config; }; }
{ krebs = import ./mv { inherit config; }; }
{ krebs = import ./nin { inherit config; }; }

96
krebs/3modules/jeschli/default.nix Normal file
View file

@ -0,0 +1,96 @@
{ config, ... }:
with import <stockholm/lib>;
{
hosts = mapAttrs (_: recursiveUpdate {
owner = config.krebs.users.jeschli;
ci = true;
}) {
bln = {
ci = false;
external = true;
nets = {
retiolum = {
ip4.addr = "10.243.27.28";
ip6.addr = "42::28";
aliases = [
"bln.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEAwoN2f6iyQ1Wnk4rZVqhovny8VpwWvC9buE+NoedRaxmWmA5QIP02
BLwTWFKnbiKOQiYN+a4m/JKs0fFOjYCa2EKhqWWKwdEIN4wJTq8zrjzIaa2rdz+8
tamE+8rSYDE+RbJ6Gs3SUDfwcxJT6FXCi3JYoirdhAssLSwTf9d5IsfXvkKMabky
FpY9Im51utmIR8UmYL4Ti7dEaOxif+5Hgl1LuitC8e2IIZJhXJprK9tJk9J0LRWt
PUM31IG1+A2hNBzs5hferLmmwFvYF1sJ22NtFepxVyOLaLcLEFKWHyU+14qEMSgL
acsu0lgVZ4A1TY6vVBmawfVCzUzRfalNIty1x+qDA4MB1RQ4W7ivWCjd/+wirSyc
BLxCvriXRdUwPIRoHy0kNMmS83HGm2iv2IrHUrcH8lyJvMys216J2lCF2arRVnBn
lArObfR3mXgd/YoANmZ4cinLAjLCjCjXfOe39+pvTFph6WnDt4gOO+tQlnCk19Fa
NoiK1THcuZiFVE+4CAXVmstNqYKSMgw+Upw7/t6iUzur98iwKpcicomhJjGVVtbg
2iDf4lYVrUyb7iPns2T4EzAuHk7iESktEASU5creSbWYRu/4uyhuNlUoiCpVOEKg
H9jkrLlCpQGv/GmgdH9oj35Dsv5TINauCT2jjWV65wcKAlvyafy5UtLyF4HBRHaM
2xyxC9gxr8bmeOFyOnHVJQvpkeLxyaRp/VppjCTzr82TQvpZd5a+tISIbDGfqX1o
cEyPsowb3KHNtW9DqRBp+80fPGnQHsNjVXbJb37wjpnR/ePg/XyENbZF/OQEsjqt
bki8hZQXKJAFyx1bq/2A1q4ocx7JlJKynL4szG1unHbSPKNH2OOVvoezuP7e+lXU
gnzrSbe9lPIOp4Vu1HjWOi6tNWZFoZrSHVIK+VGxm+wm/HoS+Enj4Yq+vRvU3luv
UllR5KHHK2970RbFEUE0zaVMZjQn5KgJjFXfqfrCztp0wZ5CQo+tRFPq35llaIQ2
0WyT2IZlxt1Xr2IpOM0DpO4SJnivZT/wdZN7upzsUPf4a9suztpA3KcKAKqH0OM5
fv2/LXspc73vACAOZ9qDJnwp8bFrMOaQdAL1oPpOLB3yYTDA3E20IAQ6OKoSy1Nl
B4coqo1gBCcMrWwVFYAuc5J4itXJ0SSj67+WUnuDzPm88LI3g+AO0r1m6k6YdA58
SeNxYPMLYNLRg86rsjKjXu+QyvBsd04O/QvIxpTFCtdjbUXNS1H4++/inYZSwWPp
U0lN9erLJbwr4WqU/Mn6J+jKijXwmCSiF5if5baszMsOL/0u9yFt6OcaLyehE3sJ
eAo00n9phSna0lxtbtRnh/Gd4D7rFcX33wIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
};
reagenzglas = {
ci = false;
external = true;
nets = {
retiolum = {
ip4.addr = "10.243.27.27";
ip6.addr = "42::27";
aliases = [
"reagenzglas.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEA4Tbq6aiMhPz55Of/WDEmESGmScRJedQSJoyRuDEDabEktdbP/m7P
bwpLp0lGYphx42+lutFcYOGoH/Lglfj39yhDcrpkYfTnzcGOWutXGuZ+iR5vmGj0
utJRf/4+a4sB5NboBVZ9Ke/RTjDNSov00C2hFCYTXz89Gd2ap1nDPQpnejOS+9aO
2W6P/WIKhRH7TfW6M7mUCrjVxWXZgdfSCQYxAXU/+1uAGmJ9qlGlQUIGUGv9Znv5
hurqwAHzSgEkKc2iUumosz6a8W9Oo3TAEC+jMEO2l/+GJ/8VysG1wtLWDX03GU3u
mBAtrJppEw4QNPTeFg6XSFIwV8Z0fWZ4lGsPJLbAkLUMxtKVWKbdrdpnmiQpLfBW
8BRbT1pjwEdw0hefA6NwCO3/Y5piEaUEz/gYz9xHFMDXUj9stHtaF0HaqonWyb06
aX3EEqRBxVsj6/Sgd33b77xqY4WBoOlbhfWj+EAD1Ova26lHELpAg0Z4AncpyOzw
pJcX81U8GgQp899YAc3EAldFfiu094CvM2NKd110K90VlTpos+sqFfNE87vpprMu
3d1NsYzf+FUM/aXASlqTNL+i8qBDAlODkLdj4+VZ2BjkSH+p2BLZouizSzu4X3I/
lfy554Dbb/98zlwmX9JrWzBRs2GxxFdIDZ1jK+Ci5qM7oTfujBwiE4jZA6wlK8u5
+IenSBdaJb0J8nS0Bziz/BLkuBCrl/YFelpZlY0pw6WYlraKbf/nsOpumOYh6zdz
9jiIPElGvso9FhwigX7xWCiYMK3ryAqm8CL0cTscQW3Yy2JKm1tNIQtAacwnNVli
PqdnPJSo942I+Fl6ZPjZ19ivJIqC+2TjGEY2Et8DkiL6YZfy4bM1zhoWMlXBIil0
ynnKR/h/CC67cq94JCbtRWKiYXIYtfHPQkS7S1Lk6aSYbIch/wROyh7XJ7EGE7nn
GAVMqI/P/qbW3rwEJGXzI4eJAHa2hwpP2Slimf6uUD/6L2bAnduhYoTsnNSjJmNE
hCC+MHohzk7+isZl0jwIEcMpsohMAwoa5BEhbuYJWeUesT/4PeddLIGYubTZAXp2
ZdYRepSNUEhSZV0H99MhlqeooDJxnWpsiba5Gb0s6p4gTReGy0jMtWnxI2P5RUFX
vEGt77v4MGrWYTzAL/ZRmESsOj7TXqpSK5YcMC2nr8PcV66LuMjOkRrGoVOV3fBe
G/9pNVb68SRwfPoGa5nGe6C7GPcgko9rgGLLcU1r/4L2bqFhdIQdSfaUX2Hscm44
5GdN2UvuwwVxOyU1uPqJcBNnr2yt3x3kw5+zDQ00z/pFntTXWm19m6BUtbkdwN2x
Bn1P3P/mRTEaHxQr9RGg8Zjnix/Q6G7I5QIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
};
};
users = {
jeschli = {
mail = "jeschli@gmail.com";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMPuFzd6p3zZETIjoV5mRxCTQgeZk9s/P374mEDbj58wDTT0uGWu2JRf7cL1QRTvd5238tYl0eSHXH65+oaFB/mIvmiRnuw6qQODOMHlSbJN5/J2hEw/3v5gveiP1xNLfKlFhj6mmMRF7Etvzns/kLGLCSjj1UTlfo4iHmtinPmU+iQ8J4foS4cZj4oZesF8gndkc2EFMfL6en7EuU8GK6U9GtwKNL9N4UoUZXu8Nf00pkn/jrpmsDdI4zdVVAxWeu/Lo4li43EVixLcfwQiwzf6S9FvYIv30xPdy92GJSJwxm/QkYuc48VZWUoE+qThf3IEPETtX+MRZrM8RTtY01";
};
};
}

39
krebs/3modules/lass/default.nix
View file

@ -535,45 +535,6 @@ with import <stockholm/lib>;
};
};
};
reagenzglas = {
ci = false;
external = true;
nets = {
retiolum = {
ip4.addr = "10.243.27.27";
ip6.addr = "42::27";
aliases = [
"reagenzglas.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEA4Tbq6aiMhPz55Of/WDEmESGmScRJedQSJoyRuDEDabEktdbP/m7P
bwpLp0lGYphx42+lutFcYOGoH/Lglfj39yhDcrpkYfTnzcGOWutXGuZ+iR5vmGj0
utJRf/4+a4sB5NboBVZ9Ke/RTjDNSov00C2hFCYTXz89Gd2ap1nDPQpnejOS+9aO
2W6P/WIKhRH7TfW6M7mUCrjVxWXZgdfSCQYxAXU/+1uAGmJ9qlGlQUIGUGv9Znv5
hurqwAHzSgEkKc2iUumosz6a8W9Oo3TAEC+jMEO2l/+GJ/8VysG1wtLWDX03GU3u
mBAtrJppEw4QNPTeFg6XSFIwV8Z0fWZ4lGsPJLbAkLUMxtKVWKbdrdpnmiQpLfBW
8BRbT1pjwEdw0hefA6NwCO3/Y5piEaUEz/gYz9xHFMDXUj9stHtaF0HaqonWyb06
aX3EEqRBxVsj6/Sgd33b77xqY4WBoOlbhfWj+EAD1Ova26lHELpAg0Z4AncpyOzw
pJcX81U8GgQp899YAc3EAldFfiu094CvM2NKd110K90VlTpos+sqFfNE87vpprMu
3d1NsYzf+FUM/aXASlqTNL+i8qBDAlODkLdj4+VZ2BjkSH+p2BLZouizSzu4X3I/
lfy554Dbb/98zlwmX9JrWzBRs2GxxFdIDZ1jK+Ci5qM7oTfujBwiE4jZA6wlK8u5
+IenSBdaJb0J8nS0Bziz/BLkuBCrl/YFelpZlY0pw6WYlraKbf/nsOpumOYh6zdz
9jiIPElGvso9FhwigX7xWCiYMK3ryAqm8CL0cTscQW3Yy2JKm1tNIQtAacwnNVli
PqdnPJSo942I+Fl6ZPjZ19ivJIqC+2TjGEY2Et8DkiL6YZfy4bM1zhoWMlXBIil0
ynnKR/h/CC67cq94JCbtRWKiYXIYtfHPQkS7S1Lk6aSYbIch/wROyh7XJ7EGE7nn
GAVMqI/P/qbW3rwEJGXzI4eJAHa2hwpP2Slimf6uUD/6L2bAnduhYoTsnNSjJmNE
hCC+MHohzk7+isZl0jwIEcMpsohMAwoa5BEhbuYJWeUesT/4PeddLIGYubTZAXp2
ZdYRepSNUEhSZV0H99MhlqeooDJxnWpsiba5Gb0s6p4gTReGy0jMtWnxI2P5RUFX
vEGt77v4MGrWYTzAL/ZRmESsOj7TXqpSK5YcMC2nr8PcV66LuMjOkRrGoVOV3fBe
G/9pNVb68SRwfPoGa5nGe6C7GPcgko9rgGLLcU1r/4L2bqFhdIQdSfaUX2Hscm44
5GdN2UvuwwVxOyU1uPqJcBNnr2yt3x3kw5+zDQ00z/pFntTXWm19m6BUtbkdwN2x
Bn1P3P/mRTEaHxQr9RGg8Zjnix/Q6G7I5QIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
};
xerxes = {
cores = 2;
nets = rec {