From fd41443c9047b91e8ca1952881a096a2270f8643 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 29 Jan 2019 01:28:36 +0100
Subject: [PATCH 001/107] tv rxvt_unicode: finish running selection
---
tv/5pkgs/override/default.nix | 6 +++
tv/5pkgs/override/rxvt_unicode/default.nix | 6 +++
.../finish-running-selection.patch | 41 +++++++++++++++++++
3 files changed, 53 insertions(+)
create mode 100644 tv/5pkgs/override/default.nix
create mode 100644 tv/5pkgs/override/rxvt_unicode/default.nix
create mode 100644 tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch
diff --git a/tv/5pkgs/override/default.nix b/tv/5pkgs/override/default.nix
new file mode 100644
index 000000000..cd7c5645b
--- /dev/null
+++ b/tv/5pkgs/override/default.nix
@@ -0,0 +1,6 @@
+with import <stockholm/lib>;
+self: super: {
+ rxvt_unicode = self.callPackage ./rxvt_unicode {
+ rxvt_unicode = super.rxvt_unicode;
+ };
+}
diff --git a/tv/5pkgs/override/rxvt_unicode/default.nix b/tv/5pkgs/override/rxvt_unicode/default.nix
new file mode 100644
index 000000000..858a46be6
--- /dev/null
+++ b/tv/5pkgs/override/rxvt_unicode/default.nix
@@ -0,0 +1,6 @@
+{ rxvt_unicode }:
+rxvt_unicode.overrideAttrs (old: {
+ patches = old.patches ++ [
+ ./finish-running-selection.patch
+ ];
+})
diff --git a/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch b/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch
new file mode 100644
index 000000000..a342ccf5c
--- /dev/null
+++ b/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch
@@ -0,0 +1,41 @@
+diff --git a/src/rxvttoolkit.h b/src/rxvttoolkit.h
+index 56c9a3f..429055d 100644
+--- a/src/rxvttoolkit.h
++++ b/src/rxvttoolkit.h
+@@ -384,6 +384,7 @@ struct rxvt_selection
+ {
+ rxvt_selection (rxvt_display *disp, int selnum, Time tm, Window win, Atom prop, rxvt_term *term);
+ void run ();
++ void finish (char *data = 0, unsigned int len = 0);
+ ~rxvt_selection ();
+
+ rxvt_term *term; // terminal to paste to, may be 0
+@@ -404,7 +405,6 @@ private:
+ void timer_cb (ev::timer &w, int revents); ev::timer timer_ev;
+ void x_cb (XEvent &xev); xevent_watcher x_ev;
+
+- void finish (char *data = 0, unsigned int len = 0);
+ void stop ();
+ bool request (Atom target, int selnum);
+ void handle_selection (Window win, Atom prop, bool delete_prop);
+diff --git a/src/screen.C b/src/screen.C
+index 9eb375a..77e7109 100644
+--- a/src/screen.C
++++ b/src/screen.C
+@@ -2736,11 +2736,11 @@ rxvt_term::paste (char *data, unsigned int len) NOTHROW
+ void
+ rxvt_term::selection_request (Time tm, int selnum) NOTHROW
+ {
+- if (!selection_req)
+- {
+- selection_req = new rxvt_selection (display, selnum, tm, vt, xa[XA_VT_SELECTION], this);
+- selection_req->run ();
+- }
++ if (selection_req)
++ selection_req->finish ();
++
++ selection_req = new rxvt_selection (display, selnum, tm, vt, xa[XA_VT_SELECTION], this);
++ selection_req->run ();
+ }
+
+ /* ------------------------------------------------------------------------- */
From 773db3ae47ff212c40f0cd22f9e47f66b7fe93ff Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 29 Jan 2019 20:51:11 +0100
Subject: [PATCH 002/107] reaktor2: 0.2.1 -> 0.2.2
---
krebs/5pkgs/haskell/reaktor2.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index 40c628802..f06e79121 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -7,11 +7,11 @@
}:
mkDerivation {
pname = "reaktor2";
- version = "0.2.1";
+ version = "0.2.2";
src = fetchgit {
url = "https://cgit.krebsco.de/reaktor2";
- sha256 = "0wg76wlzfi893rl0lzhfs6bkpdcvwvgl6mpnz6w7r8f7znr4a9vr";
- rev = "0e199f7a357a4c5973e5837ec67699cf224ca69c";
+ sha256 = "1kyr5i5zdzvc7fcyac1i1yvi88kcxafrgp8p79c1b9l4g9sjnv78";
+ rev = "9f4e2644188f985d7cd806c13e2c0dee1688b9f0";
fetchSubmodules = true;
};
isLibrary = false;
From 79cad8349bf8bb20d13d23a498935277d779ef21 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 29 Jan 2019 21:39:16 +0100
Subject: [PATCH 003/107] bier bal: fix regex
---
krebs/2configs/reaktor2.nix | 3 ++-
krebs/3modules/reaktor2.nix | 4 ++++
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index ff6b539ba..4d90ae3d5 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -61,7 +61,7 @@ let
];
hooks.PRIVMSG = [
{
- pattern = "^bier bal(ance)*$";
+ pattern = "^bier bal(an(ce)?)?$";
activate = "match";
command = {
env = {
@@ -134,6 +134,7 @@ in {
};
r = {
nick = "reaktor2|krebs";
+ sendDelaySec = null;
plugins = [
{
plugin = "register";
diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix
index e3e6ddf4f..9ab207d88 100644
--- a/krebs/3modules/reaktor2.nix
+++ b/krebs/3modules/reaktor2.nix
@@ -33,6 +33,10 @@ with import <stockholm/lib>;
default = "reaktor2${optionalString (name != "default") "-${name}"}";
type = types.filename;
};
+ sendDelaySec = mkOption {
+ default = 0.7;
+ type = types.nullOr types.float;
+ };
username = mkOption {
default = self.config.systemd-service-name;
type = types.username;
From 54517574ddb2f5ae10bba02f0b7f547bb53fc5bd Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 31 Jan 2019 11:15:58 +0100
Subject: [PATCH 004/107] tv rxvt_unicode: fetch patch
---
tv/5pkgs/override/default.nix | 2 +-
tv/5pkgs/override/rxvt_unicode.nix | 9 ++++
tv/5pkgs/override/rxvt_unicode/default.nix | 6 ---
.../finish-running-selection.patch | 41 -------------------
4 files changed, 10 insertions(+), 48 deletions(-)
create mode 100644 tv/5pkgs/override/rxvt_unicode.nix
delete mode 100644 tv/5pkgs/override/rxvt_unicode/default.nix
delete mode 100644 tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch
diff --git a/tv/5pkgs/override/default.nix b/tv/5pkgs/override/default.nix
index cd7c5645b..99c1b3ec9 100644
--- a/tv/5pkgs/override/default.nix
+++ b/tv/5pkgs/override/default.nix
@@ -1,6 +1,6 @@
with import <stockholm/lib>;
self: super: {
- rxvt_unicode = self.callPackage ./rxvt_unicode {
+ rxvt_unicode = self.callPackage ./rxvt_unicode.nix {
rxvt_unicode = super.rxvt_unicode;
};
}
diff --git a/tv/5pkgs/override/rxvt_unicode.nix b/tv/5pkgs/override/rxvt_unicode.nix
new file mode 100644
index 000000000..da657fb20
--- /dev/null
+++ b/tv/5pkgs/override/rxvt_unicode.nix
@@ -0,0 +1,9 @@
+{ fetchurl, rxvt_unicode }:
+rxvt_unicode.overrideAttrs (old: {
+ patches = old.patches ++ [
+ (fetchurl {
+ url = https://cgit.krebsco.de/rxvt-unicode/patch/?id=15f3f94;
+ sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymlkz2p";
+ })
+ ];
+})
diff --git a/tv/5pkgs/override/rxvt_unicode/default.nix b/tv/5pkgs/override/rxvt_unicode/default.nix
deleted file mode 100644
index 858a46be6..000000000
--- a/tv/5pkgs/override/rxvt_unicode/default.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{ rxvt_unicode }:
-rxvt_unicode.overrideAttrs (old: {
- patches = old.patches ++ [
- ./finish-running-selection.patch
- ];
-})
diff --git a/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch b/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch
deleted file mode 100644
index a342ccf5c..000000000
--- a/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-diff --git a/src/rxvttoolkit.h b/src/rxvttoolkit.h
-index 56c9a3f..429055d 100644
---- a/src/rxvttoolkit.h
-+++ b/src/rxvttoolkit.h
-@@ -384,6 +384,7 @@ struct rxvt_selection
- {
- rxvt_selection (rxvt_display *disp, int selnum, Time tm, Window win, Atom prop, rxvt_term *term);
- void run ();
-+ void finish (char *data = 0, unsigned int len = 0);
- ~rxvt_selection ();
-
- rxvt_term *term; // terminal to paste to, may be 0
-@@ -404,7 +405,6 @@ private:
- void timer_cb (ev::timer &w, int revents); ev::timer timer_ev;
- void x_cb (XEvent &xev); xevent_watcher x_ev;
-
-- void finish (char *data = 0, unsigned int len = 0);
- void stop ();
- bool request (Atom target, int selnum);
- void handle_selection (Window win, Atom prop, bool delete_prop);
-diff --git a/src/screen.C b/src/screen.C
-index 9eb375a..77e7109 100644
---- a/src/screen.C
-+++ b/src/screen.C
-@@ -2736,11 +2736,11 @@ rxvt_term::paste (char *data, unsigned int len) NOTHROW
- void
- rxvt_term::selection_request (Time tm, int selnum) NOTHROW
- {
-- if (!selection_req)
-- {
-- selection_req = new rxvt_selection (display, selnum, tm, vt, xa[XA_VT_SELECTION], this);
-- selection_req->run ();
-- }
-+ if (selection_req)
-+ selection_req->finish ();
-+
-+ selection_req = new rxvt_selection (display, selnum, tm, vt, xa[XA_VT_SELECTION], this);
-+ selection_req->run ();
- }
-
- /* ------------------------------------------------------------------------- */
From 478b45cf97007e3aa846a30360de2b1c9833bf85 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 31 Jan 2019 14:39:02 +0100
Subject: [PATCH 005/107] krebs-hosts-*: generate from krebs.hosts
---
krebs/3modules/hosts.nix | 57 ++++++++++++++++++++++++++++++-
krebs/3modules/retiolum-hosts.nix | 26 ++------------
2 files changed, 59 insertions(+), 24 deletions(-)
diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix
index 0985bb539..eb7fd2283 100644
--- a/krebs/3modules/hosts.nix
+++ b/krebs/3modules/hosts.nix
@@ -1,6 +1,5 @@
with import <stockholm/lib>;
{ config, ... }: let
- # TODO dedup functions with ./retiolum-hosts.nix
check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers);
in {
@@ -30,6 +29,62 @@ in {
map (addr: { ${addr} = aliases; }) net.addrs)
(attrValues host.nets))
(attrValues config.krebs.hosts)));
+
+ nixpkgs.config.packageOverrides = super: let
+ # nameValuePair name value : { "name" : name, "value" : value }
+
+ # addr : str
+ # aliase : str
+ # hostname : str
+ # netname : str
+
+ # addrAliases : nameValuePair addr [alias]
+
+ # hostNetAliases : host -> { ${netname} : [addrAliases] }
+ hostNetAliases = host:
+ mapAttrs (_: net: filter (x: x.name != null) [
+ { name = net.ip4.addr or null; value = net.aliases; }
+ { name = net.ip6.addr or null; value = net.aliases; }
+ ]) host.nets;
+
+ # netAliases : { ${netname} : [addrAliases] }
+ netAliases =
+ foldl'
+ (result: host:
+ foldl'
+ # λ netAliases -> [addrAliases] -> netAliases
+ (result: { name, value }: result // {
+ ${name} = result.${name} or [] ++ value;
+ })
+ result
+ (mapAttrsToList nameValuePair (hostNetAliases host))
+ )
+ {}
+ (attrValues config.krebs.hosts);
+
+ # allAddrAliases : [addrAliases]
+ allAddrAliases =
+ flatten
+ (map
+ (host: attrValues (hostNetAliases host))
+ (attrValues config.krebs.hosts));
+
+ # writeHosts : str -> [addrAliases] -> package
+ writeHosts = name: addrAliases: super.writeText name ''
+ ${concatMapStringsSep
+ "\n"
+ ({ name, value }: "${name} ${toString value}")
+ addrAliases}
+ '';
+ in
+ {
+ krebs-hosts = writeHosts "krebs-hosts" allAddrAliases;
+ }
+ //
+ genAttrs' (attrNames netAliases) (netname: rec {
+ name = "krebs-hosts-${netname}";
+ value = writeHosts name netAliases.${netname};
+ });
};
}
diff --git a/krebs/3modules/retiolum-hosts.nix b/krebs/3modules/retiolum-hosts.nix
index ddf85ead7..2da174bea 100644
--- a/krebs/3modules/retiolum-hosts.nix
+++ b/krebs/3modules/retiolum-hosts.nix
@@ -1,28 +1,8 @@
with import <stockholm/lib>;
-{ config, ... }: let
- # TODO dedup functions with ./hosts.nix
- check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
- domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers);
-in {
+{ config, pkgs, ... }: {
nixpkgs.config.packageOverrides = super: {
retiolum-hosts =
- super.writeText "retiolum-hosts" ''
- ${
- concatStringsSep
- "\n"
- (flatten
- (map
- (host: let
- net = host.nets.retiolum;
- aliases = longs;
- longs = filter check net.aliases;
- in
- optionals
- (aliases != [])
- (map (addr: "${addr} ${toString aliases}") net.addrs))
- (filter (host: hasAttr "retiolum" host.nets)
- (attrValues config.krebs.hosts))))
- }
- '';
+ trace "pkgs.retiolum-hosts is deprecated, use pkgs.krebs-hosts-retiolum instead"
+ pkgs.krebs-hosts-retiolum;
};
}
From 5c076d9f37dc495b7a61cae84c5600b1ff7a5d09 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 31 Jan 2019 14:40:57 +0100
Subject: [PATCH 006/107] retiolum-hosts: RIP
---
krebs/3modules/default.nix | 1 -
krebs/3modules/retiolum-hosts.nix | 8 --------
lass/2configs/websites/lassulus.nix | 2 +-
3 files changed, 1 insertion(+), 10 deletions(-)
delete mode 100644 krebs/3modules/retiolum-hosts.nix
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 9303a81fb..c72215e79 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -45,7 +45,6 @@ let
./reaktor2.nix
./realwallpaper.nix
./retiolum-bootstrap.nix
- ./retiolum-hosts.nix
./rtorrent.nix
./secret.nix
./setuid.nix
diff --git a/krebs/3modules/retiolum-hosts.nix b/krebs/3modules/retiolum-hosts.nix
deleted file mode 100644
index 2da174bea..000000000
--- a/krebs/3modules/retiolum-hosts.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-with import <stockholm/lib>;
-{ config, pkgs, ... }: {
- nixpkgs.config.packageOverrides = super: {
- retiolum-hosts =
- trace "pkgs.retiolum-hosts is deprecated, use pkgs.krebs-hosts-retiolum instead"
- pkgs.krebs-hosts-retiolum;
- };
-}
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 27cadd100..526909e8a 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -61,7 +61,7 @@ in {
alias ${config.krebs.tinc.retiolum.hostsArchive};
'';
locations."= /retiolum.hosts".extraConfig = ''
- alias ${pkgs.retiolum-hosts};
+ alias ${pkgs.krebs-hosts-retiolum};
'';
locations."= /wireguard-key".extraConfig = ''
alias ${pkgs.writeText "prism.wg" config.krebs.hosts.prism.nets.wiregrill.wireguard.pubkey};
From a09bf933da2d31645872f1e2332507da98fb6a00 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 31 Jan 2019 15:02:05 +0100
Subject: [PATCH 007/107] krebs-hosts_combined: init
---
krebs/3modules/hosts.nix | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix
index eb7fd2283..3d572c04d 100644
--- a/krebs/3modules/hosts.nix
+++ b/krebs/3modules/hosts.nix
@@ -62,13 +62,6 @@ in {
{}
(attrValues config.krebs.hosts);
- # allAddrAliases : [addrAliases]
- allAddrAliases =
- flatten
- (map
- (host: attrValues (hostNetAliases host))
- (attrValues config.krebs.hosts));
-
# writeHosts : str -> [addrAliases] -> package
writeHosts = name: addrAliases: super.writeText name ''
${concatMapStringsSep
@@ -78,7 +71,18 @@ in {
'';
in
{
- krebs-hosts = writeHosts "krebs-hosts" allAddrAliases;
+ # hosts file for all krebs networks
+ krebs-hosts =
+ writeHosts "krebs-hosts" (concatLists [
+ netAliases.internet
+ netAliases.retiolum
+ netAliases.wiregrill
+ ]);
+
+ # combined hosts file for all networks (even custom ones)
+ krebs-hosts_combined =
+ writeHosts "krebs-hosts_combined"
+ (concatLists (attrValues netAliases));
}
//
genAttrs' (attrNames netAliases) (netname: rec {
From 936bf9f7b2a7cf99d48fe4cdf1e8cffd0140240f Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 1 Feb 2019 21:15:27 +0100
Subject: [PATCH 008/107] remove kruck.r, add pepe.r
---
krebs/3modules/external/default.nix | 37 ++++++++-------------------
krebs/3modules/external/tinc/pepe.pub | 13 ++++++++++
2 files changed, 24 insertions(+), 26 deletions(-)
create mode 100644 krebs/3modules/external/tinc/pepe.pub
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 089113ac6..e19ac6755 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -176,32 +176,6 @@ in {
};
};
};
- kruck = {
- owner = config.krebs.users.palo;
- nets = {
- retiolum = {
- ip4.addr = "10.243.29.201";
- aliases = [
- "kruck.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh
- QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA
- EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U
- uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/
- /RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR
- 9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s
- qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH
- gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj
- jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs
- fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5
- TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
qubasa = {
owner = config.krebs.users.qubasa;
nets = {
@@ -251,6 +225,17 @@ in {
};
};
};
+ pepe = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.123.4";
+ tinc.port = 720;
+ aliases = [ "pepe.r" ];
+ tinc.pubkey = tinc-for "pepe";
+ };
+ };
+ };
scardanelli = {
owner = config.krebs.users.kmein;
nets = {
diff --git a/krebs/3modules/external/tinc/pepe.pub b/krebs/3modules/external/tinc/pepe.pub
new file mode 100644
index 000000000..65284d51d
--- /dev/null
+++ b/krebs/3modules/external/tinc/pepe.pub
@@ -0,0 +1,13 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEA2ACttoosnRZ99o+OyMrxBdUWPqsT5btzSIQ5dU1XWqGjO4nRchCE
+8tO0b/4jqVgJVTRZVIUJQESZRlSmclsCAjdM8tsGj74CJrm7tBvgbBn2IObSs5+4
+oJWe57VsQaeHPuI2JZuGqv8Z3Esw+B07bQS5VTaC1ISo7vnLG/q5XLCbKHB9JZc/
+ztYbk4bEQHwbulfoPjD9FY3heLnTzqPw9Xr3ixao5gbAXfWNJM+iCluMq+Q2g1BD
+ozSnyYvaGLQ6h4yksDp+xuK8YCqiRj174EkXySI8Jee1CBMuI8ciX/5Q7yzvzscQ
+ZQ/MLVdx3MRW+VeT0ctaRzoA9E09ILqPe+56DjpsKzt4Ne8qeMG5HdpzO9UdNzTu
+MuibsCL7CJy5Ytl38PK+LAXHQr3Os1Z4OHjeTZ38vTAZcOUJZEkl6w9nO1XjcyBL
+rIaG+20Nx0ZU79MlJZFiG7ovlUiDfIEKNygng8v/yoTMaqMYLxQZ/leQwLMNLujo
+sku8+oV4Jvx4SyUjuAS6jgG9CnejLCnHP/yyDGdaMQSzmlzYXacLMfnPZE3r7bj1
+EjA6yQbkPixm7xLCyMm5u2leWtqtbg1oRA6Mw3UyYkNy3hiTU+jTvztEI3SCliDH
+yjGlESH4/edryKjLNjmYP77VFbM9ZSQ+QGlbMGPvjcn6XCdJGdxm3PUCAwEAAQ==
+-----END RSA PUBLIC KEY-----
From db9163a6005ad7e6f78a67c6a306cb4fa183698f Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 1 Feb 2019 22:31:43 +0100
Subject: [PATCH 009/107] ma nixpkgs: 1258730 -> 30a126c
---
makefu/nixpkgs.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/makefu/nixpkgs.json b/makefu/nixpkgs.json
index d62fd65ca..1788a17fb 100644
--- a/makefu/nixpkgs.json
+++ b/makefu/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/makefu/nixpkgs",
- "rev": "125873064a6eabd2896833d00aede7778a453fdf",
- "date": "2019-01-11T14:24:21+01:00",
- "sha256": "1ki50426m9simqvxdzckfgycibz5rdhwl6hzi31i72dqiafl8j6s",
+ "rev": "30a126c41eb81e96474d7f8488635fc36d78dd25",
+ "date": "2019-02-01T22:09:16+01:00",
+ "sha256": "1s5y22fs08wyw1izmaqd5dcnflw3rvkm3880vmlwv20g1phwhhi2",
"fetchSubmodules": false
}
From e2ae92445cc439203427a58720fc394cf1ca4b44 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 2 Feb 2019 09:13:53 +0100
Subject: [PATCH 010/107] external: add palo.nix
---
krebs/3modules/external/default.nix | 14 +---
krebs/3modules/external/palo.nix | 81 +++++++++++++++++++
.../external/tinc/{pepe.pub => palo.pub} | 0
3 files changed, 82 insertions(+), 13 deletions(-)
create mode 100644 krebs/3modules/external/palo.nix
rename krebs/3modules/external/tinc/{pepe.pub => palo.pub} (100%)
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index e19ac6755..16cc84651 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -16,6 +16,7 @@ with import <stockholm/lib>;
tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
in {
+
hosts = mapAttrs hostDefaults {
dpdkm = {
owner = config.krebs.users.Mic92;
@@ -225,17 +226,6 @@ in {
};
};
};
- pepe = {
- owner = config.krebs.users.palo;
- nets = {
- retiolum = {
- ip4.addr = "10.243.123.4";
- tinc.port = 720;
- aliases = [ "pepe.r" ];
- tinc.pubkey = tinc-for "pepe";
- };
- };
- };
scardanelli = {
owner = config.krebs.users.kmein;
nets = {
@@ -404,8 +394,6 @@ in {
mail = "joerg@thalheim.io";
pubkey = ssh-for "Mic92";
};
- palo = {
- };
qubasa = {
mail = "luis.nixos@gmail.com";
};
diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix
new file mode 100644
index 000000000..e151ad358
--- /dev/null
+++ b/krebs/3modules/external/palo.nix
@@ -0,0 +1,81 @@
+with import <stockholm/lib>;
+{ config, ... }: let
+
+ hostDefaults = hostName: host: flip recursiveUpdate host ({
+ ci = false;
+ external = true;
+ monitoring = false;
+ } // optionalAttrs (host.nets?retiolum) {
+ nets.retiolum.ip6.addr =
+ (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ } // optionalAttrs (host.nets?wiregrill) {
+ nets.wiregrill.ip6.addr =
+ (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ });
+ ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
+ tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
+
+in {
+ hosts = mapAttrs hostDefaults {
+ pepe = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.1";
+ tinc.port = 720;
+ aliases = [ "pepe.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ kruck = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.3";
+ tinc.port = 720;
+ aliases = [ "kruck.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ schasch = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.2";
+ tinc.port = 720;
+ aliases = [ "schasch.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ workhorse = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.5";
+ tinc.port = 720;
+ aliases = [ "workhorse.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ workout = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.23.4";
+ tinc.port = 720;
+ aliases = [ "workout.r" ];
+ tinc.pubkey = tinc-for "palo";
+ };
+ };
+ };
+ };
+ users = {
+ palo = {
+ };
+ };
+}
+
diff --git a/krebs/3modules/external/tinc/pepe.pub b/krebs/3modules/external/tinc/palo.pub
similarity index 100%
rename from krebs/3modules/external/tinc/pepe.pub
rename to krebs/3modules/external/tinc/palo.pub
From 1242c7e25520580e00a2fabf695fb895657144f0 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 09:22:06 +0100
Subject: [PATCH 011/107] krebs-hosts-*: don't add lines without alias
---
krebs/3modules/hosts.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix
index 3d572c04d..7fe01a769 100644
--- a/krebs/3modules/hosts.nix
+++ b/krebs/3modules/hosts.nix
@@ -42,7 +42,7 @@ in {
# hostNetAliases : host -> { ${netname} : [addrAliases] }
hostNetAliases = host:
- mapAttrs (_: net: filter (x: x.name != null) [
+ mapAttrs (_: net: filter (x: x.name != null && x.value != []) [
{ name = net.ip4.addr or null; value = net.aliases; }
{ name = net.ip6.addr or null; value = net.aliases; }
]) host.nets;
From 8b6e3765de2c82929ec63843e9a782886eb0da4e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 20:14:29 +0100
Subject: [PATCH 012/107] tv vim-syntax-nix-nested: add writer{Ext,Name}
---
tv/2configs/vim.nix | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 3794628c1..9f78d6e0b 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -250,6 +250,9 @@ let {
def = k: ''${k}[ \t\r\n]*='';
writer = k: ''write${k}[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)'';
+ writerExt = k: writerName ''[^"]*\.${k}'';
+ writerName = k: ''write[^ \t\r\n]*[ \t\r\n]*"${k}"'';
+
in {
c = {};
cabal = {};
@@ -257,7 +260,7 @@ let {
haskell = {};
jq.extraStart = alts [
(writer "Jq")
- ''write[^ \t\r\n]*[ \t\r\n]*"[^"]*\.jq"''
+ (writerExt "jq")
];
javascript.extraStart = ''/\* js \*/'';
lua = {};
@@ -287,8 +290,10 @@ let {
(writer (alts (map capitalize shells)))
];
yaml = {};
- vim.extraStart =
- ''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
+ vim.extraStart = alts [
+ (writerExt "vim")
+ (writerName ''\([^"]*\.\)\?vimrc'')
+ ];
xdefaults = {};
}))}
From 5aea1da2e1e545caf8e8f41b2ce9d589562165c2 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 20:20:44 +0100
Subject: [PATCH 013/107] tv vim-syntax-nix-nested: detect .vim".text
---
tv/2configs/vim.nix | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 9f78d6e0b..7e37ef329 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -130,14 +130,14 @@ let {
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-syntax-nix-nested" {
- "/syntax/haskell.vim".text = /* vim */ ''
+ "/syntax/haskell.vim".text = ''
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
hi link ConId Identifier
hi link VarId Identifier
hi link hsDelimiter Delimiter
'';
- "/syntax/nix.vim".text = /* vim */ ''
+ "/syntax/nix.vim".text = ''
"" Quit when a (custom) syntax file was already loaded
"if exists("b:current_syntax")
" finish
@@ -291,6 +291,7 @@ let {
];
yaml = {};
vim.extraStart = alts [
+ (def ''"[^"]*\.vim"\.text'')
(writerExt "vim")
(writerName ''\([^"]*\.\)\?vimrc'')
];
@@ -334,7 +335,7 @@ let {
set isk=@,48-57,_,192-255,-,'
'';
- "/syntax/sed.vim".text = /* vim */ ''
+ "/syntax/sed.vim".text = ''
syn region sedBranch
\ matchgroup=sedFunction start="T"
\ matchgroup=sedSemicolon end=";\|$"
From 9335c2616a01d3d6e21288d79bd64024578e3c38 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 20:24:11 +0100
Subject: [PATCH 014/107] tv vim haskell: isk+='
---
tv/2configs/vim.nix | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 7e37ef329..fe1482817 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -129,6 +129,19 @@ let {
command! -n=0 -bar ShowSyntax :call ShowSyntax()
'';
})))
+ ((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-tv" {
+ #
+ # Haskell
+ #
+ "/ftplugin/haskell.vim".text = ''
+ if exists("g:vim_tv_ftplugin_haskell_loaded")
+ finish
+ endif
+ let g:vim_tv_ftplugin_haskell_loaded = 1
+
+ setlocal iskeyword+='
+ '';
+ }))
((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-syntax-nix-nested" {
"/syntax/haskell.vim".text = ''
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
From 4961c28dae4e7b3903fb6b0792960dc4f82ae24c Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 21:21:48 +0100
Subject: [PATCH 015/107] tv vim: add TODO ft
---
tv/2configs/vim.nix | 37 +++++++++++++++++++++++++++++++++++++
1 file changed, 37 insertions(+)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index fe1482817..de843a30f 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -141,6 +141,43 @@ let {
setlocal iskeyword+='
'';
+ #
+ # TODO
+ #
+ "/ftdetect/todo.vim".text = ''
+ au BufRead,BufNewFile TODO set ft=todo
+ '';
+ "/ftplugin/todo.vim".text = ''
+ setlocal foldmethod=syntax
+ '';
+ "/syntax/todo.vim".text = ''
+ syn match Comment /#.*/
+
+ syn match todoDate /^[1-9]\S*/
+ \ nextgroup=todoSummary
+
+ syn region todoSummary
+ \ contained
+ \ contains=todoTag
+ \ start="." end="$\n"
+ \ nextgroup=todoBlock
+
+ syn match todoTag /\[[a-z]\+\]/hs=s+1,he=e-1
+ \ contained
+
+ syn region todoBlock
+ \ contained
+ \ contains=Comment
+ \ fold
+ \ start="^[^1-9]" end="^[1-9]"re=s-1,he=s-1,me=s-1
+
+ syn sync minlines=1000
+
+ hi todoDate ctermfg=255
+ hi todoSummary ctermfg=229
+ hi todoBlock ctermfg=248
+ hi todoTag ctermfg=217
+ '';
}))
((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-syntax-nix-nested" {
"/syntax/haskell.vim".text = ''
From 4be997d42348cc05065e3439007c8a2d32feaa04 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 23:15:16 +0100
Subject: [PATCH 016/107] tv vim todo: allow A-Z in tags
---
tv/2configs/vim.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index de843a30f..575a3bcb0 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -162,7 +162,7 @@ let {
\ start="." end="$\n"
\ nextgroup=todoBlock
- syn match todoTag /\[[a-z]\+\]/hs=s+1,he=e-1
+ syn match todoTag /\[[A-Za-z]\+\]/hs=s+1,he=e-1
\ contained
syn region todoBlock
From db791d662c433c482e547f70443b35129de8f541 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 3 Feb 2019 13:39:30 +0100
Subject: [PATCH 017/107] tv vim todo: form feed ends a block
---
tv/2configs/vim.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 575a3bcb0..9942ff65b 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -169,7 +169,7 @@ let {
\ contained
\ contains=Comment
\ fold
- \ start="^[^1-9]" end="^[1-9]"re=s-1,he=s-1,me=s-1
+ \ start="^[^1-9]" end="^[1-9�]"re=s-1,he=s-1,me=s-1
syn sync minlines=1000
From 80c2ab739d2d51bf47b07fd6f39508a85077b0e6 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 3 Feb 2019 23:17:52 +0100
Subject: [PATCH 018/107] ma dict: actually use the dict server
---
makefu/2configs/dict.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/makefu/2configs/dict.nix b/makefu/2configs/dict.nix
index 6db9102ba..08f1f8502 100644
--- a/makefu/2configs/dict.nix
+++ b/makefu/2configs/dict.nix
@@ -1,5 +1,6 @@
{ pkgs, ... }:
{
+ environment.shellAliases.dict = "dict -h 127.0.0.1";
services.dictd.enable = true;
services.dictd.DBs = with pkgs.dictdDBs; [ wiktionary wordnet deu2eng eng2deu ];
}
From df0d079ba03c0b2a98fbdede8322e080ffce60ed Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 11:00:10 +0100
Subject: [PATCH 019/107] tv bash-fzf-history: init
---
tv/5pkgs/simple/bash-fzf-history.nix | 91 ++++++++++++++++++++++++++++
1 file changed, 91 insertions(+)
create mode 100644 tv/5pkgs/simple/bash-fzf-history.nix
diff --git a/tv/5pkgs/simple/bash-fzf-history.nix b/tv/5pkgs/simple/bash-fzf-history.nix
new file mode 100644
index 000000000..e9a21b95d
--- /dev/null
+++ b/tv/5pkgs/simple/bash-fzf-history.nix
@@ -0,0 +1,91 @@
+with import <stockholm/lib>;
+{ pkgs
+
+, edit-key ? "ctrl-e"
+, exec-key ? "enter"
+, edit-mark ? "${mark-prefix}${edit-key}"
+, exec-mark ? "${mark-prefix}${exec-key}"
+, edit-command ? "\"\""
+, exec-command ? "accept-line"
+, mark-prefix ? " #FZFKEY:"
+, finish-keyseq ? "\\C-x\\C-p"
+, rebind-keyseq ? "\\C-x\\C-o"
+
+, start-keyseq ? "\\C-f"
+, load-keyseq ? start-keyseq
+}: let
+ script = pkgs.writeBash "bash-fzf-history.sh" ''
+ if ! command -v fzf >/dev/null; then
+ # Alternatively rewrite ${pkgs.fzf}/share/fzf/* to use absolute paths.
+ fzf() {
+ ${pkgs.fzf}/bin/fzf "$@"
+ }
+ fi
+
+ . ${pkgs.fzf}/share/fzf/key-bindings.bash
+ . ${pkgs.fzf}/share/fzf/completion.bash
+
+ FZF_DEFAULT_OPTS='${toString [
+ /* sh */ "--height=40%"
+ /* sh */ "--inline-info"
+ /* sh */ "--min-height=4"
+ /* sh */ "--reverse"
+ ]}'
+
+ __fzf_history__() (
+ result=$(
+ HISTTIMEFORMAT= history |
+ FZF_DEFAULT_OPTS="${toString [
+ /* sh */ "--tac"
+ /* sh */ "--sync"
+ /* sh */ "-n2..,.."
+ /* sh */ "--tiebreak=index"
+ /* sh */ "--bind=ctrl-r:toggle-sort"
+ /* sh */ "--expect=${edit-key},${exec-key}"
+ /* sh */ "$FZF_DEFAULT_OPTS"
+ /* sh */ "+m"
+ ]}" \
+ ${pkgs.fzf}/bin/fzf
+ )
+ if test -n "$result"; then
+ shopt -s extglob
+
+ key=''${result%%$'\n'*}
+ line=''${result##*([^0-9])}
+ index=''${line%%[^0-9]*}
+ command=''${line##*([0-9 ])}
+
+ echo "$command${mark-prefix}$key"
+ else
+ # Ensure no empty new line gets produced when fzf was aborted.
+ echo '${edit-mark}'
+ fi
+ )
+
+ __fzf_rebind_finish_keyseq__() {
+ local suffix=
+ case $READLINE_LINE in
+ *'${edit-mark}')
+ suffix='${edit-mark}'
+ bind '"${finish-keyseq}": ${edit-command}'
+ ;;
+ *'${exec-mark}')
+ suffix='${exec-mark}'
+ bind '"${finish-keyseq}": ${exec-command}'
+ ;;
+ esac
+ READLINE_LINE=${"\${READLINE_LINE:0:-\${#suffix}}"}
+ }
+ bind -x '"${rebind-keyseq}": __fzf_rebind_finish_keyseq__'
+
+ bind '"\C-r": reverse-search-history'
+ bind '"${start-keyseq}": " \C-e\C-u\C-y\ey\C-u`__fzf_history__`\e\C-e\er\e^${rebind-keyseq}${finish-keyseq}"'
+
+ echo '# fzf key bindings loaded:' >&2
+ bind -s | ${pkgs.gnugrep}/bin/grep __fzf_ >&2
+ '';
+in
+ script //
+ rec {
+ bind = /* sh */ ''bind -x '"${load-keyseq}": . ${script}' '';
+ }
From 5ddac6d53dd1ad6ae0767ef6a99b0ac7de695e23 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 11:00:57 +0100
Subject: [PATCH 020/107] tv bash: use fzf-history
---
tv/2configs/bash/default.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tv/2configs/bash/default.nix b/tv/2configs/bash/default.nix
index d7673931c..86e5598bb 100644
--- a/tv/2configs/bash/default.nix
+++ b/tv/2configs/bash/default.nix
@@ -27,6 +27,8 @@ with import <stockholm/lib>;
export NIX_PATH="stockholm=$HOME/stockholm:$NIX_PATH"
;;
esac
+
+ ${pkgs.bash-fzf-history.bind}
'';
promptInit = /* sh */ ''
case $UID in
From b7ced221a53c2fc95f630348cf5c7befd0c4a904 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 11:06:17 +0100
Subject: [PATCH 021/107] tv bash: add timestamps to histfile
---
tv/2configs/bash/default.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/tv/2configs/bash/default.nix b/tv/2configs/bash/default.nix
index 86e5598bb..42914e060 100644
--- a/tv/2configs/bash/default.nix
+++ b/tv/2configs/bash/default.nix
@@ -8,6 +8,7 @@ with import <stockholm/lib>;
HISTCONTROL='erasedups:ignorespace'
HISTSIZE=65536
HISTFILESIZE=$HISTSIZE
+ HISTTIMEFORMAT=
shopt -s checkhash
shopt -s histappend histreedit histverify
From 56d8366cfd011a0079ad731438f48280edfcbdca Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 11:53:31 +0100
Subject: [PATCH 022/107] tv bash-fzf-history: use array instead of extglob
---
tv/5pkgs/simple/bash-fzf-history.nix | 22 +++++++++++++---------
1 file changed, 13 insertions(+), 9 deletions(-)
diff --git a/tv/5pkgs/simple/bash-fzf-history.nix b/tv/5pkgs/simple/bash-fzf-history.nix
index e9a21b95d..8b3fe9e58 100644
--- a/tv/5pkgs/simple/bash-fzf-history.nix
+++ b/tv/5pkgs/simple/bash-fzf-history.nix
@@ -33,7 +33,8 @@ with import <stockholm/lib>;
]}'
__fzf_history__() (
- result=$(
+ IFS=$'\n'
+ result=( $(
HISTTIMEFORMAT= history |
FZF_DEFAULT_OPTS="${toString [
/* sh */ "--tac"
@@ -45,15 +46,18 @@ with import <stockholm/lib>;
/* sh */ "$FZF_DEFAULT_OPTS"
/* sh */ "+m"
]}" \
- ${pkgs.fzf}/bin/fzf
- )
+ ${pkgs.fzf}/bin/fzf |
+ ${pkgs.gnused}/bin/sed '
+ /^ *[0-9]/{
+ s/^ *//
+ s/ \+/\n/;# index
+ }
+ '
+ ) )
if test -n "$result"; then
- shopt -s extglob
-
- key=''${result%%$'\n'*}
- line=''${result##*([^0-9])}
- index=''${line%%[^0-9]*}
- command=''${line##*([0-9 ])}
+ key=''${result[0]}
+ index=''${result[1]}
+ command=''${result[2]}
echo "$command${mark-prefix}$key"
else
From 79267b99a05a94df40c33ff5f7c651f83ed9334e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 11:54:03 +0100
Subject: [PATCH 023/107] tv bash-fzf-history: show timestamp
---
tv/5pkgs/simple/bash-fzf-history.nix | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/tv/5pkgs/simple/bash-fzf-history.nix b/tv/5pkgs/simple/bash-fzf-history.nix
index 8b3fe9e58..7b92ea0cd 100644
--- a/tv/5pkgs/simple/bash-fzf-history.nix
+++ b/tv/5pkgs/simple/bash-fzf-history.nix
@@ -35,8 +35,9 @@ with import <stockholm/lib>;
__fzf_history__() (
IFS=$'\n'
result=( $(
- HISTTIMEFORMAT= history |
+ HISTTIMEFORMAT=$'\e[38;5;244m%Y-%m-%dT%H:%M:%S\e[m ' history |
FZF_DEFAULT_OPTS="${toString [
+ /* sh */ "--ansi"
/* sh */ "--tac"
/* sh */ "--sync"
/* sh */ "-n2..,.."
@@ -51,13 +52,15 @@ with import <stockholm/lib>;
/^ *[0-9]/{
s/^ *//
s/ \+/\n/;# index
+ s/ \+/\n/;# date
}
'
) )
if test -n "$result"; then
key=''${result[0]}
index=''${result[1]}
- command=''${result[2]}
+ date=''${result[2]}
+ command=''${result[3]}
echo "$command${mark-prefix}$key"
else
From 9d6875b02e05ebf9bb56247438a3386b1415eb52 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 13:11:46 +0100
Subject: [PATCH 024/107] tv bash-fzf-history: support unknown timestamps
---
tv/5pkgs/simple/bash-fzf-history.nix | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tv/5pkgs/simple/bash-fzf-history.nix b/tv/5pkgs/simple/bash-fzf-history.nix
index 7b92ea0cd..b603dedd9 100644
--- a/tv/5pkgs/simple/bash-fzf-history.nix
+++ b/tv/5pkgs/simple/bash-fzf-history.nix
@@ -35,7 +35,12 @@ with import <stockholm/lib>;
__fzf_history__() (
IFS=$'\n'
result=( $(
+ # To add "unknown timestamps" to each line of the history:
+ # sed -i '/^#[0-9]/{n;b};s/^/#1\n/' "$HISTFILE"
HISTTIMEFORMAT=$'\e[38;5;244m%Y-%m-%dT%H:%M:%S\e[m ' history |
+ ${pkgs.gnused}/bin/sed '
+ s/\(\x1b\[[0-9;]*\)244m1970-[0-9T:-]*/\1237m????-??-??T??:??:??/
+ ' |
FZF_DEFAULT_OPTS="${toString [
/* sh */ "--ansi"
/* sh */ "--tac"
From 932d11ed9346fbef640604d1107be39e7c11be85 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 5 Feb 2019 20:14:55 +0100
Subject: [PATCH 025/107] external: add catullus.r
---
krebs/3modules/external/default.nix | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 16cc84651..1f80906f8 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -18,6 +18,31 @@ with import <stockholm/lib>;
in {
hosts = mapAttrs hostDefaults {
+ catullus = {
+ owner = config.krebs.users.kmein;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.2.3";
+ aliases = [ "catullus.r" ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2tRtskPP6391+ZX9xzsx
+ CUotXuqYucYmnUbrRSIlxASVqTmAf3nDOE5EDBBcTdSwnb02JcJW4Zh7+BGgMxjF
+ GxDPs6ETI28mHK+6rp8TOkMnyDb5mtSGVZPvKJU9fFOt6aAX1J1BzTfwtHtVQq7K
+ WBzdpeKXlw4dIQ6K6SGmPIPpEh9pE1Xb+GuVljCXKxGJFbW40dmh2ZdadO7umBDu
+ vRk08jT9/BUnUP6KrZlvyePnG38z6srMrVU+XAHu5D2qZ9y+QIp3kw7Y5JUrNXc7
+ 9q9P9TYx15GiIz2mSJKcLVmkLRebsaqdV7dBibPbfdGE+NB+F1FYPGDdW4cnonon
+ DzzjGm/FDfOCXEnSkYGQDBWpfd/8AWum1xGJxJCPNBJElGE2o5jDWo4Y1b9gHP0M
+ vARm8AOK8R1pQ7BP+pNMO0gGw2NDrtWiWpTeZ7SqXmZAZ/Gmyen9X+/fowcbTyDH
+ b9joIuMQeOtxbUV2JprZIdit9NBFSZq/7Re/GBUwjGBm3LabIXFNGKZovx/f9lf8
+ r5tVs4SPauiKzZS0K1Gz1NSq+3OXaY5EwVrBUXptYqRT7uyhVloOPRUsqRFeB0Fn
+ Y5xOpDJ0UiJxgFbdH5Vb81D/VjNO9Q4nZib8wSEuLrYLHGoceQPX4+Ov9IdhIL4B
+ BMTCaF+VCWC5PCLr0e61KqMCAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ };
+ };
dpdkm = {
owner = config.krebs.users.Mic92;
nets = rec {
From 8de748b28738c3f4033a68dab8a01fcbeb691afb Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 21:11:09 +0100
Subject: [PATCH 026/107] blessings: 2.1.0 -> 2.2.0
---
krebs/5pkgs/haskell/blessings.nix | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix
index 97e4a717c..f730cc72b 100644
--- a/krebs/5pkgs/haskell/blessings.nix
+++ b/krebs/5pkgs/haskell/blessings.nix
@@ -1,5 +1,5 @@
with import <stockholm/lib>;
-{ mkDerivation, base, fetchgit, stdenv }: let
+{ mkDerivation, base, fetchgit, hspec, QuickCheck, stdenv, text }: let
cfg = {
"18.03" = {
@@ -7,8 +7,8 @@ with import <stockholm/lib>;
sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
};
"18.09" = {
- version = "2.1.0";
- sha256 = "0wc8v48bb0bkvypc0j6imvnf8xc8572hykk9sgjhzf2w0ggqxv5d";
+ version = "2.2.0";
+ sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1";
};
}.${versions.majorMinor nixpkgsVersion};
@@ -20,7 +20,8 @@ in mkDerivation {
rev = "refs/tags/v${cfg.version}";
sha256 = cfg.sha256;
};
- libraryHaskellDepends = [ base ];
+ libraryHaskellDepends = [ base text ];
+ testHaskellDepends = [ base hspec QuickCheck ];
doHaddock = false;
# WTFPL is the true license, which is unknown to cabal.
license = stdenv.lib.licenses.wtfpl;
From 0b668099468313b4547e1044efdc380d58e1d43e Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 5 Feb 2019 22:32:28 +0100
Subject: [PATCH 027/107] ma flameshot: init
---
makefu/2configs/home-manager/desktop.nix | 9 +++++++++
makefu/5pkgs/awesomecfg/default.nix | 3 ++-
makefu/5pkgs/awesomecfg/full.cfg | 1 +
3 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/makefu/2configs/home-manager/desktop.nix b/makefu/2configs/home-manager/desktop.nix
index 3be020faa..63a5cdbef 100644
--- a/makefu/2configs/home-manager/desktop.nix
+++ b/makefu/2configs/home-manager/desktop.nix
@@ -11,6 +11,15 @@
services.network-manager-applet.enable = true;
services.blueman-applet.enable = true;
services.pasystray.enable = true;
+ services.flameshot.enable = true;
+ home.file.".config/Dharkael/flameshot.ini".text = ''
+ [General]
+ disabledTrayIcon=false
+ drawColor=@Variant(\0\0\0\x43\x1\xff\xff\0\0\0\0\xff\xff\0\0)
+ drawThickness=0
+ filenamePattern=%F_%T_shot
+ '';
+
systemd.user.services.pasystray.Service.Environment = "PATH=" + (lib.makeBinPath (with pkgs;[ pavucontrol paprefs /* pavumeter */ /* paman */ ]) );
programs.chromium = {
enable = true;
diff --git a/makefu/5pkgs/awesomecfg/default.nix b/makefu/5pkgs/awesomecfg/default.nix
index 486c0ddf6..1ae2f50d9 100644
--- a/makefu/5pkgs/awesomecfg/default.nix
+++ b/makefu/5pkgs/awesomecfg/default.nix
@@ -5,6 +5,7 @@
, networkmanagerapplet
, blueman
, clipit
+, flameshot
, modkey ? "Mod4"
, locker? "${pkgs.xlock}/bin/xlock -mode blank"
, ... }:
@@ -13,7 +14,7 @@
# replace: @alsaUtils@ @xlockmore@ @xbacklight@ @modkey@
full = lib.makeOverridable pkgs.substituteAll {
name = "awesome_full_config";
- inherit alsaUtils locker xbacklight modkey networkmanagerapplet blueman clipit;
+ inherit alsaUtils locker xbacklight modkey networkmanagerapplet blueman clipit flameshot ;
isExecutable = false;
src = ./full.cfg;
};
diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg
index 11f9f59b8..83dd79b4d 100644
--- a/makefu/5pkgs/awesomecfg/full.cfg
+++ b/makefu/5pkgs/awesomecfg/full.cfg
@@ -410,6 +410,7 @@ clientkeys = awful.util.table.join(
-- minimized, since minimized clients can't have the focus.
c.minimized = true
end),
+ awful.key({ }, "Print", function () awful.util.spawn("@flameshot@/bin/flameshot gui") end),
awful.key({ modkey, }, "m",
function (c)
c.maximized = not c.maximized
From d47dcb07825f548c76323143d6f3e04d6a9c773e Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 5 Feb 2019 22:32:53 +0100
Subject: [PATCH 028/107] ma gum: use aarch64 builder
---
makefu/1systems/gum/config.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index e274b4bf8..7bc06f833 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -84,6 +84,7 @@ in {
<stockholm/makefu/2configs/shack/events-publisher>
<stockholm/makefu/2configs/shack/gitlab-runner>
<stockholm/makefu/2configs/remote-build/slave.nix>
+ <stockholm/makefu/2configs/remote-build/aarch64-community.nix>
<stockholm/makefu/2configs/taskd.nix>
# services
From 0132d371e6403f19bd8d188e8af836c9303db3fc Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 5 Feb 2019 22:33:09 +0100
Subject: [PATCH 029/107] ma zsh: revert back to TERM=xterm
---
makefu/2configs/home-manager/zsh.nix | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix
index 59658e667..6c7b632e1 100644
--- a/makefu/2configs/home-manager/zsh.nix
+++ b/makefu/2configs/home-manager/zsh.nix
@@ -86,7 +86,8 @@
share = true;
};
sessionVariables = {
- TERM = "rxvt-unicode-256color";
+ # TERM = "rxvt-unicode-256color";
+ TERM = "xterm";
LANG = "en_US.UTF8";
LS_COLORS = ":di=1;31:";
EDITOR = "vim";
From 6dc21884dcc140922c8c2e295a2ed026becdab30 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 5 Feb 2019 22:33:26 +0100
Subject: [PATCH 030/107] ma homeautomation: permit Insecure homeassistant
---
makefu/2configs/homeautomation/default.nix | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/makefu/2configs/homeautomation/default.nix b/makefu/2configs/homeautomation/default.nix
index 596d0002a..2af311c3b 100644
--- a/makefu/2configs/homeautomation/default.nix
+++ b/makefu/2configs/homeautomation/default.nix
@@ -257,4 +257,8 @@ in {
enable = true;
#configDir = "/var/lib/hass";
};
+ nixpkgs.config.permittedInsecurePackages = [
+ "homeassistant-0.77.2"
+ ];
+
}
From c9314cac8226da1d422ca5d3c73dab3fbb42513a Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 5 Feb 2019 22:33:54 +0100
Subject: [PATCH 031/107] ma tools: move at_spi2_core to gui
---
makefu/2configs/tools/core-gui.nix | 1 +
makefu/2configs/tools/core.nix | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix
index 1e85da53c..582d941a6 100644
--- a/makefu/2configs/tools/core-gui.nix
+++ b/makefu/2configs/tools/core-gui.nix
@@ -2,6 +2,7 @@
{
users.users.makefu.packages = with pkgs; [
+ at_spi2_core
chromium
feh
clipit
diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix
index 33e896d4c..b4c3a431e 100644
--- a/makefu/2configs/tools/core.nix
+++ b/makefu/2configs/tools/core.nix
@@ -8,7 +8,6 @@
( pkgs.writeScriptBin "unknow" ''#!/bin/sh
${gnused}/bin/sed -i "''${1}d" ~/.ssh/known_hosts
'')
- at_spi2_core
acpi
bc
rsync
@@ -17,6 +16,7 @@ ${gnused}/bin/sed -i "''${1}d" ~/.ssh/known_hosts
lsof
which
binutils
+ screen
# fs
cifs-utils
From f995e7b593b02e2194e9e0b6b2d985a2f035d83c Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 7 Feb 2019 19:04:19 +0100
Subject: [PATCH 032/107] tv gitrepos: add flameshot-once
---
tv/2configs/gitrepos.nix | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index 725ddefa8..95ab75b3d 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -47,6 +47,9 @@ let {
disko = {
cgit.desc = "declarative partitioning and formatting tool";
};
+ flameshot-once = {
+ cgit.desc = "flameshot runner that automatically starts/stops the daemon";
+ };
fswm = {
cgit.desc = "simple full screen window manager";
};
From a8fe746cc7f5471522a50d16d20c40e1a9b20369 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 7 Feb 2019 19:06:14 +0100
Subject: [PATCH 033/107] flameshot-once: init at 1.0.0
---
krebs/5pkgs/haskell/flameshot-once.nix | 20 ++++++++++++++++++++
krebs/5pkgs/simple/flameshot-once.nix | 14 ++++++++++++++
2 files changed, 34 insertions(+)
create mode 100644 krebs/5pkgs/haskell/flameshot-once.nix
create mode 100644 krebs/5pkgs/simple/flameshot-once.nix
diff --git a/krebs/5pkgs/haskell/flameshot-once.nix b/krebs/5pkgs/haskell/flameshot-once.nix
new file mode 100644
index 000000000..b90dd2cb8
--- /dev/null
+++ b/krebs/5pkgs/haskell/flameshot-once.nix
@@ -0,0 +1,20 @@
+{ mkDerivation, async, base, blessings, dbus, fetchgit
+, iso8601-time, process, stdenv, text, time, unagi-chan, unix
+}:
+mkDerivation {
+ pname = "flameshot-once";
+ version = "1.0.0";
+ src = fetchgit {
+ url = "https://cgit.krebsco.de/flameshot-once";
+ sha256 = "0fjk5pgjy7r0xz4i38qb85x1z4jp8bas2mmgznp7glidz362w390";
+ rev = "fb5636483871fbafe9b286b377c339c8ddf8b4f8";
+ fetchSubmodules = true;
+ };
+ isLibrary = false;
+ isExecutable = true;
+ executableHaskellDepends = [
+ async base blessings dbus iso8601-time process text time unagi-chan
+ unix
+ ];
+ license = stdenv.lib.licenses.mit;
+}
diff --git a/krebs/5pkgs/simple/flameshot-once.nix b/krebs/5pkgs/simple/flameshot-once.nix
new file mode 100644
index 000000000..7550a4678
--- /dev/null
+++ b/krebs/5pkgs/simple/flameshot-once.nix
@@ -0,0 +1,14 @@
+{ pkgs }:
+
+pkgs.symlinkJoin {
+ name = "flameshot-once-wrapper";
+ paths = [
+ (pkgs.writeDashBin "flameshot-once" ''
+ export PATH=${pkgs.stdenv.lib.makeBinPath [
+ pkgs.flameshot
+ ]}''${PATH:+:$PATH}
+ exec ${pkgs.haskellPackages.flameshot-once}/bin/flameshot-once "$@"
+ '')
+ pkgs.haskellPackages.flameshot-once
+ ];
+}
From 853d42fd7eff64067e83e121a4e94c6af33c8ac3 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 7 Feb 2019 22:09:51 +0100
Subject: [PATCH 034/107] flameshot-once: 1.0.0 -> 1.0.1
---
krebs/5pkgs/haskell/flameshot-once.nix | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/krebs/5pkgs/haskell/flameshot-once.nix b/krebs/5pkgs/haskell/flameshot-once.nix
index b90dd2cb8..aa0d94d8f 100644
--- a/krebs/5pkgs/haskell/flameshot-once.nix
+++ b/krebs/5pkgs/haskell/flameshot-once.nix
@@ -1,20 +1,21 @@
-{ mkDerivation, async, base, blessings, dbus, fetchgit
-, iso8601-time, process, stdenv, text, time, unagi-chan, unix
+{ mkDerivation, async, base, blessings, bytestring, dbus, fetchgit
+, iso8601-time, process, random, stdenv, text, time, unagi-chan
+, unix
}:
mkDerivation {
pname = "flameshot-once";
- version = "1.0.0";
+ version = "1.0.1";
src = fetchgit {
url = "https://cgit.krebsco.de/flameshot-once";
- sha256 = "0fjk5pgjy7r0xz4i38qb85x1z4jp8bas2mmgznp7glidz362w390";
- rev = "fb5636483871fbafe9b286b377c339c8ddf8b4f8";
+ sha256 = "01bsgadjk3y3lg19xcadlrqalr4cs028fsivgacqh31fqaq4v243";
+ rev = "03623ce6c011c1e85df7d91aed4458c098ff22ff";
fetchSubmodules = true;
};
isLibrary = false;
isExecutable = true;
executableHaskellDepends = [
- async base blessings dbus iso8601-time process text time unagi-chan
- unix
+ async base blessings bytestring dbus iso8601-time process random
+ text time unagi-chan unix
];
license = stdenv.lib.licenses.mit;
}
From 7c8ace182566cdbca89f4d3e2203b38e6e1f23d9 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 31 Jan 2019 11:15:58 +0100
Subject: [PATCH 035/107] tv rxvt_unicode: fetch patch
---
tv/5pkgs/override/default.nix | 2 +-
tv/5pkgs/override/rxvt_unicode.nix | 9 ++++
tv/5pkgs/override/rxvt_unicode/default.nix | 6 ---
.../finish-running-selection.patch | 41 -------------------
4 files changed, 10 insertions(+), 48 deletions(-)
create mode 100644 tv/5pkgs/override/rxvt_unicode.nix
delete mode 100644 tv/5pkgs/override/rxvt_unicode/default.nix
delete mode 100644 tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch
diff --git a/tv/5pkgs/override/default.nix b/tv/5pkgs/override/default.nix
index cd7c5645b..99c1b3ec9 100644
--- a/tv/5pkgs/override/default.nix
+++ b/tv/5pkgs/override/default.nix
@@ -1,6 +1,6 @@
with import <stockholm/lib>;
self: super: {
- rxvt_unicode = self.callPackage ./rxvt_unicode {
+ rxvt_unicode = self.callPackage ./rxvt_unicode.nix {
rxvt_unicode = super.rxvt_unicode;
};
}
diff --git a/tv/5pkgs/override/rxvt_unicode.nix b/tv/5pkgs/override/rxvt_unicode.nix
new file mode 100644
index 000000000..da657fb20
--- /dev/null
+++ b/tv/5pkgs/override/rxvt_unicode.nix
@@ -0,0 +1,9 @@
+{ fetchurl, rxvt_unicode }:
+rxvt_unicode.overrideAttrs (old: {
+ patches = old.patches ++ [
+ (fetchurl {
+ url = https://cgit.krebsco.de/rxvt-unicode/patch/?id=15f3f94;
+ sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymlkz2p";
+ })
+ ];
+})
diff --git a/tv/5pkgs/override/rxvt_unicode/default.nix b/tv/5pkgs/override/rxvt_unicode/default.nix
deleted file mode 100644
index 858a46be6..000000000
--- a/tv/5pkgs/override/rxvt_unicode/default.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{ rxvt_unicode }:
-rxvt_unicode.overrideAttrs (old: {
- patches = old.patches ++ [
- ./finish-running-selection.patch
- ];
-})
diff --git a/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch b/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch
deleted file mode 100644
index a342ccf5c..000000000
--- a/tv/5pkgs/override/rxvt_unicode/finish-running-selection.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-diff --git a/src/rxvttoolkit.h b/src/rxvttoolkit.h
-index 56c9a3f..429055d 100644
---- a/src/rxvttoolkit.h
-+++ b/src/rxvttoolkit.h
-@@ -384,6 +384,7 @@ struct rxvt_selection
- {
- rxvt_selection (rxvt_display *disp, int selnum, Time tm, Window win, Atom prop, rxvt_term *term);
- void run ();
-+ void finish (char *data = 0, unsigned int len = 0);
- ~rxvt_selection ();
-
- rxvt_term *term; // terminal to paste to, may be 0
-@@ -404,7 +405,6 @@ private:
- void timer_cb (ev::timer &w, int revents); ev::timer timer_ev;
- void x_cb (XEvent &xev); xevent_watcher x_ev;
-
-- void finish (char *data = 0, unsigned int len = 0);
- void stop ();
- bool request (Atom target, int selnum);
- void handle_selection (Window win, Atom prop, bool delete_prop);
-diff --git a/src/screen.C b/src/screen.C
-index 9eb375a..77e7109 100644
---- a/src/screen.C
-+++ b/src/screen.C
-@@ -2736,11 +2736,11 @@ rxvt_term::paste (char *data, unsigned int len) NOTHROW
- void
- rxvt_term::selection_request (Time tm, int selnum) NOTHROW
- {
-- if (!selection_req)
-- {
-- selection_req = new rxvt_selection (display, selnum, tm, vt, xa[XA_VT_SELECTION], this);
-- selection_req->run ();
-- }
-+ if (selection_req)
-+ selection_req->finish ();
-+
-+ selection_req = new rxvt_selection (display, selnum, tm, vt, xa[XA_VT_SELECTION], this);
-+ selection_req->run ();
- }
-
- /* ------------------------------------------------------------------------- */
From 6830a9b32a19d3347f005a491d7a2c8f4094090c Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 31 Jan 2019 14:39:02 +0100
Subject: [PATCH 036/107] krebs-hosts-*: generate from krebs.hosts
---
krebs/3modules/hosts.nix | 57 ++++++++++++++++++++++++++++++-
krebs/3modules/retiolum-hosts.nix | 26 ++------------
2 files changed, 59 insertions(+), 24 deletions(-)
diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix
index 0985bb539..eb7fd2283 100644
--- a/krebs/3modules/hosts.nix
+++ b/krebs/3modules/hosts.nix
@@ -1,6 +1,5 @@
with import <stockholm/lib>;
{ config, ... }: let
- # TODO dedup functions with ./retiolum-hosts.nix
check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers);
in {
@@ -30,6 +29,62 @@ in {
map (addr: { ${addr} = aliases; }) net.addrs)
(attrValues host.nets))
(attrValues config.krebs.hosts)));
+
+ nixpkgs.config.packageOverrides = super: let
+ # nameValuePair name value : { "name" : name, "value" : value }
+
+ # addr : str
+ # aliase : str
+ # hostname : str
+ # netname : str
+
+ # addrAliases : nameValuePair addr [alias]
+
+ # hostNetAliases : host -> { ${netname} : [addrAliases] }
+ hostNetAliases = host:
+ mapAttrs (_: net: filter (x: x.name != null) [
+ { name = net.ip4.addr or null; value = net.aliases; }
+ { name = net.ip6.addr or null; value = net.aliases; }
+ ]) host.nets;
+
+ # netAliases : { ${netname} : [addrAliases] }
+ netAliases =
+ foldl'
+ (result: host:
+ foldl'
+ # λ netAliases -> [addrAliases] -> netAliases
+ (result: { name, value }: result // {
+ ${name} = result.${name} or [] ++ value;
+ })
+ result
+ (mapAttrsToList nameValuePair (hostNetAliases host))
+ )
+ {}
+ (attrValues config.krebs.hosts);
+
+ # allAddrAliases : [addrAliases]
+ allAddrAliases =
+ flatten
+ (map
+ (host: attrValues (hostNetAliases host))
+ (attrValues config.krebs.hosts));
+
+ # writeHosts : str -> [addrAliases] -> package
+ writeHosts = name: addrAliases: super.writeText name ''
+ ${concatMapStringsSep
+ "\n"
+ ({ name, value }: "${name} ${toString value}")
+ addrAliases}
+ '';
+ in
+ {
+ krebs-hosts = writeHosts "krebs-hosts" allAddrAliases;
+ }
+ //
+ genAttrs' (attrNames netAliases) (netname: rec {
+ name = "krebs-hosts-${netname}";
+ value = writeHosts name netAliases.${netname};
+ });
};
}
diff --git a/krebs/3modules/retiolum-hosts.nix b/krebs/3modules/retiolum-hosts.nix
index ddf85ead7..2da174bea 100644
--- a/krebs/3modules/retiolum-hosts.nix
+++ b/krebs/3modules/retiolum-hosts.nix
@@ -1,28 +1,8 @@
with import <stockholm/lib>;
-{ config, ... }: let
- # TODO dedup functions with ./hosts.nix
- check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
- domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers);
-in {
+{ config, pkgs, ... }: {
nixpkgs.config.packageOverrides = super: {
retiolum-hosts =
- super.writeText "retiolum-hosts" ''
- ${
- concatStringsSep
- "\n"
- (flatten
- (map
- (host: let
- net = host.nets.retiolum;
- aliases = longs;
- longs = filter check net.aliases;
- in
- optionals
- (aliases != [])
- (map (addr: "${addr} ${toString aliases}") net.addrs))
- (filter (host: hasAttr "retiolum" host.nets)
- (attrValues config.krebs.hosts))))
- }
- '';
+ trace "pkgs.retiolum-hosts is deprecated, use pkgs.krebs-hosts-retiolum instead"
+ pkgs.krebs-hosts-retiolum;
};
}
From bc4984c7fa6a50052436399364d2de7f76f1cd2e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 31 Jan 2019 14:40:57 +0100
Subject: [PATCH 037/107] retiolum-hosts: RIP
---
krebs/3modules/default.nix | 1 -
krebs/3modules/retiolum-hosts.nix | 8 --------
lass/2configs/websites/lassulus.nix | 2 +-
3 files changed, 1 insertion(+), 10 deletions(-)
delete mode 100644 krebs/3modules/retiolum-hosts.nix
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 9303a81fb..c72215e79 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -45,7 +45,6 @@ let
./reaktor2.nix
./realwallpaper.nix
./retiolum-bootstrap.nix
- ./retiolum-hosts.nix
./rtorrent.nix
./secret.nix
./setuid.nix
diff --git a/krebs/3modules/retiolum-hosts.nix b/krebs/3modules/retiolum-hosts.nix
deleted file mode 100644
index 2da174bea..000000000
--- a/krebs/3modules/retiolum-hosts.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-with import <stockholm/lib>;
-{ config, pkgs, ... }: {
- nixpkgs.config.packageOverrides = super: {
- retiolum-hosts =
- trace "pkgs.retiolum-hosts is deprecated, use pkgs.krebs-hosts-retiolum instead"
- pkgs.krebs-hosts-retiolum;
- };
-}
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 27cadd100..526909e8a 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -61,7 +61,7 @@ in {
alias ${config.krebs.tinc.retiolum.hostsArchive};
'';
locations."= /retiolum.hosts".extraConfig = ''
- alias ${pkgs.retiolum-hosts};
+ alias ${pkgs.krebs-hosts-retiolum};
'';
locations."= /wireguard-key".extraConfig = ''
alias ${pkgs.writeText "prism.wg" config.krebs.hosts.prism.nets.wiregrill.wireguard.pubkey};
From 659cbed237ebbf158374cc85929f97eb1a6fce36 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 31 Jan 2019 15:02:05 +0100
Subject: [PATCH 038/107] krebs-hosts_combined: init
---
krebs/3modules/hosts.nix | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix
index eb7fd2283..3d572c04d 100644
--- a/krebs/3modules/hosts.nix
+++ b/krebs/3modules/hosts.nix
@@ -62,13 +62,6 @@ in {
{}
(attrValues config.krebs.hosts);
- # allAddrAliases : [addrAliases]
- allAddrAliases =
- flatten
- (map
- (host: attrValues (hostNetAliases host))
- (attrValues config.krebs.hosts));
-
# writeHosts : str -> [addrAliases] -> package
writeHosts = name: addrAliases: super.writeText name ''
${concatMapStringsSep
@@ -78,7 +71,18 @@ in {
'';
in
{
- krebs-hosts = writeHosts "krebs-hosts" allAddrAliases;
+ # hosts file for all krebs networks
+ krebs-hosts =
+ writeHosts "krebs-hosts" (concatLists [
+ netAliases.internet
+ netAliases.retiolum
+ netAliases.wiregrill
+ ]);
+
+ # combined hosts file for all networks (even custom ones)
+ krebs-hosts_combined =
+ writeHosts "krebs-hosts_combined"
+ (concatLists (attrValues netAliases));
}
//
genAttrs' (attrNames netAliases) (netname: rec {
From cdb548ac3050c2e9f61a07e6f5eff88383e1114c Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 09:22:06 +0100
Subject: [PATCH 039/107] krebs-hosts-*: don't add lines without alias
---
krebs/3modules/hosts.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix
index 3d572c04d..7fe01a769 100644
--- a/krebs/3modules/hosts.nix
+++ b/krebs/3modules/hosts.nix
@@ -42,7 +42,7 @@ in {
# hostNetAliases : host -> { ${netname} : [addrAliases] }
hostNetAliases = host:
- mapAttrs (_: net: filter (x: x.name != null) [
+ mapAttrs (_: net: filter (x: x.name != null && x.value != []) [
{ name = net.ip4.addr or null; value = net.aliases; }
{ name = net.ip6.addr or null; value = net.aliases; }
]) host.nets;
From 1c4810bd407c8ff992eeffa24d5234fefff4826e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 20:14:29 +0100
Subject: [PATCH 040/107] tv vim-syntax-nix-nested: add writer{Ext,Name}
---
tv/2configs/vim.nix | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 3794628c1..9f78d6e0b 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -250,6 +250,9 @@ let {
def = k: ''${k}[ \t\r\n]*='';
writer = k: ''write${k}[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)'';
+ writerExt = k: writerName ''[^"]*\.${k}'';
+ writerName = k: ''write[^ \t\r\n]*[ \t\r\n]*"${k}"'';
+
in {
c = {};
cabal = {};
@@ -257,7 +260,7 @@ let {
haskell = {};
jq.extraStart = alts [
(writer "Jq")
- ''write[^ \t\r\n]*[ \t\r\n]*"[^"]*\.jq"''
+ (writerExt "jq")
];
javascript.extraStart = ''/\* js \*/'';
lua = {};
@@ -287,8 +290,10 @@ let {
(writer (alts (map capitalize shells)))
];
yaml = {};
- vim.extraStart =
- ''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
+ vim.extraStart = alts [
+ (writerExt "vim")
+ (writerName ''\([^"]*\.\)\?vimrc'')
+ ];
xdefaults = {};
}))}
From 21a0d53f2fbe652db372c11349e066d66b75e66e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 20:20:44 +0100
Subject: [PATCH 041/107] tv vim-syntax-nix-nested: detect .vim".text
---
tv/2configs/vim.nix | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 9f78d6e0b..7e37ef329 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -130,14 +130,14 @@ let {
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-syntax-nix-nested" {
- "/syntax/haskell.vim".text = /* vim */ ''
+ "/syntax/haskell.vim".text = ''
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
hi link ConId Identifier
hi link VarId Identifier
hi link hsDelimiter Delimiter
'';
- "/syntax/nix.vim".text = /* vim */ ''
+ "/syntax/nix.vim".text = ''
"" Quit when a (custom) syntax file was already loaded
"if exists("b:current_syntax")
" finish
@@ -291,6 +291,7 @@ let {
];
yaml = {};
vim.extraStart = alts [
+ (def ''"[^"]*\.vim"\.text'')
(writerExt "vim")
(writerName ''\([^"]*\.\)\?vimrc'')
];
@@ -334,7 +335,7 @@ let {
set isk=@,48-57,_,192-255,-,'
'';
- "/syntax/sed.vim".text = /* vim */ ''
+ "/syntax/sed.vim".text = ''
syn region sedBranch
\ matchgroup=sedFunction start="T"
\ matchgroup=sedSemicolon end=";\|$"
From cc063ceb8fc334b3641d5483dc05d1b7ce42c1db Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 20:24:11 +0100
Subject: [PATCH 042/107] tv vim haskell: isk+='
---
tv/2configs/vim.nix | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 7e37ef329..fe1482817 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -129,6 +129,19 @@ let {
command! -n=0 -bar ShowSyntax :call ShowSyntax()
'';
})))
+ ((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-tv" {
+ #
+ # Haskell
+ #
+ "/ftplugin/haskell.vim".text = ''
+ if exists("g:vim_tv_ftplugin_haskell_loaded")
+ finish
+ endif
+ let g:vim_tv_ftplugin_haskell_loaded = 1
+
+ setlocal iskeyword+='
+ '';
+ }))
((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-syntax-nix-nested" {
"/syntax/haskell.vim".text = ''
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
From 49f0a670a6ecaf7c229fc29aad2b33f5f4b4779b Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 21:21:48 +0100
Subject: [PATCH 043/107] tv vim: add TODO ft
---
tv/2configs/vim.nix | 37 +++++++++++++++++++++++++++++++++++++
1 file changed, 37 insertions(+)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index fe1482817..de843a30f 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -141,6 +141,43 @@ let {
setlocal iskeyword+='
'';
+ #
+ # TODO
+ #
+ "/ftdetect/todo.vim".text = ''
+ au BufRead,BufNewFile TODO set ft=todo
+ '';
+ "/ftplugin/todo.vim".text = ''
+ setlocal foldmethod=syntax
+ '';
+ "/syntax/todo.vim".text = ''
+ syn match Comment /#.*/
+
+ syn match todoDate /^[1-9]\S*/
+ \ nextgroup=todoSummary
+
+ syn region todoSummary
+ \ contained
+ \ contains=todoTag
+ \ start="." end="$\n"
+ \ nextgroup=todoBlock
+
+ syn match todoTag /\[[a-z]\+\]/hs=s+1,he=e-1
+ \ contained
+
+ syn region todoBlock
+ \ contained
+ \ contains=Comment
+ \ fold
+ \ start="^[^1-9]" end="^[1-9]"re=s-1,he=s-1,me=s-1
+
+ syn sync minlines=1000
+
+ hi todoDate ctermfg=255
+ hi todoSummary ctermfg=229
+ hi todoBlock ctermfg=248
+ hi todoTag ctermfg=217
+ '';
}))
((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-syntax-nix-nested" {
"/syntax/haskell.vim".text = ''
From 0e97f41f6ece2d878c98c234ba59f6b73c6cc0f8 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 2 Feb 2019 23:15:16 +0100
Subject: [PATCH 044/107] tv vim todo: allow A-Z in tags
---
tv/2configs/vim.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index de843a30f..575a3bcb0 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -162,7 +162,7 @@ let {
\ start="." end="$\n"
\ nextgroup=todoBlock
- syn match todoTag /\[[a-z]\+\]/hs=s+1,he=e-1
+ syn match todoTag /\[[A-Za-z]\+\]/hs=s+1,he=e-1
\ contained
syn region todoBlock
From 820b7cc1f76767d9cead8022668c5932fec00d28 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 3 Feb 2019 13:39:30 +0100
Subject: [PATCH 045/107] tv vim todo: form feed ends a block
---
tv/2configs/vim.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 575a3bcb0..9942ff65b 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -169,7 +169,7 @@ let {
\ contained
\ contains=Comment
\ fold
- \ start="^[^1-9]" end="^[1-9]"re=s-1,he=s-1,me=s-1
+ \ start="^[^1-9]" end="^[1-9�]"re=s-1,he=s-1,me=s-1
syn sync minlines=1000
From 45d6a5385a274c25da9d0720370e7b38baeb13fe Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 11:00:10 +0100
Subject: [PATCH 046/107] tv bash-fzf-history: init
---
tv/5pkgs/simple/bash-fzf-history.nix | 91 ++++++++++++++++++++++++++++
1 file changed, 91 insertions(+)
create mode 100644 tv/5pkgs/simple/bash-fzf-history.nix
diff --git a/tv/5pkgs/simple/bash-fzf-history.nix b/tv/5pkgs/simple/bash-fzf-history.nix
new file mode 100644
index 000000000..e9a21b95d
--- /dev/null
+++ b/tv/5pkgs/simple/bash-fzf-history.nix
@@ -0,0 +1,91 @@
+with import <stockholm/lib>;
+{ pkgs
+
+, edit-key ? "ctrl-e"
+, exec-key ? "enter"
+, edit-mark ? "${mark-prefix}${edit-key}"
+, exec-mark ? "${mark-prefix}${exec-key}"
+, edit-command ? "\"\""
+, exec-command ? "accept-line"
+, mark-prefix ? " #FZFKEY:"
+, finish-keyseq ? "\\C-x\\C-p"
+, rebind-keyseq ? "\\C-x\\C-o"
+
+, start-keyseq ? "\\C-f"
+, load-keyseq ? start-keyseq
+}: let
+ script = pkgs.writeBash "bash-fzf-history.sh" ''
+ if ! command -v fzf >/dev/null; then
+ # Alternatively rewrite ${pkgs.fzf}/share/fzf/* to use absolute paths.
+ fzf() {
+ ${pkgs.fzf}/bin/fzf "$@"
+ }
+ fi
+
+ . ${pkgs.fzf}/share/fzf/key-bindings.bash
+ . ${pkgs.fzf}/share/fzf/completion.bash
+
+ FZF_DEFAULT_OPTS='${toString [
+ /* sh */ "--height=40%"
+ /* sh */ "--inline-info"
+ /* sh */ "--min-height=4"
+ /* sh */ "--reverse"
+ ]}'
+
+ __fzf_history__() (
+ result=$(
+ HISTTIMEFORMAT= history |
+ FZF_DEFAULT_OPTS="${toString [
+ /* sh */ "--tac"
+ /* sh */ "--sync"
+ /* sh */ "-n2..,.."
+ /* sh */ "--tiebreak=index"
+ /* sh */ "--bind=ctrl-r:toggle-sort"
+ /* sh */ "--expect=${edit-key},${exec-key}"
+ /* sh */ "$FZF_DEFAULT_OPTS"
+ /* sh */ "+m"
+ ]}" \
+ ${pkgs.fzf}/bin/fzf
+ )
+ if test -n "$result"; then
+ shopt -s extglob
+
+ key=''${result%%$'\n'*}
+ line=''${result##*([^0-9])}
+ index=''${line%%[^0-9]*}
+ command=''${line##*([0-9 ])}
+
+ echo "$command${mark-prefix}$key"
+ else
+ # Ensure no empty new line gets produced when fzf was aborted.
+ echo '${edit-mark}'
+ fi
+ )
+
+ __fzf_rebind_finish_keyseq__() {
+ local suffix=
+ case $READLINE_LINE in
+ *'${edit-mark}')
+ suffix='${edit-mark}'
+ bind '"${finish-keyseq}": ${edit-command}'
+ ;;
+ *'${exec-mark}')
+ suffix='${exec-mark}'
+ bind '"${finish-keyseq}": ${exec-command}'
+ ;;
+ esac
+ READLINE_LINE=${"\${READLINE_LINE:0:-\${#suffix}}"}
+ }
+ bind -x '"${rebind-keyseq}": __fzf_rebind_finish_keyseq__'
+
+ bind '"\C-r": reverse-search-history'
+ bind '"${start-keyseq}": " \C-e\C-u\C-y\ey\C-u`__fzf_history__`\e\C-e\er\e^${rebind-keyseq}${finish-keyseq}"'
+
+ echo '# fzf key bindings loaded:' >&2
+ bind -s | ${pkgs.gnugrep}/bin/grep __fzf_ >&2
+ '';
+in
+ script //
+ rec {
+ bind = /* sh */ ''bind -x '"${load-keyseq}": . ${script}' '';
+ }
From 5daf58f556491a8d8fa07329c05c9e4c10a0da7f Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 11:00:57 +0100
Subject: [PATCH 047/107] tv bash: use fzf-history
---
tv/2configs/bash/default.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tv/2configs/bash/default.nix b/tv/2configs/bash/default.nix
index d7673931c..86e5598bb 100644
--- a/tv/2configs/bash/default.nix
+++ b/tv/2configs/bash/default.nix
@@ -27,6 +27,8 @@ with import <stockholm/lib>;
export NIX_PATH="stockholm=$HOME/stockholm:$NIX_PATH"
;;
esac
+
+ ${pkgs.bash-fzf-history.bind}
'';
promptInit = /* sh */ ''
case $UID in
From 72de16e0a46a5f64e60df7eb27b0450b567c5ebb Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 11:06:17 +0100
Subject: [PATCH 048/107] tv bash: add timestamps to histfile
---
tv/2configs/bash/default.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/tv/2configs/bash/default.nix b/tv/2configs/bash/default.nix
index 86e5598bb..42914e060 100644
--- a/tv/2configs/bash/default.nix
+++ b/tv/2configs/bash/default.nix
@@ -8,6 +8,7 @@ with import <stockholm/lib>;
HISTCONTROL='erasedups:ignorespace'
HISTSIZE=65536
HISTFILESIZE=$HISTSIZE
+ HISTTIMEFORMAT=
shopt -s checkhash
shopt -s histappend histreedit histverify
From 6cfbc67cb236671af6781bd6a5b628d5300f67ab Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 11:53:31 +0100
Subject: [PATCH 049/107] tv bash-fzf-history: use array instead of extglob
---
tv/5pkgs/simple/bash-fzf-history.nix | 22 +++++++++++++---------
1 file changed, 13 insertions(+), 9 deletions(-)
diff --git a/tv/5pkgs/simple/bash-fzf-history.nix b/tv/5pkgs/simple/bash-fzf-history.nix
index e9a21b95d..8b3fe9e58 100644
--- a/tv/5pkgs/simple/bash-fzf-history.nix
+++ b/tv/5pkgs/simple/bash-fzf-history.nix
@@ -33,7 +33,8 @@ with import <stockholm/lib>;
]}'
__fzf_history__() (
- result=$(
+ IFS=$'\n'
+ result=( $(
HISTTIMEFORMAT= history |
FZF_DEFAULT_OPTS="${toString [
/* sh */ "--tac"
@@ -45,15 +46,18 @@ with import <stockholm/lib>;
/* sh */ "$FZF_DEFAULT_OPTS"
/* sh */ "+m"
]}" \
- ${pkgs.fzf}/bin/fzf
- )
+ ${pkgs.fzf}/bin/fzf |
+ ${pkgs.gnused}/bin/sed '
+ /^ *[0-9]/{
+ s/^ *//
+ s/ \+/\n/;# index
+ }
+ '
+ ) )
if test -n "$result"; then
- shopt -s extglob
-
- key=''${result%%$'\n'*}
- line=''${result##*([^0-9])}
- index=''${line%%[^0-9]*}
- command=''${line##*([0-9 ])}
+ key=''${result[0]}
+ index=''${result[1]}
+ command=''${result[2]}
echo "$command${mark-prefix}$key"
else
From c1bd2a0851dc163a77699b00759f8ae4aa38a65d Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 11:54:03 +0100
Subject: [PATCH 050/107] tv bash-fzf-history: show timestamp
---
tv/5pkgs/simple/bash-fzf-history.nix | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/tv/5pkgs/simple/bash-fzf-history.nix b/tv/5pkgs/simple/bash-fzf-history.nix
index 8b3fe9e58..7b92ea0cd 100644
--- a/tv/5pkgs/simple/bash-fzf-history.nix
+++ b/tv/5pkgs/simple/bash-fzf-history.nix
@@ -35,8 +35,9 @@ with import <stockholm/lib>;
__fzf_history__() (
IFS=$'\n'
result=( $(
- HISTTIMEFORMAT= history |
+ HISTTIMEFORMAT=$'\e[38;5;244m%Y-%m-%dT%H:%M:%S\e[m ' history |
FZF_DEFAULT_OPTS="${toString [
+ /* sh */ "--ansi"
/* sh */ "--tac"
/* sh */ "--sync"
/* sh */ "-n2..,.."
@@ -51,13 +52,15 @@ with import <stockholm/lib>;
/^ *[0-9]/{
s/^ *//
s/ \+/\n/;# index
+ s/ \+/\n/;# date
}
'
) )
if test -n "$result"; then
key=''${result[0]}
index=''${result[1]}
- command=''${result[2]}
+ date=''${result[2]}
+ command=''${result[3]}
echo "$command${mark-prefix}$key"
else
From 0b60d5da163980483a233ab60492c9c5a5c59cf8 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 13:11:46 +0100
Subject: [PATCH 051/107] tv bash-fzf-history: support unknown timestamps
---
tv/5pkgs/simple/bash-fzf-history.nix | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tv/5pkgs/simple/bash-fzf-history.nix b/tv/5pkgs/simple/bash-fzf-history.nix
index 7b92ea0cd..b603dedd9 100644
--- a/tv/5pkgs/simple/bash-fzf-history.nix
+++ b/tv/5pkgs/simple/bash-fzf-history.nix
@@ -35,7 +35,12 @@ with import <stockholm/lib>;
__fzf_history__() (
IFS=$'\n'
result=( $(
+ # To add "unknown timestamps" to each line of the history:
+ # sed -i '/^#[0-9]/{n;b};s/^/#1\n/' "$HISTFILE"
HISTTIMEFORMAT=$'\e[38;5;244m%Y-%m-%dT%H:%M:%S\e[m ' history |
+ ${pkgs.gnused}/bin/sed '
+ s/\(\x1b\[[0-9;]*\)244m1970-[0-9T:-]*/\1237m????-??-??T??:??:??/
+ ' |
FZF_DEFAULT_OPTS="${toString [
/* sh */ "--ansi"
/* sh */ "--tac"
From d3f9c8efccd2d6eca7d888c3ae19f2ab8fd58911 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 5 Feb 2019 21:11:09 +0100
Subject: [PATCH 052/107] blessings: 2.1.0 -> 2.2.0
---
krebs/5pkgs/haskell/blessings.nix | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix
index 97e4a717c..f730cc72b 100644
--- a/krebs/5pkgs/haskell/blessings.nix
+++ b/krebs/5pkgs/haskell/blessings.nix
@@ -1,5 +1,5 @@
with import <stockholm/lib>;
-{ mkDerivation, base, fetchgit, stdenv }: let
+{ mkDerivation, base, fetchgit, hspec, QuickCheck, stdenv, text }: let
cfg = {
"18.03" = {
@@ -7,8 +7,8 @@ with import <stockholm/lib>;
sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
};
"18.09" = {
- version = "2.1.0";
- sha256 = "0wc8v48bb0bkvypc0j6imvnf8xc8572hykk9sgjhzf2w0ggqxv5d";
+ version = "2.2.0";
+ sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1";
};
}.${versions.majorMinor nixpkgsVersion};
@@ -20,7 +20,8 @@ in mkDerivation {
rev = "refs/tags/v${cfg.version}";
sha256 = cfg.sha256;
};
- libraryHaskellDepends = [ base ];
+ libraryHaskellDepends = [ base text ];
+ testHaskellDepends = [ base hspec QuickCheck ];
doHaddock = false;
# WTFPL is the true license, which is unknown to cabal.
license = stdenv.lib.licenses.wtfpl;
From 30b59aa4d86d87c6aa8778c6c309d40b3724ca64 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 7 Feb 2019 19:04:19 +0100
Subject: [PATCH 053/107] tv gitrepos: add flameshot-once
---
tv/2configs/gitrepos.nix | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index 725ddefa8..95ab75b3d 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -47,6 +47,9 @@ let {
disko = {
cgit.desc = "declarative partitioning and formatting tool";
};
+ flameshot-once = {
+ cgit.desc = "flameshot runner that automatically starts/stops the daemon";
+ };
fswm = {
cgit.desc = "simple full screen window manager";
};
From 24d008d92d24633054e37dd69f983512bf49a69d Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 7 Feb 2019 19:06:14 +0100
Subject: [PATCH 054/107] flameshot-once: init at 1.0.0
---
krebs/5pkgs/haskell/flameshot-once.nix | 20 ++++++++++++++++++++
krebs/5pkgs/simple/flameshot-once.nix | 14 ++++++++++++++
2 files changed, 34 insertions(+)
create mode 100644 krebs/5pkgs/haskell/flameshot-once.nix
create mode 100644 krebs/5pkgs/simple/flameshot-once.nix
diff --git a/krebs/5pkgs/haskell/flameshot-once.nix b/krebs/5pkgs/haskell/flameshot-once.nix
new file mode 100644
index 000000000..b90dd2cb8
--- /dev/null
+++ b/krebs/5pkgs/haskell/flameshot-once.nix
@@ -0,0 +1,20 @@
+{ mkDerivation, async, base, blessings, dbus, fetchgit
+, iso8601-time, process, stdenv, text, time, unagi-chan, unix
+}:
+mkDerivation {
+ pname = "flameshot-once";
+ version = "1.0.0";
+ src = fetchgit {
+ url = "https://cgit.krebsco.de/flameshot-once";
+ sha256 = "0fjk5pgjy7r0xz4i38qb85x1z4jp8bas2mmgznp7glidz362w390";
+ rev = "fb5636483871fbafe9b286b377c339c8ddf8b4f8";
+ fetchSubmodules = true;
+ };
+ isLibrary = false;
+ isExecutable = true;
+ executableHaskellDepends = [
+ async base blessings dbus iso8601-time process text time unagi-chan
+ unix
+ ];
+ license = stdenv.lib.licenses.mit;
+}
diff --git a/krebs/5pkgs/simple/flameshot-once.nix b/krebs/5pkgs/simple/flameshot-once.nix
new file mode 100644
index 000000000..7550a4678
--- /dev/null
+++ b/krebs/5pkgs/simple/flameshot-once.nix
@@ -0,0 +1,14 @@
+{ pkgs }:
+
+pkgs.symlinkJoin {
+ name = "flameshot-once-wrapper";
+ paths = [
+ (pkgs.writeDashBin "flameshot-once" ''
+ export PATH=${pkgs.stdenv.lib.makeBinPath [
+ pkgs.flameshot
+ ]}''${PATH:+:$PATH}
+ exec ${pkgs.haskellPackages.flameshot-once}/bin/flameshot-once "$@"
+ '')
+ pkgs.haskellPackages.flameshot-once
+ ];
+}
From 76fd127a7f1bedd6951322b6401076dd4ee48a78 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 7 Feb 2019 22:09:51 +0100
Subject: [PATCH 055/107] flameshot-once: 1.0.0 -> 1.0.1
---
krebs/5pkgs/haskell/flameshot-once.nix | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/krebs/5pkgs/haskell/flameshot-once.nix b/krebs/5pkgs/haskell/flameshot-once.nix
index b90dd2cb8..aa0d94d8f 100644
--- a/krebs/5pkgs/haskell/flameshot-once.nix
+++ b/krebs/5pkgs/haskell/flameshot-once.nix
@@ -1,20 +1,21 @@
-{ mkDerivation, async, base, blessings, dbus, fetchgit
-, iso8601-time, process, stdenv, text, time, unagi-chan, unix
+{ mkDerivation, async, base, blessings, bytestring, dbus, fetchgit
+, iso8601-time, process, random, stdenv, text, time, unagi-chan
+, unix
}:
mkDerivation {
pname = "flameshot-once";
- version = "1.0.0";
+ version = "1.0.1";
src = fetchgit {
url = "https://cgit.krebsco.de/flameshot-once";
- sha256 = "0fjk5pgjy7r0xz4i38qb85x1z4jp8bas2mmgznp7glidz362w390";
- rev = "fb5636483871fbafe9b286b377c339c8ddf8b4f8";
+ sha256 = "01bsgadjk3y3lg19xcadlrqalr4cs028fsivgacqh31fqaq4v243";
+ rev = "03623ce6c011c1e85df7d91aed4458c098ff22ff";
fetchSubmodules = true;
};
isLibrary = false;
isExecutable = true;
executableHaskellDepends = [
- async base blessings dbus iso8601-time process text time unagi-chan
- unix
+ async base blessings bytestring dbus iso8601-time process random
+ text time unagi-chan unix
];
license = stdenv.lib.licenses.mit;
}
From 3a2d5affbb7766af4776f21b308c425008a4943d Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 8 Feb 2019 09:43:33 +0100
Subject: [PATCH 056/107] external: actually import palo.nix
---
krebs/3modules/default.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index c72215e79..9c2f53cbe 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -100,6 +100,7 @@ let
{ krebs = import ./krebs { inherit config; }; }
{ krebs = import ./lass { inherit config; }; }
{ krebs = import ./makefu { inherit config; }; }
+ { krebs = import ./external/palo.nix { inherit config; }; }
{ krebs = import ./tv { inherit config; }; }
{
krebs.dns.providers = {
From 7f0354f2bae42e9eb6a341c079aeadfa1fc88e5b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 8 Feb 2019 15:14:54 +0100
Subject: [PATCH 057/107] ma tools/games: disable steam (for now)
---
makefu/2configs/tools/games.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/makefu/2configs/tools/games.nix b/makefu/2configs/tools/games.nix
index 40ea4523d..0f1e61791 100644
--- a/makefu/2configs/tools/games.nix
+++ b/makefu/2configs/tools/games.nix
@@ -2,7 +2,7 @@
{
imports = [
- ./steam.nix
+ # ./steam.nix
];
users.users.makefu.packages = with pkgs; [
games-user-env
From 6788519e4be7390c76bffacadd05d49f8fc3cace Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 8 Feb 2019 15:17:23 +0100
Subject: [PATCH 058/107] ma x: enable remote builder
---
makefu/1systems/x/config.nix | 27 ++++++++++++++++----------
makefu/2configs/remote-build/gum.nix | 15 ++++++++++++++
makefu/2configs/remote-build/slave.nix | 1 +
3 files changed, 33 insertions(+), 10 deletions(-)
create mode 100644 makefu/2configs/remote-build/gum.nix
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 138735d91..7ed63837f 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -15,6 +15,13 @@
<stockholm/makefu/2configs/extra-fonts.nix>
<stockholm/makefu/2configs/tools/all.nix>
<stockholm/makefu/2configs/dict.nix>
+ #<stockholm/makefu/3modules/netboot_server.nix>
+ #{
+ # netboot_server = {
+ # network.wan = "wlp3s0";
+ # network.lan = "enp0s25";
+ # };
+ #}
<stockholm/makefu/2configs/backup/state.nix>
# <stockholm/makefu/2configs/dnscrypt/client.nix>
@@ -52,21 +59,22 @@
# Virtualization
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
<stockholm/makefu/2configs/virtualisation/docker.nix>
- <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
- {
- networking.firewall.allowedTCPPorts = [ 8080 ];
- networking.nat = {
- enable = true;
- externalInterface = "wlp3s0";
- internalInterfaces = [ "vboxnet0" ];
- };
- }
+ # <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
+ #{
+ # networking.firewall.allowedTCPPorts = [ 8080 ];
+ # networking.nat = {
+ # enable = true;
+ # externalInterface = "wlp3s0";
+ # internalInterfaces = [ "vboxnet0" ];
+ # };
+ #}
# Services
<stockholm/makefu/2configs/git/brain-retiolum.nix>
<stockholm/makefu/2configs/tor.nix>
<stockholm/makefu/2configs/vpn/vpngate.nix>
# <stockholm/makefu/2configs/buildbot-standalone.nix>
<stockholm/makefu/2configs/remote-build/aarch64-community.nix>
+ <stockholm/makefu/2configs/remote-build/gum.nix>
# Hardware
<stockholm/makefu/2configs/hw/tp-x230.nix>
@@ -162,7 +170,6 @@
"/home/makefu/docs"
"/home/makefu/.password-store"
"/home/makefu/.secrets-pass"
- "/home/makefu/autosync/Database.kdb"
];
services.syncthing.user = lib.mkForce "makefu";
diff --git a/makefu/2configs/remote-build/gum.nix b/makefu/2configs/remote-build/gum.nix
new file mode 100644
index 000000000..98e2e58b5
--- /dev/null
+++ b/makefu/2configs/remote-build/gum.nix
@@ -0,0 +1,15 @@
+{
+ nix = {
+ distributedBuilds = true;
+ buildMachines = [
+ {
+ hostName = "gum.krebsco.de";
+ maxJobs = 8;
+ sshKey = toString <secrets/id_nixBuild>;
+ sshUser = "nixBuild";
+ system = "x86_64-linux";
+ supportedFeatures = [ ];
+ }
+ ];
+ };
+}
diff --git a/makefu/2configs/remote-build/slave.nix b/makefu/2configs/remote-build/slave.nix
index 89121ffd6..0227f512a 100644
--- a/makefu/2configs/remote-build/slave.nix
+++ b/makefu/2configs/remote-build/slave.nix
@@ -5,6 +5,7 @@
useDefaultShell = true;
openssh.authorizedKeys.keys = [
config.krebs.users.buildbotSlave.pubkey
+ config.krebs.users.makefu-remote-builder.pubkey
];
};
}
From 5d4ca6447887369ab4c5c70aa12f783b0485a111 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 8 Feb 2019 17:05:47 +0100
Subject: [PATCH 059/107] nixpkgs: 97e0d53 -> b01a89d
---
krebs/nixpkgs.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 614d5bccf..2fd2839b9 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "97e0d53d669cd07f0750a42fd535524b3cdd46d1",
- "date": "2019-01-15T00:11:44+01:00",
- "sha256": "111xa7qn9142dar29cil4br2mvn8f1rbiy310lkhwl73126fq8dw",
+ "rev": "b01a89d58f117c485f16c97a388da6227d8f0103",
+ "date": "2019-02-08T10:50:49+01:00",
+ "sha256": "1s2jdfvqjviiiq897sd6fkmc8ffyca7agmxynp4w873rfjdz10yi",
"fetchSubmodules": false
}
From 7f40ff9b5c763f5706b8e71f3f618363b6cd9781 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 8 Feb 2019 17:26:44 +0100
Subject: [PATCH 060/107] flameshot-once: use qt5.qtbase
---
krebs/5pkgs/simple/flameshot-once.nix | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/krebs/5pkgs/simple/flameshot-once.nix b/krebs/5pkgs/simple/flameshot-once.nix
index 7550a4678..4cbc92a63 100644
--- a/krebs/5pkgs/simple/flameshot-once.nix
+++ b/krebs/5pkgs/simple/flameshot-once.nix
@@ -6,7 +6,8 @@ pkgs.symlinkJoin {
(pkgs.writeDashBin "flameshot-once" ''
export PATH=${pkgs.stdenv.lib.makeBinPath [
pkgs.flameshot
- ]}''${PATH:+:$PATH}
+ pkgs.qt5.qtbase
+ ]}
exec ${pkgs.haskellPackages.flameshot-once}/bin/flameshot-once "$@"
'')
pkgs.haskellPackages.flameshot-once
From 1b526ec1a597882b7629e992c7579ee109282aa7 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 8 Feb 2019 17:46:32 +0100
Subject: [PATCH 061/107] flameshot-once: add config
---
krebs/5pkgs/simple/flameshot-once.nix | 15 ---
krebs/5pkgs/simple/flameshot-once/default.nix | 26 ++++
krebs/5pkgs/simple/flameshot-once/profile.nix | 123 ++++++++++++++++++
3 files changed, 149 insertions(+), 15 deletions(-)
delete mode 100644 krebs/5pkgs/simple/flameshot-once.nix
create mode 100644 krebs/5pkgs/simple/flameshot-once/default.nix
create mode 100644 krebs/5pkgs/simple/flameshot-once/profile.nix
diff --git a/krebs/5pkgs/simple/flameshot-once.nix b/krebs/5pkgs/simple/flameshot-once.nix
deleted file mode 100644
index 4cbc92a63..000000000
--- a/krebs/5pkgs/simple/flameshot-once.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ pkgs }:
-
-pkgs.symlinkJoin {
- name = "flameshot-once-wrapper";
- paths = [
- (pkgs.writeDashBin "flameshot-once" ''
- export PATH=${pkgs.stdenv.lib.makeBinPath [
- pkgs.flameshot
- pkgs.qt5.qtbase
- ]}
- exec ${pkgs.haskellPackages.flameshot-once}/bin/flameshot-once "$@"
- '')
- pkgs.haskellPackages.flameshot-once
- ];
-}
diff --git a/krebs/5pkgs/simple/flameshot-once/default.nix b/krebs/5pkgs/simple/flameshot-once/default.nix
new file mode 100644
index 000000000..344c5b90a
--- /dev/null
+++ b/krebs/5pkgs/simple/flameshot-once/default.nix
@@ -0,0 +1,26 @@
+with import <stockholm/lib>;
+{ pkgs, ... }@args:
+
+let
+ # config cannot be declared in the input attribute set because that would
+ # cause callPackage to inject the wrong config. Instead, get it from ...
+ # via args.
+ config = args.config or {};
+in
+
+ pkgs.symlinkJoin {
+ name = "flameshot-once-wrapper";
+ paths = [
+ (pkgs.writeDashBin "flameshot-once" ''
+ export PATH=${makeBinPath [
+ pkgs.flameshot
+ pkgs.qt5.qtbase
+ ]}
+ ${optionalString (config != null) /* sh */ ''
+ . ${import ./profile.nix { inherit config pkgs; }}
+ ''}
+ exec ${pkgs.haskellPackages.flameshot-once}/bin/flameshot-once "$@"
+ '')
+ pkgs.haskellPackages.flameshot-once
+ ];
+ }
diff --git a/krebs/5pkgs/simple/flameshot-once/profile.nix b/krebs/5pkgs/simple/flameshot-once/profile.nix
new file mode 100644
index 000000000..bfe571ff5
--- /dev/null
+++ b/krebs/5pkgs/simple/flameshot-once/profile.nix
@@ -0,0 +1,123 @@
+with import <stockholm/lib>;
+{ config, pkgs }:
+let
+
+ # Refs https://github.com/lupoDharkael/flameshot/blob/master/src/widgets/capture/capturebutton.h
+ ButtonType = {
+ PENCIL = 0;
+ DRAWER = 1;
+ ARROW = 2;
+ SELECTION = 3;
+ RECTANGLE = 4;
+ CIRCLE = 5;
+ MARKER = 6;
+ SELECTIONINDICATOR = 7;
+ MOVESELECTION = 8;
+ UNDO = 9;
+ COPY = 10;
+ SAVE = 11;
+ EXIT = 12;
+ IMAGEUPLOADER = 13;
+ OPEN_APP = 14;
+ BLUR = 15;
+ REDO = 16;
+ PIN = 17;
+ TEXT = 18;
+ };
+
+ cfg = eval.config;
+
+ eval = evalModules {
+ modules = singleton {
+ _file = toString ./config.nix;
+ imports = singleton config;
+ options = {
+ buttons = mkOption {
+ apply = map (name: ButtonType.${name});
+ default = [
+ "PENCIL"
+ "DRAWER"
+ "ARROW"
+ "SELECTION"
+ "RECTANGLE"
+ "CIRCLE"
+ "MARKER"
+ "SELECTIONINDICATOR"
+ "MOVESELECTION"
+ "UNDO"
+ "COPY"
+ "SAVE"
+ "EXIT"
+ "BLUR"
+ ];
+ type = types.listOf (types.enum (attrNames ButtonType));
+ };
+ disabledTrayIcon = mkOption {
+ default = true;
+ type = types.bool;
+ };
+ drawThickness = mkOption {
+ default = 8;
+ type = types.positive;
+ };
+ savePath = mkOption {
+ default = "/tmp";
+ type = types.absolute-pathname;
+ };
+ showDesktopNotification = mkOption {
+ default = false;
+ type = types.bool;
+ };
+ showHelp = mkOption {
+ default = false;
+ type = types.bool;
+ };
+ };
+ };
+ };
+
+ hexchars = stringToCharacters "0123456789abcdef";
+
+ # Encode integer to C-escaped string of bytes, little endian / LSB 0
+ le = rec {
+ x1 = i: let
+ i0 = mod i 16;
+ i1 = i / 16;
+ in
+ "\\x${elemAt hexchars i1}${elemAt hexchars i0}";
+
+ x2 = i: let
+ i0 = mod i 256;
+ i1 = i / 256;
+ in
+ "${x1 i0}${x1 i1}";
+
+ x4 = i: let
+ i0 = mod i 65536;
+ i1 = i / 65536;
+ in
+ "${x2 i0}${x2 i1}";
+ };
+
+ toQList = t: xs:
+ assert t == "int";
+ "QList<${t}>${le.x4 0}${le.x4 (length xs)}${concatMapStrings le.x4 xs}";
+
+ XDG_CONFIG_HOME = pkgs.write "flameshot-config" {
+ "/Dharkael/flameshot.ini".text = ''
+ [General]
+ buttons=@Variant(\0\0\0\x7f\0\0\0\v${toQList "int" cfg.buttons})
+ disabledTrayIcon=${toJSON cfg.disabledTrayIcon}
+ drawThickness=${toJSON cfg.drawThickness}
+ savePath=${toJSON cfg.savePath}
+ showDesktopNotification=${toJSON cfg.showDesktopNotification}
+ showHelp=${toJSON cfg.showHelp}
+ '';
+ };
+
+in
+
+ pkgs.writeDash "flameshot.profile" ''
+ export FLAMESHOT_CAPTURE_PATH=${cfg.savePath}
+ export XDG_CONFIG_HOME=${XDG_CONFIG_HOME}
+ ''
From 90b227622c6950845c24f62d03e2eb073005be6e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 8 Feb 2019 18:02:29 +0100
Subject: [PATCH 062/107] tv xmonad: add dbus
---
tv/2configs/xserver/default.nix | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix
index f68e8e681..051e12ef0 100644
--- a/tv/2configs/xserver/default.nix
+++ b/tv/2configs/xserver/default.nix
@@ -48,10 +48,24 @@ in {
systemd.services.xmonad = let
xmonad = "${pkgs.haskellPackages.xmonad-tv}/bin/xmonad";
- xmonad-prepare = pkgs.writeDash "xmonad-prepare" ''
+ xmonad-start = pkgs.writeDash "xmonad-start" ''
${pkgs.coreutils}/bin/mkdir -p "$XMONAD_CACHE_DIR"
${pkgs.coreutils}/bin/mkdir -p "$XMONAD_CONFIG_DIR"
${pkgs.coreutils}/bin/mkdir -p "$XMONAD_DATA_DIR"
+
+ f=$HOME/.dbus/session-bus/$(${pkgs.coreutils}/bin/cat /etc/machine-id)-${
+ toString config.services.xserver.display
+ }
+ if test -e "$f" &&
+ . "$f" &&
+ ${pkgs.coreutils}/bin/kill -0 "$DBUS_SESSION_BUS_PID"
+ then
+ export DBUS_SESSION_BUS_ADDRESS
+ else
+ eval "$(${pkgs.dbus.lib}/bin/dbus-launch --sh-syntax)"
+ fi
+
+ exec ${xmonad}
'';
xmonad-ready = pkgs.writeDash "xmonad-ready" ''
{
@@ -97,8 +111,7 @@ in {
"/run/wrappers" # for su
];
serviceConfig = {
- ExecStartPre = "@${xmonad-prepare} xmonad-prepare";
- ExecStart = "@${xmonad} xmonad-${currentSystem}";
+ ExecStart = "@${xmonad-start} xmonad-${currentSystem}";
ExecStop = "@${xmonad} xmonad-${currentSystem} --shutdown";
SyslogIdentifier = "xmonad";
User = cfg.user.name;
From f9496394975782a3aee0998a9a6d5882b67c0901 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 9 Feb 2019 02:34:32 +0100
Subject: [PATCH 063/107] flameshot-once: make filenamePattern configurable
---
krebs/5pkgs/simple/flameshot-once/profile.nix | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/krebs/5pkgs/simple/flameshot-once/profile.nix b/krebs/5pkgs/simple/flameshot-once/profile.nix
index bfe571ff5..69adb240d 100644
--- a/krebs/5pkgs/simple/flameshot-once/profile.nix
+++ b/krebs/5pkgs/simple/flameshot-once/profile.nix
@@ -60,6 +60,12 @@ let
default = 8;
type = types.positive;
};
+ filenamePattern = mkOption {
+ default = "%FT%T%z_flameshot.png";
+ type =
+ # This is types.filename extended by [%:][%:+]*
+ types.addCheck types.str (test "[%:0-9A-Za-z._][%:+0-9A-Za-z._-]*");
+ };
savePath = mkOption {
default = "/tmp";
type = types.absolute-pathname;
@@ -109,6 +115,7 @@ let
buttons=@Variant(\0\0\0\x7f\0\0\0\v${toQList "int" cfg.buttons})
disabledTrayIcon=${toJSON cfg.disabledTrayIcon}
drawThickness=${toJSON cfg.drawThickness}
+ filenamePattern=${toJSON cfg.filenamePattern}
savePath=${toJSON cfg.savePath}
showDesktopNotification=${toJSON cfg.showDesktopNotification}
showHelp=${toJSON cfg.showHelp}
From e29debea42379fcb529057edf1963928466b0181 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 9 Feb 2019 02:33:58 +0100
Subject: [PATCH 064/107] flameshot-once: 1.0.1 -> 1.1.0
---
krebs/5pkgs/haskell/flameshot-once.nix | 6 +++---
krebs/5pkgs/simple/flameshot-once/default.nix | 1 +
krebs/5pkgs/simple/flameshot-once/profile.nix | 1 -
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/krebs/5pkgs/haskell/flameshot-once.nix b/krebs/5pkgs/haskell/flameshot-once.nix
index aa0d94d8f..89b95ca07 100644
--- a/krebs/5pkgs/haskell/flameshot-once.nix
+++ b/krebs/5pkgs/haskell/flameshot-once.nix
@@ -4,11 +4,11 @@
}:
mkDerivation {
pname = "flameshot-once";
- version = "1.0.1";
+ version = "1.1.0";
src = fetchgit {
url = "https://cgit.krebsco.de/flameshot-once";
- sha256 = "01bsgadjk3y3lg19xcadlrqalr4cs028fsivgacqh31fqaq4v243";
- rev = "03623ce6c011c1e85df7d91aed4458c098ff22ff";
+ sha256 = "158ha1yyj3p3mdjjga62j91ml83nhrsg34xbg3dir5cb399j8pxx";
+ rev = "9d688b6ffad14912bd1afe42555747cb3d213d95";
fetchSubmodules = true;
};
isLibrary = false;
diff --git a/krebs/5pkgs/simple/flameshot-once/default.nix b/krebs/5pkgs/simple/flameshot-once/default.nix
index 344c5b90a..c442a2e96 100644
--- a/krebs/5pkgs/simple/flameshot-once/default.nix
+++ b/krebs/5pkgs/simple/flameshot-once/default.nix
@@ -15,6 +15,7 @@ in
export PATH=${makeBinPath [
pkgs.flameshot
pkgs.qt5.qtbase
+ pkgs.xclip
]}
${optionalString (config != null) /* sh */ ''
. ${import ./profile.nix { inherit config pkgs; }}
diff --git a/krebs/5pkgs/simple/flameshot-once/profile.nix b/krebs/5pkgs/simple/flameshot-once/profile.nix
index 69adb240d..4fcbd62c0 100644
--- a/krebs/5pkgs/simple/flameshot-once/profile.nix
+++ b/krebs/5pkgs/simple/flameshot-once/profile.nix
@@ -45,7 +45,6 @@ let
"SELECTIONINDICATOR"
"MOVESELECTION"
"UNDO"
- "COPY"
"SAVE"
"EXIT"
"BLUR"
From e51a19cb8be0ae1d9a45d1c22b45ec71e099a2ff Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 9 Feb 2019 04:04:23 +0100
Subject: [PATCH 065/107] tv xmonad: remove unused language extensions
---
tv/5pkgs/haskell/xmonad-tv/src/main.hs | 4 ----
1 file changed, 4 deletions(-)
diff --git a/tv/5pkgs/haskell/xmonad-tv/src/main.hs b/tv/5pkgs/haskell/xmonad-tv/src/main.hs
index b7d4e9bca..e78480219 100644
--- a/tv/5pkgs/haskell/xmonad-tv/src/main.hs
+++ b/tv/5pkgs/haskell/xmonad-tv/src/main.hs
@@ -1,8 +1,4 @@
-{-# LANGUAGE DeriveDataTypeable #-} -- for XS
-{-# LANGUAGE FlexibleContexts #-} -- for xmonad'
{-# LANGUAGE LambdaCase #-}
-{-# LANGUAGE ScopedTypeVariables #-}
-
module Main (main) where
From d3b23eac6eb79076b1b60615d26bfebafc927e65 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 9 Feb 2019 04:05:39 +0100
Subject: [PATCH 066/107] tv xmonad: use launch
---
tv/5pkgs/haskell/xmonad-tv/src/main.hs | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tv/5pkgs/haskell/xmonad-tv/src/main.hs b/tv/5pkgs/haskell/xmonad-tv/src/main.hs
index e78480219..c528017d7 100644
--- a/tv/5pkgs/haskell/xmonad-tv/src/main.hs
+++ b/tv/5pkgs/haskell/xmonad-tv/src/main.hs
@@ -47,7 +47,7 @@ mainNoArgs = do
let width = 1366
workspaces0 <- getWorkspaces0
handleShutdownEvent <- newShutdownEventHandler
- xmonad
+ launch
$ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ")
$ def
{ terminal = Paths.urxvtc
From 6e82401de73d1a95a5e465fe75974d91c6595c15 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sat, 9 Feb 2019 23:19:19 +0100
Subject: [PATCH 067/107] ma cake.r: now perform the important tasks of omo
---
makefu/1systems/cake/config.nix | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix
index e40042b2d..8617578f0 100644
--- a/makefu/1systems/cake/config.nix
+++ b/makefu/1systems/cake/config.nix
@@ -1,9 +1,16 @@
{ config, lib, pkgs, ... }:
-{
+let
+ primaryInterface = "eth0";
+in {
imports = [
<stockholm/makefu>
./hardware-config.nix
- <stockholm/makefu/2configs/tools/core.nix>
+ # <stockholm/makefu/2configs/tools/core.nix>
+ { environment.systemPackages = with pkgs;[ rsync screen curl git ];}
+ <stockholm/makefu/2configs/binary-cache/nixos.nix>
+ #<stockholm/makefu/2configs/support-nixos.nix>
+ <stockholm/makefu/2configs/homeautomation/default.nix>
+ <stockholm/makefu/2configs/homeautomation/google-muell.nix>
# configure your hw:
# <stockholm/makefu/2configs/save-diskspace.nix>
];
@@ -12,7 +19,7 @@
tinc.retiolum.enable = true;
build.host = config.krebs.hosts.cake;
};
-
+ networking.firewall.trustedInterfaces = [ primaryInterface ];
documentation.info.enable = false;
documentation.man.enable = false;
services.nixosManual.enable = false;
From 7661181528df06f3b7e15128c1efcb6ac1854f31 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sat, 9 Feb 2019 23:19:53 +0100
Subject: [PATCH 068/107] ma google-muell: bump to latest version, use new
config
---
makefu/2configs/homeautomation/google-muell.nix | 15 +++++++++++----
makefu/5pkgs/ampel/default.nix | 6 +++---
2 files changed, 14 insertions(+), 7 deletions(-)
diff --git a/makefu/2configs/homeautomation/google-muell.nix b/makefu/2configs/homeautomation/google-muell.nix
index 235cc1546..5870f298d 100644
--- a/makefu/2configs/homeautomation/google-muell.nix
+++ b/makefu/2configs/homeautomation/google-muell.nix
@@ -3,13 +3,20 @@ with import <stockholm/lib>;
let
pkg = pkgs.ampel;
home = "/var/lib/ampel";
- sec = "${toString <secrets>}/google-muell.json";
+ sec = "${toString <secrets>}/ampel/google-muell.json";
ampelsec = "${home}/google-muell.json";
- cred = "${toString <secrets>}/google-muell-creds.json";
+ cred = "${toString <secrets>}/ampel/google-muell-creds.json";
# TODO: generate this credential file locally
ampelcred = "${home}/google-muell-creds.json";
- esp = "192.168.8.204";
sleepval = "1800";
+ default-color = "244,220,66";
+ config_json = toFile "config.json" (toJSON {
+ mq_hostname = "localhost";
+ mq_port = 1883;
+ mq_username = "sensor";
+ mq_topic = "/ham/flurlicht/cmnd/MEM1";
+ mq_password = replaceChars ["\n"] [""] (readFile "${toString <secrets>}/mqtt/sensor");
+ });
in {
users.users.ampel = {
uid = genid "ampel";
@@ -27,7 +34,7 @@ in {
install -m600 -o ampel ${sec} ${ampelsec}
install -m600 -o ampel ${cred} ${ampelcred}
'';
- ExecStart = "${pkg}/bin/google-muell --esp=${esp} --client-secrets=${ampelsec} --credential-path=${ampelcred} --sleepval=${sleepval}";
+ ExecStart = "${pkg}/bin/google-muell --config ${config_json} --default-color=${default-color} --client-secrets=${ampelsec} --credential-path=${ampelcred} --sleepval=${sleepval}";
PermissionsStartOnly = true;
Restart = "always";
RestartSec = 10;
diff --git a/makefu/5pkgs/ampel/default.nix b/makefu/5pkgs/ampel/default.nix
index 9792c2c59..70fdfda78 100644
--- a/makefu/5pkgs/ampel/default.nix
+++ b/makefu/5pkgs/ampel/default.nix
@@ -2,7 +2,7 @@
with pkgs.python3Packages;buildPythonPackage rec {
name = "ampel-${version}";
- version = "0.2.1";
+ version = "0.2.4";
propagatedBuildInputs = [
docopt
@@ -16,8 +16,8 @@ with pkgs.python3Packages;buildPythonPackage rec {
src = pkgs.fetchgit {
url = "http://cgit.euer.krebsco.de/ampel";
- rev = "92321d7";
- sha256 = "0mvpbpf1rx8sc589qjb73gl8z6fir2zs3gl3br1pbhg5jgn0ij4n";
+ rev = "04e1c8c38ffe53175ae719121ad88534a8a662db";
+ sha256 = "00jgr3jg2yi91hd7388v8rncfbq8fx8dvr03sg749dzpsg58hfxn";
};
meta = {
homepage = http://cgit.euer.krebsco.de/ampel;
From 78803cf974c0828170ff360b353bd1b67f2d7da9 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 10 Feb 2019 08:01:01 +0100
Subject: [PATCH 069/107] ma tests/secrets: add id_nixBuild
---
makefu/0tests/data/secrets/id_nixBuild | 0
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 makefu/0tests/data/secrets/id_nixBuild
diff --git a/makefu/0tests/data/secrets/id_nixBuild b/makefu/0tests/data/secrets/id_nixBuild
new file mode 100644
index 000000000..e69de29bb
From d64c6bb976f61b2173a2c170ea1ba6f26c57147e Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 10 Feb 2019 09:53:45 +0100
Subject: [PATCH 070/107] Revert "ma cgit: disable irc hook"
This reverts commit 1f8ad80695e93687999b8151ddd2e7f2c40b085b.
---
makefu/2configs/git/cgit-retiolum.nix | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index 4890e4afe..0ff855980 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -62,6 +62,15 @@ let
make-krebs-repo = with git; name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
+ hooks = {
+ post-receive = pkgs.git-hooks.irc-announce {
+ nick = config.networking.hostName;
+ verbose = config.krebs.build.host.name == "gum";
+ channel = "#xxx";
+ # TODO remove the hardcoded hostname
+ server = "irc.r";
+ };
+ };
};
From 8371e21c10bdb5d5353cc581efba7e09e4ce7a91 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 10 Feb 2019 14:22:54 +0100
Subject: [PATCH 071/107] tv iptables: add extra{4,6}
---
tv/3modules/iptables.nix | 55 ++++++++++++++++++++++++++++++----------
1 file changed, 42 insertions(+), 13 deletions(-)
diff --git a/tv/3modules/iptables.nix b/tv/3modules/iptables.nix
index 56861dc74..3f1df9220 100644
--- a/tv/3modules/iptables.nix
+++ b/tv/3modules/iptables.nix
@@ -9,6 +9,33 @@ let {
config = lib.mkIf cfg.enable imp;
};
+ extraTypes = {
+ rules = types.submodule {
+ options = {
+ nat.OUTPUT = mkOption {
+ type = with types; listOf str;
+ default = [];
+ };
+ nat.PREROUTING = mkOption {
+ type = with types; listOf str;
+ default = [];
+ };
+ nat.POSTROUTING = mkOption {
+ type = with types; listOf str;
+ default = [];
+ };
+ filter.FORWARD = mkOption {
+ type = with types; listOf str;
+ default = [];
+ };
+ filter.INPUT = mkOption {
+ type = with types; listOf str;
+ default = [];
+ };
+ };
+ };
+ };
+
api = {
enable = mkEnableOption "tv.iptables";
@@ -37,19 +64,19 @@ let {
default = [];
};
- extra = {
- nat.POSTROUTING = mkOption {
- type = with types; listOf str;
- default = [];
- };
- filter.FORWARD = mkOption {
- type = with types; listOf str;
- default = [];
- };
- filter.INPUT = mkOption {
- type = with types; listOf str;
- default = [];
- };
+ extra = mkOption {
+ default = {};
+ type = extraTypes.rules;
+ };
+
+ extra4 = mkOption {
+ default = {};
+ type = extraTypes.rules;
+ };
+
+ extra6 = mkOption {
+ default = {};
+ type = extraTypes.rules;
};
};
@@ -112,6 +139,7 @@ let {
"-o lo -p tcp -m tcp --dport 11423 -j REDIRECT --to-ports 22"
]}
${formatTable cfg.extra.nat}
+ ${formatTable cfg."extra${toString iptables-version}".nat}
COMMIT
*filter
:INPUT DROP [0:0]
@@ -129,6 +157,7 @@ let {
++ ["-i retiolum -j Retiolum"]
)}
${formatTable cfg.extra.filter}
+ ${formatTable cfg."extra${toString iptables-version}".filter}
${concatMapStringsSep "\n" (rule: "-A Retiolum ${rule}") ([]
++ optional (cfg.accept-echo-request == "retiolum") accept-echo-request
++ map accept-tcp (unique (map toString cfg.input-retiolum-accept-tcp))
From bc534f38aa3885d654175e747774dcbad243c08d Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 10 Feb 2019 14:36:31 +0100
Subject: [PATCH 072/107] tv iptables extraTypes: add Retiolum
---
tv/3modules/iptables.nix | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/tv/3modules/iptables.nix b/tv/3modules/iptables.nix
index 3f1df9220..3974760d5 100644
--- a/tv/3modules/iptables.nix
+++ b/tv/3modules/iptables.nix
@@ -32,6 +32,10 @@ let {
type = with types; listOf str;
default = [];
};
+ filter.Retiolum = mkOption {
+ type = with types; listOf str;
+ default = [];
+ };
};
};
};
From a68144db9fef2a46a5817da7449fe2ba89e600ee Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 11 Feb 2019 17:52:22 +0100
Subject: [PATCH 073/107] ma gum.r: also load dm-raid at startup of kernel to
mount binaergewitter
---
makefu/1systems/gum/hardware-config.nix | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix
index 542b79fe7..857fad7aa 100644
--- a/makefu/1systems/gum/hardware-config.nix
+++ b/makefu/1systems/gum/hardware-config.nix
@@ -41,36 +41,36 @@ in {
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.devices = [ main-disk ];
- boot.initrd.kernelModules = [ "dm-raid" ];
+ boot.initrd.kernelModules = [ "dm-raid" "dm_cache" ];
boot.initrd.availableKernelModules = [
"ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci"
"xhci_pci" "ehci_pci" "ahci" "sd_mod"
];
- boot.kernelModules = [ "dm-thin-pool" "kvm-intel" ];
+ boot.kernelModules = [ "dm-raid" "dm_cache" "dm-thin-pool" "kvm-intel" ];
hardware.enableRedistributableFirmware = true;
fileSystems."/" = {
- device = "/dev/mapper/nixos-root";
+ device = "/dev/nixos/root";
fsType = "ext4";
};
fileSystems."/var/lib" = {
- device = "/dev/mapper/nixos-lib";
+ device = "/dev/nixos/lib";
fsType = "ext4";
};
fileSystems."/var/log" = {
- device = "/dev/mapper/nixos-log";
+ device = "/dev/nixos/log";
fsType = "ext4";
};
fileSystems."/var/download" = {
- device = "/dev/mapper/nixos-download";
+ device = "/dev/nixos/download";
fsType = "ext4";
};
fileSystems."/var/www/binaergewitter" = {
- device = "/dev/mapper/nixos-binaergewitter";
+ device = "/dev/nixos/binaergewitter";
fsType = "ext4";
- options = [ "nofail" ];
+ options = [ "nofail" "x-systemd.automount" "x-systemd.device-timeout=5s" "x-systemd.mount-timeout=5s" ];
};
fileSystems."/var/lib/borgbackup" = {
- device = "/dev/mapper/nixos-backup";
+ device = "/dev/nixos/backup";
fsType = "ext4";
};
fileSystems."/boot" = {
From 5605d675daf909f586957e1c735a9ff82e6ac68b Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 12 Feb 2019 14:55:19 +0100
Subject: [PATCH 074/107] nixpkgs: b01a89d -> 168cbb3
---
krebs/nixpkgs.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 2fd2839b9..ecc45a15b 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "b01a89d58f117c485f16c97a388da6227d8f0103",
- "date": "2019-02-08T10:50:49+01:00",
- "sha256": "1s2jdfvqjviiiq897sd6fkmc8ffyca7agmxynp4w873rfjdz10yi",
+ "rev": "168cbb39691cca2822ce1fdb3e8c0183af5c6d0d",
+ "date": "2019-02-12T00:54:14+01:00",
+ "sha256": "0fqasswfqrz2rbag9bz17j8y7615s0p9l23cw4sk2f384gk0zf6c",
"fetchSubmodules": false
}
From 5845742ae0770bae3c341d2d7eacb4ccc05245c9 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 16 Feb 2019 15:28:30 +0100
Subject: [PATCH 075/107] nixpkgs: 168cbb3 -> 9bd45dd
---
krebs/nixpkgs.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index ecc45a15b..b6124ad41 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "168cbb39691cca2822ce1fdb3e8c0183af5c6d0d",
- "date": "2019-02-12T00:54:14+01:00",
- "sha256": "0fqasswfqrz2rbag9bz17j8y7615s0p9l23cw4sk2f384gk0zf6c",
+ "rev": "9bd45dddf8171e2fd4288d684f4f70a2025ded19",
+ "date": "2019-02-15T12:11:24-05:00",
+ "sha256": "1idrxrymwqfsfysav3yl8lya1jhgg8xzgq9hy7dpdd63770vn8c1",
"fetchSubmodules": false
}
From 174b3ee6bef292d3270823006f806f847dc5a264 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 16 Feb 2019 15:39:17 +0100
Subject: [PATCH 076/107] lib.warnOldVersion: init
---
lib/default.nix | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/lib/default.nix b/lib/default.nix
index 347830e8c..75086f864 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -145,6 +145,11 @@ let
in
filter (x: x != []) ([acc.chunk] ++ acc.chunks);
+ warnOldVersion = oldName: newName:
+ if compareVersions oldName newName != -1 then
+ trace "Upstream `${oldName}' gets overridden by `${newName}'." newName
+ else
+ newName;
};
in
From c69c75f2c63b350615ec8026538c879b91b7a6ea Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 16 Feb 2019 16:01:03 +0100
Subject: [PATCH 077/107] tv bash-fzf-history: use overrideDerivation
---
tv/5pkgs/simple/bash-fzf-history.nix | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/tv/5pkgs/simple/bash-fzf-history.nix b/tv/5pkgs/simple/bash-fzf-history.nix
index b603dedd9..88a8e9e4a 100644
--- a/tv/5pkgs/simple/bash-fzf-history.nix
+++ b/tv/5pkgs/simple/bash-fzf-history.nix
@@ -97,7 +97,6 @@ with import <stockholm/lib>;
bind -s | ${pkgs.gnugrep}/bin/grep __fzf_ >&2
'';
in
- script //
- rec {
+ script.overrideAttrs (old: rec {
bind = /* sh */ ''bind -x '"${load-keyseq}": . ${script}' '';
- }
+ })
From 763a81ac08da6d20b0ea3bbd8423df3e64f934dc Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 20 Mar 2015 10:36:12 +0100
Subject: [PATCH 078/107] lib.xml: init
---
lib/default.nix | 1 +
lib/xml.nix | 84 +++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 85 insertions(+)
create mode 100644 lib/xml.nix
diff --git a/lib/default.nix b/lib/default.nix
index 75086f864..8ba55b571 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -9,6 +9,7 @@ let
krops = import ../submodules/krops/lib;
shell = import ./shell.nix { inherit lib; };
types = nixpkgs-lib.types // import ./types.nix { inherit lib; };
+ xml = import ./xml.nix { inherit lib; };
eq = x: y: x == y;
ne = x: y: x != y;
diff --git a/lib/xml.nix b/lib/xml.nix
new file mode 100644
index 000000000..92f552154
--- /dev/null
+++ b/lib/xml.nix
@@ -0,0 +1,84 @@
+{ lib }:
+with lib;
+with builtins;
+rec {
+
+ # Use `term` to construct XML.
+ #
+ # Examples:
+ #
+ # (term "bool" null null)
+ # (term "cool" null [])
+ # (term "fool" { hurr = "durr"; } null)
+ # (term "hool" null [
+ # (term "tool" null null)
+ # ])
+ #
+ # See `render` for how these get transformed into actuall XML documents.
+ #
+ term = name: attrs: content: {
+ inherit name attrs content;
+ };
+
+ empty = term null null null;
+
+ # Ref http://www.w3.org/TR/xml/#syntax
+ #
+ # Example:
+ #
+ # (quote "<cheez!>") #===> <cheez!>
+ #
+ quote = let
+ sub = {
+ "&" = "&";
+ "<" = "<";
+ ">" = ">";
+ "'" = "'";
+ "\"" = """;
+ };
+ in
+ stringAsChars (c: sub.${c} or c);
+
+ # Turn an XML element to an XML document string.
+ doc = t:
+ "<?xml version='1.0' encoding='UTF-8'?>${render t}";
+
+ # Render an XML element to a string.
+ #
+ # Rendering `empty` yields the empty string.
+ #
+ # Examples:
+ #
+ # (term "bool" null null) #===> <bool/>
+ # (term "cool" null []) #===> <cool></cool>
+ # (term "fool" { hurr = "durr"; } null) #===> <fool hurr="durr"/>
+ # (term "hool" null [
+ # (term "tool" null null)
+ # ]) #===> <hool><tool/></hool>
+ #
+ render = let
+ render-attrs = attrs:
+ getAttr (typeOf attrs) {
+ null = "";
+ set = concatStrings (mapAttrsToList (n: v: " ${n}=\"${v}\"") attrs);
+ };
+
+ render-content = content:
+ getAttr (typeOf content) {
+ bool = toJSON content;
+ int = toJSON content;
+ list = concatMapStrings render content;
+ string = content;
+ };
+ in
+ { name, attrs, content }:
+ if name == null
+ then ""
+ else let
+ attrs' = render-attrs attrs;
+ content' = render-content content;
+ in
+ if content == null
+ then "<${name}${attrs'}/>"
+ else "<${name}${attrs'}>${content'}</${name}>";
+}
From 270ceb7676e867c9dff5f5faa765666b58aaa371 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 20 Mar 2015 10:58:11 +0100
Subject: [PATCH 079/107] lib.xml.render-term: quote strings
---
lib/xml.nix | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/lib/xml.nix b/lib/xml.nix
index 92f552154..16052445b 100644
--- a/lib/xml.nix
+++ b/lib/xml.nix
@@ -68,12 +68,16 @@ rec {
bool = toJSON content;
int = toJSON content;
list = concatMapStrings render content;
- string = content;
+ string = quote content;
};
in
{ name, attrs, content }:
+ # XXX we're currently encoding too much information with `null`..
if name == null
- then ""
+ then
+ if content == null
+ then ""
+ else content
else let
attrs' = render-attrs attrs;
content' = render-content content;
From 4e81d40e30ef2582d4566af171066bd675af7aa2 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 16 Feb 2019 17:47:12 +0100
Subject: [PATCH 080/107] flameshot-once: default filenamePattern w/o .png
---
krebs/5pkgs/simple/flameshot-once/profile.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/krebs/5pkgs/simple/flameshot-once/profile.nix b/krebs/5pkgs/simple/flameshot-once/profile.nix
index 4fcbd62c0..7373da00a 100644
--- a/krebs/5pkgs/simple/flameshot-once/profile.nix
+++ b/krebs/5pkgs/simple/flameshot-once/profile.nix
@@ -60,7 +60,7 @@ let
type = types.positive;
};
filenamePattern = mkOption {
- default = "%FT%T%z_flameshot.png";
+ default = "%FT%T%z_flameshot";
type =
# This is types.filename extended by [%:][%:+]*
types.addCheck types.str (test "[%:0-9A-Za-z._][%:+0-9A-Za-z._-]*");
From 3a262f1c24df23536e4a5f7d4346a4c240fde849 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 16 Feb 2019 18:15:13 +0100
Subject: [PATCH 081/107] symlinkJoin: remove compatibility
This reverts commit f46b3153c0c85883c9b3a98291f6d440f83bd717.
---
krebs/5pkgs/default.nix | 5 -----
1 file changed, 5 deletions(-)
diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix
index dc04b6a72..387f3896b 100644
--- a/krebs/5pkgs/default.nix
+++ b/krebs/5pkgs/default.nix
@@ -31,9 +31,4 @@ foldl' mergeAttrs {}
export PROOT_NO_SECCOMP=1
exec ${super.proot}/bin/proot "$@"
'';
-
- # XXX symlinkJoin changed arguments somewhere around nixpkgs d541e0d
- symlinkJoin = { name, paths, ... }@args: let
- x = super.symlinkJoin args;
- in if typeOf x != "lambda" then x else super.symlinkJoin name paths;
}
From 6f6e18d22fe8cacbd9567bcebd092f07f27716e8 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 16 Feb 2019 18:49:26 +0100
Subject: [PATCH 082/107] Revert "brscan4: init at 0.4.4-4"
This reverts commit 1993cbc42114c759a47fed8de1e73980d3df57d9.
---
krebs/5pkgs/default.nix | 9 ---------
tv/5pkgs/default.nix | 8 ++++++++
2 files changed, 8 insertions(+), 9 deletions(-)
diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix
index 387f3896b..4cdaedebf 100644
--- a/krebs/5pkgs/default.nix
+++ b/krebs/5pkgs/default.nix
@@ -13,15 +13,6 @@ foldl' mergeAttrs {}
//
{
- # https://github.com/NixOS/nixpkgs/pull/30065
- brscan4 = overrideDerivation super.brscan4 (original: rec {
- name = "brscan4-0.4.4-4";
- src = super.fetchurl {
- url = "http://download.brother.com/welcome/dlf006645/${name}.amd64.deb";
- sha256 = "0xy5px96y1saq9l80vwvfn6anr2q42qlxdhm6ci2a0diwib5q9fd";
- };
- });
-
reaktor2 = self.haskellPackages.reaktor2;
ReaktorPlugins = self.callPackage ./simple/Reaktor/plugins.nix {};
diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix
index 605d827ef..1b2982427 100644
--- a/tv/5pkgs/default.nix
+++ b/tv/5pkgs/default.nix
@@ -13,6 +13,14 @@ foldl' mergeAttrs {}
//
{
+ brscan4 = overrideDerivation super.brscan4 (original: rec {
+ name = "brscan4-0.4.4-4";
+ src = super.fetchurl {
+ url = "http://download.brother.com/welcome/dlf006645/${name}.amd64.deb";
+ sha256 = "0xy5px96y1saq9l80vwvfn6anr2q42qlxdhm6ci2a0diwib5q9fd";
+ };
+ });
+
# TODO use XDG_RUNTIME_DIR?
cr = self.writeDashBin "cr" ''
set -efu
From eef0b6e4790f6cf0773d0dddb730769588146417 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 16 Feb 2019 18:51:59 +0100
Subject: [PATCH 083/107] Revert "tv brscan4: init at 0.4.4-4"
This reverts commit aa5bccf9e3f49b7e0aaef541a54e5ff58f89fcf7.
---
tv/5pkgs/default.nix | 8 --------
1 file changed, 8 deletions(-)
diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix
index 1b2982427..605d827ef 100644
--- a/tv/5pkgs/default.nix
+++ b/tv/5pkgs/default.nix
@@ -13,14 +13,6 @@ foldl' mergeAttrs {}
//
{
- brscan4 = overrideDerivation super.brscan4 (original: rec {
- name = "brscan4-0.4.4-4";
- src = super.fetchurl {
- url = "http://download.brother.com/welcome/dlf006645/${name}.amd64.deb";
- sha256 = "0xy5px96y1saq9l80vwvfn6anr2q42qlxdhm6ci2a0diwib5q9fd";
- };
- });
-
# TODO use XDG_RUNTIME_DIR?
cr = self.writeDashBin "cr" ''
set -efu
From 7ab31ffeb0d074ea7c32697667412e08fc4db99d Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 16 Feb 2019 19:18:04 +0100
Subject: [PATCH 084/107] lib.types.filename.check: remove unnecessary ()
---
lib/types.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/types.nix b/lib/types.nix
index 17c1688fa..45c009893 100644
--- a/lib/types.nix
+++ b/lib/types.nix
@@ -539,7 +539,7 @@ rec {
# POSIX.1‐2013, 3.278 Portable Filename Character Set
filename = mkOptionType {
name = "POSIX filename";
- check = test "([0-9A-Za-z._])[0-9A-Za-z._-]*";
+ check = test "[0-9A-Za-z._][0-9A-Za-z._-]*";
merge = mergeOneOption;
};
From 8791713f205c99121b083d2f495114baed29c1ee Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 16 Feb 2019 19:22:24 +0100
Subject: [PATCH 085/107] Revert "tv: add deploy alias"
This reverts commit edeb11956553242749a35c9459b45c7bb079881e.
---
tv/2configs/default.nix | 7 -------
1 file changed, 7 deletions(-)
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index e18ba31b0..ac0a6af4d 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -80,13 +80,6 @@ with import <stockholm/lib>;
ls = "ls -h --color=auto --group-directories-first";
dmesg = "dmesg -L --reltime";
view = "vim -R";
-
- deploy = pkgs.writeDash "deploy" ''
- set -eu
- cd ~/stockholm
- export SYSTEM="$1"
- exec nix-shell -I stockholm="$PWD" --run 'deploy --system="$SYSTEM"'
- '';
};
environment.variables = {
From cfb756c7b10408d1de5dfc5c4eb7742b10ee4f55 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 16 Feb 2019 19:29:25 +0100
Subject: [PATCH 086/107] tv vim: add todoComment
---
tv/2configs/vim.nix | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 9942ff65b..20e1d650f 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -151,7 +151,7 @@ let {
setlocal foldmethod=syntax
'';
"/syntax/todo.vim".text = ''
- syn match Comment /#.*/
+ syn match todoComment /#.*/
syn match todoDate /^[1-9]\S*/
\ nextgroup=todoSummary
@@ -173,6 +173,7 @@ let {
syn sync minlines=1000
+ hi link todoComment Comment
hi todoDate ctermfg=255
hi todoSummary ctermfg=229
hi todoBlock ctermfg=248
From fc1e69f9d13e28e3bceb8bfd1733b87cc6e57174 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 16 Feb 2019 19:29:40 +0100
Subject: [PATCH 087/107] tv vim: add xmodmap
---
tv/2configs/vim.nix | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 20e1d650f..2dd2e742b 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -347,6 +347,7 @@ let {
(writerName ''\([^"]*\.\)\?vimrc'')
];
xdefaults = {};
+ xmodmap = {};
}))}
" Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
@@ -392,6 +393,9 @@ let {
\ matchgroup=sedSemicolon end=";\|$"
\ contains=sedWhitespace
'';
+ "/syntax/xmodmap.vim".text = ''
+ syn match xmodmapComment /^\s*!.*/
+ '';
}))
];
From 6da86a30a99aed3819af07e2ecb781c17669411c Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 16 Feb 2019 19:30:37 +0100
Subject: [PATCH 088/107] tv vim: map <f3> :ShowSyntax
---
tv/2configs/vim.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 2dd2e742b..a45e040e6 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -490,6 +490,8 @@ let {
inoremap <f1> <esc>:tabp<cr>
inoremap <f2> <esc>:tabn<cr>
+ noremap <f3> :ShowSyntax<cr>
+
" <C-{Up,Down,Right,Left>
noremap <esc>Oa <nop> | noremap! <esc>Oa <nop>
noremap <esc>Ob <nop> | noremap! <esc>Ob <nop>
From f26eda6481e470f19b41d64539f282b15e23b389 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sat, 16 Feb 2019 22:31:35 +0100
Subject: [PATCH 089/107] ma nixpkgs: 30a126c -> 16fc627
---
makefu/nixpkgs.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/makefu/nixpkgs.json b/makefu/nixpkgs.json
index 1788a17fb..7c14f78a8 100644
--- a/makefu/nixpkgs.json
+++ b/makefu/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/makefu/nixpkgs",
- "rev": "30a126c41eb81e96474d7f8488635fc36d78dd25",
- "date": "2019-02-01T22:09:16+01:00",
- "sha256": "1s5y22fs08wyw1izmaqd5dcnflw3rvkm3880vmlwv20g1phwhhi2",
+ "rev": "16fc6279dddabc42f8556d6368ed4215d916794f",
+ "date": "2019-02-16T22:29:33+01:00",
+ "sha256": "0bgm0gybqysy1si2zd8b2h6200hgmi8qsyi6qhcnvd4n555f3iic",
"fetchSubmodules": false
}
From 93a2ebaa6de0a3e450a28d109ee5d4a92d20f2d8 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sat, 16 Feb 2019 22:37:29 +0100
Subject: [PATCH 090/107] ma x.r: prefer remote fetch of sources
---
makefu/1systems/x/config.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 7ed63837f..ceeccc0b2 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -75,6 +75,7 @@
# <stockholm/makefu/2configs/buildbot-standalone.nix>
<stockholm/makefu/2configs/remote-build/aarch64-community.nix>
<stockholm/makefu/2configs/remote-build/gum.nix>
+ { nixpkgs.overlays = [ (self: super: super.prefer-remote-fetch self super) ]; }
# Hardware
<stockholm/makefu/2configs/hw/tp-x230.nix>
From c6b863a403b81bf47d14702ac57533e1f179d760 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 17 Feb 2019 18:19:13 +0100
Subject: [PATCH 091/107] Reaktor: 0.7.0 -> 0.7.1
---
krebs/5pkgs/simple/Reaktor/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/krebs/5pkgs/simple/Reaktor/default.nix b/krebs/5pkgs/simple/Reaktor/default.nix
index a88db6379..1cc498a68 100644
--- a/krebs/5pkgs/simple/Reaktor/default.nix
+++ b/krebs/5pkgs/simple/Reaktor/default.nix
@@ -2,7 +2,7 @@
python3Packages.buildPythonPackage rec {
name = "Reaktor-${version}";
- version = "0.7.0";
+ version = "0.7.1";
doCheck = false;
@@ -14,7 +14,7 @@ python3Packages.buildPythonPackage rec {
owner = "krebs";
repo = "Reaktor";
rev = "v${version}";
- sha256 = "12yy06vk0smjs0rmahrn2kd4bcdh1yjw1fz6rifw6nmgx889d9hj";
+ sha256 = "0cv5a4x73ls6sk8qj2qi6gqn31rv8kvdg13dsf3jv92xdfx6brjn";
};
meta = {
homepage = http://krebsco.de/;
From 6da32a5952faf38c92c7b289cc6ae0881ec4aa36 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 26 Feb 2019 08:58:40 +0100
Subject: [PATCH 092/107] ma: cleanup hosts
move pubkeys to separate files in folder
RIP drop latte pigstarter wry shoney heidi lariat soundflower falk bridge horisa tahoe tcac-0-1
---
krebs/3modules/makefu/default.nix | 718 ++------------------
krebs/3modules/makefu/sshd/cake.pub | 1 +
krebs/3modules/makefu/sshd/crapi.pub | 1 +
krebs/3modules/makefu/sshd/fileleech.pub | 1 +
krebs/3modules/makefu/sshd/firecracker.pub | 1 +
krebs/3modules/makefu/sshd/gum.pub | 1 +
krebs/3modules/makefu/sshd/omo.pub | 1 +
krebs/3modules/makefu/sshd/sdev.pub | 1 +
krebs/3modules/makefu/sshd/studio.pub | 1 +
krebs/3modules/makefu/sshd/wbob.pub | 1 +
krebs/3modules/makefu/sshd/x.pub | 1 +
krebs/3modules/makefu/tinc/cake.pub | 8 +
krebs/3modules/makefu/tinc/crapi.pub | 9 +
krebs/3modules/makefu/tinc/filebitch.pub | 8 +
krebs/3modules/makefu/tinc/fileleech.pub | 8 +
krebs/3modules/makefu/tinc/filepimp.pub | 8 +
krebs/3modules/makefu/tinc/firecracker.pub | 14 +
krebs/3modules/makefu/tinc/flap.pub | 8 +
krebs/3modules/makefu/tinc/gum.pub | 8 +
krebs/3modules/makefu/tinc/nukular.pub | 8 +
krebs/3modules/makefu/tinc/omo.pub | 8 +
krebs/3modules/makefu/tinc/sdev.pub | 8 +
krebs/3modules/makefu/tinc/senderechner.pub | 8 +
krebs/3modules/makefu/tinc/studio.pub | 8 +
krebs/3modules/makefu/tinc/tsp.pub | 13 +
krebs/3modules/makefu/tinc/wbob.pub | 8 +
krebs/3modules/makefu/tinc/x.pub | 8 +
27 files changed, 188 insertions(+), 680 deletions(-)
create mode 100644 krebs/3modules/makefu/sshd/cake.pub
create mode 100644 krebs/3modules/makefu/sshd/crapi.pub
create mode 100644 krebs/3modules/makefu/sshd/fileleech.pub
create mode 100644 krebs/3modules/makefu/sshd/firecracker.pub
create mode 100644 krebs/3modules/makefu/sshd/gum.pub
create mode 100644 krebs/3modules/makefu/sshd/omo.pub
create mode 100644 krebs/3modules/makefu/sshd/sdev.pub
create mode 100644 krebs/3modules/makefu/sshd/studio.pub
create mode 100644 krebs/3modules/makefu/sshd/wbob.pub
create mode 100644 krebs/3modules/makefu/sshd/x.pub
create mode 100644 krebs/3modules/makefu/tinc/cake.pub
create mode 100644 krebs/3modules/makefu/tinc/crapi.pub
create mode 100644 krebs/3modules/makefu/tinc/filebitch.pub
create mode 100644 krebs/3modules/makefu/tinc/fileleech.pub
create mode 100644 krebs/3modules/makefu/tinc/filepimp.pub
create mode 100644 krebs/3modules/makefu/tinc/firecracker.pub
create mode 100644 krebs/3modules/makefu/tinc/flap.pub
create mode 100644 krebs/3modules/makefu/tinc/gum.pub
create mode 100644 krebs/3modules/makefu/tinc/nukular.pub
create mode 100644 krebs/3modules/makefu/tinc/omo.pub
create mode 100644 krebs/3modules/makefu/tinc/sdev.pub
create mode 100644 krebs/3modules/makefu/tinc/senderechner.pub
create mode 100644 krebs/3modules/makefu/tinc/studio.pub
create mode 100644 krebs/3modules/makefu/tinc/tsp.pub
create mode 100644 krebs/3modules/makefu/tinc/wbob.pub
create mode 100644 krebs/3modules/makefu/tinc/x.pub
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index e60bbee70..8c7e415cb 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -13,6 +13,8 @@ with import <stockholm/lib>;
});
pub-for = name: builtins.readFile (./ssh + "/${name}.pub");
+ sshd-for = name: builtins.readFile (./sshd + "/${name}.pub");
+ tinc-for= name: builtins.readFile (./tinc + "/${name}.pub");
in {
hosts = mapAttrs hostDefaults {
@@ -25,20 +27,11 @@ in {
aliases = [
"cake.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA0khdelSrOV/ZI9vvbV5aT1wVn2IfUfIdDCQIOnF2mZsrnIcuaedu
- jRfZnJST1vOfL7JksF1+8pYwSn34CjJCGhyFf25lc6mARXmZe/araNrVpTntCy2+
- MqG8KZe4mIda/WPTXRYGtFVQZeClM5SCZ7EECtw8sEkwt2QtOv43p/hiMXAkOQsq
- 6xc9/b4Bry7d+IjJs3waKfFQllF+C+GuK8yF0YnCEb6GZw7xkxHIO1QV4KSQ4CH7
- 36kEAdCSQ5rgaygRanUlUl+duQn1MLQ+lRlerAEcFfKrr3MKNz2jmGth8iUURdyP
- MHjSWe+RkLQ6zzBaVgoKKuI9MbIbhenJWwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "cake";
};
};
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGyJlI0YpIh/LiiPMseD2IBHg+uVGrkSy0MPNeD+Jv8Y cake";
+ ssh.pubkey = sshd-for "cake";
};
crapi = rec { # raspi1
cores = 1;
@@ -49,215 +42,55 @@ in {
aliases = [
"crapi.r"
];
- tinc.pubkey = ''
- Ed25519PublicKey = Zkh6vtSNBvKYUjCPsMyAFJmxzueglCDoawVPCezKy4F
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAloXLBfZQEVW9mJ7uwOoa+DfV4ek/SG+JQuexJMugei/iNy0NjY66
- OVIkzFmED32c3D7S1+Q+5Mc3eR02k1o7XERpZeZhCtJOBlS4xMzCKH62E4USvH5L
- R4O8XX1o/tpeOuZvpnpY1oPmFFc/B5G2jWWQR4Slpbw7kODwYYm5o+B7n+MkVNrk
- OEOHLaaO6I5QB3GJvDH2JbwzDKLVClQM20L/EvIwnB+Xg0q3veKFj0WTXEK+tuME
- di++RV4thhZ9IOgRTJOeT94j7ulloh15gqYaIqRqgtzfWE2TnUxvl+upB+yQHNtl
- bJFLHkE34cQGxEv9dMjRe8i14+Onhb3B6wIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "crapi";
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGaV5Ga5R8RTrA+nclxw6uy5Z+hPBLitQTfuXdsmbVW6 crapi";
+ ssh.pubkey = sshd-for "crapi";
};
- drop = rec {
- ci = false;
- cores = 1;
+ firecracker = {
+ cores = 4;
nets = {
retiolum = {
- ip4.addr = "10.243.177.9";
+ ip4.addr = "10.243.12.12";
+ ip6.addr = "42:0:0:0:0:0:0:12";
aliases = [
- "drop.r"
+ "firecracker.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA1QxukdeDqI47nm7/gd5Y9dZZbJULA02ak0A2cB4lmysJjgMFAfbl
- 6qpH7HCZk6s+4eI7H+UHUF177W7Z1qq3bqGLmlgdMMAzuDNz9UvNLhrthZMp3tCI
- GIFD28O1bKgDAYgsF/X21CRqEvgk3vRDp9yqIVIzQDmerOrZUx62Rx9Fssl/7ooW
- 0319fxcTw6GZEp7RXNzgIobnWPydakh+/I0inP0rC6It/vM5Hi2bV71QPZUyJ78C
- Szh4S8TznW7yMzTQaOENeaUKfqEyN+CW2OomVdWIBOvTJVpvfAut/kg1dyUGgHlT
- F8OlAoNAyxCSxqbM0fY0wtqKD7FaYY9cbQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "firecracker";
};
};
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = sshd-for "firecracker";
};
+
studio = rec {
ci = false;
cores = 4;
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio";
+ ssh.pubkey = sshd-for "studio";
nets = {
retiolum = {
ip4.addr = "10.243.227.163";
aliases = [
"studio.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAwAdSac8Oy5tPu7ejwojY5YqaNOfd7i0NToE+oaRJ1yxzmUpj8Fti
- cGpcgBYhFXMVYoYfzLdkAlSYjWKAoShCq/ZEfIM67okXegXvL68zGksfXrmpdUuk
- GCCy2/Ul5urvYEis9UeUpbe6tUxU0zXUWCkhMQgHeO2xQEizfIfWsUn5sYtFFoKI
- jYbAcLbRtw+Islfih8G7ydPBh78WPGz6Xx79A5nmfI1VZDAToEqpqUoaqfzsTGd1
- 78GZssE3o4veTmBFvLV3Fm/ltfXpzhAIcsi89V3RjrzFM7UMD8aV153OAzhddxIu
- 8x6FibmMSzBXQDFuAac2+kp9mU0F0W4G1wIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "studio";
};
};
};
-
fileleech = rec {
ci = false;
cores = 4;
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech";
+ ssh.pubkey = "";
nets = {
retiolum = {
ip4.addr = "10.243.113.98";
aliases = [
"fileleech.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA2W20+jYvuFUjPQ+E+7Xlabf8fW/XSnTTelfo2uRcJ3FMLYQ9H3rF
- 8L8StPmxn8Q20FFH/MvRmgW8pU9z4RQ3nAi+utVYqAJQtOYA9FPMxssC08w82r0K
- YC6sgc9MeRjnCjQxQrQs4fqA6KpqSLxRf2c6kfNwYRgCxFMns2ncxOiPOoGLZait
- nJR3m0cSRm8yCTMbznlGH99+5+3HgvuBE/UYXmmGBs7w8DevaX76butzprZ8fm4z
- e5C7R9ofdVW70GGksfSI81y5xODWMbfjTRHKm4OBX7NOCiOTwx1wu8bYDN3EzN6V
- UM5PJfU42sViPEZmVuC8cDcP1xemHTkh9QIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
- latte = rec {
- ci = false;
- cores = 1;
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- # ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIrkK1mWfPvfZ9ALC1irGLuzOtMefaGAmGY1VD4dj7K1 latte";
- nets = {
- internet = {
- ip4.addr = "185.215.224.160";
- aliases = [
- "latte.i"
- ];
- };
- retiolum = {
- ip4.addr = "10.243.80.249";
- aliases = [
- "latte.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAx70gmNoP4RYeF3ShddEMsbNad9L5ezegwxJTZA7XTfF+/cwr/QwU
- 5BL0QXTwBnKzS0gun5NXmhwPzvOdvfczAxtJLk8/NjVHFeE39CiTHGgIxkZFgnbo
- r2Rj6jJb89ZPaTr+hl0+0WQQVpl9NI7MTCUimvFBaD6IPmBh5wTySu6mYBs0mqmf
- 43RrvS42ieqQJAvVPkIzxxJeTS/M3NXmjbJ3bdx/2Yzd7INdfPkMhOONHcQhTKS4
- GSXJRTytLYZEah8lp8F4ONggN6ixlhlcQAotToFP4s8c+KqYfIZrtP+pRj7W72Y6
- vhnobLDJwBbAsW1RQ6FHcw10TrP2H+haewIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
-
- pnp = {
- ci = false;
- cores = 1;
- nets = {
- retiolum = {
- ip4.addr = "10.243.0.210";
- aliases = [
- "pnp.r"
- "cgit.pnp.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAugkgEK4iy2C5+VZHwhjj/q3IOhhazE3TYHuipz37KxHWX8ZbjH+g
- Ewtm79dVysujAOX8ZqV8nD8JgDAvkIZDp8FCIK0/rgckhpTsy1HVlHxa7ECrOS8V
- pGz4xOxgcPFRbv5H2coHtbnfQc4GdA5fcNedQ3BP3T2Tn7n/dbbVs30bOP5V0EMR
- SqZwNmtqaDQxOvjpPg9EoHvAYTevrpbbIst9UzCyvmNli9R+SsiDrzEPgB7zOc4T
- TG12MT+XQr6JUu4jPpzdhb6H/36V6ADCIkBjzWh0iSfWGiFDQFinD+YSWbA1NOTr
- Qtd1I3Ov+He7uc2Z719mb0Og2kCGnCnPIwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
- darth = {
- ci = false;
- cores = 4;
- nets = {
- retiolum = {
- ip4.addr = "10.243.0.84";
- aliases = [
- "darth.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA1pWNU+FY9XpQxw6srUb5mvGFgqSyJQAelFoufZng6EFeTnAzQOdq
- qT7IWN+o3kSbQQsC2tQUnRYFoPagsgFP610D+LGwmeJlNgAf23gBI9ar1agUAvYX
- yzYBj7R9OgGXHm6ECKwsxUJoGxM4L0l6mk/rTMVFnzgYPbpVJk1o6NPmiZhW8xIi
- 3BfxJUSt8rEQ1OudCirvdSr9uYv/WMR5B538wg4JeQK715yKEYbYi8bqOPnTvGD8
- q5HRwXszWzCYYnqrdlmXzoCA1fT4vQdtov+63CvHT2RV7o42ruGZbHy7JIX9X3IE
- u0nA8nZhZ5byhWGCpDyr6bTkvwJpltJypQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- siem = {
- ip4.addr = "10.8.10.2";
- ip4.prefix = "10.8.10.0/24";
- aliases = [
- "darth.siem"
- ];
- tinc.pubkey = ''
- Ed25519PublicKey = 24t9ye4gRLg6UbVxBvuuDlvU/cnByxMjYjym4LO6GkK
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCQKCAQEApcUeTecVahqNIfLEkfgNiaW+eHQ9Y90DxHhy9vdPZh8dmLqoFBoW
- TCPcZIRpyj7hxRkNIhh34Ewpul0oQ1tzrUGcT2xvMNwaCupRDmhZn9jR9aFFEYKb
- fUOplCxb4y2UKbWAA6hie3PKH9wnPfbwSsexb2BSQAqSt4iNIVCV6j7LXpiopbGS
- Exs3/Pz+IeMtGyuMYA3rUmJsVRKR1o7axLtlhYK7JSMbqdYhaQJ4NZrvIXw//w21
- kM/TJTPZ4j47ME18jQInO62X5h+xVch6DtvwvjBMMMKbS0am9qw1P3qo7MP3PmQh
- rvVQRth8L63q4NLOnT29XmnxPSVGL1PBQQICEAE=
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
- ossim = { # vm on darth
- nets = {
- siem = {
- ip4.addr = "10.8.10.6";
- ip4.prefix = "10.8.10.0/24";
- aliases = [
- "ossim.siem"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAv5qv9R3E1AHJOhTnHJ2E5zWjItRdXSw/inpz/W+KcBeM/HSG0XEl
- RyGAwty7VP4CiLp7CagWmtVsz/5ytnXJzLDeRLn5t+KzO6am0aOpvAt6ZggZXPhL
- cQkn4IGi1TJE5tw+lzabBkUZm3zD1KEXpqJeZ6spA4e9lB/+T3Tx23g9WDEOKand
- mAJrsdsvTCIiVJefidOAmgeZVVOV3ltBonNP1nqEy+5v4B3EBT/Uj7ImL2aRj/pd
- dPs6dGV2LqSQvnrSbFZzuKVXKpD1M+wgT/5NQk/hVJJxBQC6rxvpg1XyQkepcLWL
- WjvogOl4NjXStmKDX2+gPPFx6XTmwDenOwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
- honeydrive = { # vm on darth
- nets = {
- internet = { # via shoney
- ip4.addr = "64.137.234.232";
- aliases = [
- "honeydrive.i"
- ];
+ tinc.pubkey = tinc-for "fileleech";
};
};
};
@@ -270,21 +103,7 @@ in {
aliases = [
"tsp.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAwW+RjRcp3uarkfXZ+FcCYY2GFcfI595GDpLRuiS/YQAB3JZEirHi
- HFhDJN80fZ9qHqtq9Af462xSx+cIb282TxAqCM1Z9buipOcYTYo0m8xIqkT10dB3
- mR87B+Ed1H6G3J6isdwEb9ZMegyGIIeyR53FJQYMZXjxdJbAmGMDKqjZSk1D5mo+
- n5Vx3lGzTuDy84VyphfO2ypG48RHCxHUAx4Yt3o84LKoiy/y5E66jaowCOjZ6SqG
- R0cymuhoBhMIk2xAXk0Qn7MZ1AOm9N7Wru7FXyoLc7B3+Gb0/8jXOJciysTG7+Gr
- Txza6fJvq2FaH8iBnfezSELmicIYhc8Ynlq4xElcHhQEmRTQavVe/LDhJ0i6xJSi
- aOu0njnK+9xK+MyDkB7n8dO1Iwnn7aG4n3CjVBB4BDO08lrovD3zdpDX0xhWgPRo
- ReOJ3heRO/HsVpzxKlqraKWoHuOXXcREfU9cj3F6CRd0ECOhqtFMEr6TnuSc8GaE
- KCKxY1oN45NbEFOCv2XKd2wEZFH37LFO6xxzSRr1DbVuKRYIPjtOiFKpwN1TIT8v
- XGzTT4TJpBGnq0jfhFwhVjfCjLuGj29MCkvg0nqObQ07qYrjdQI4W1GnGOuyXkvQ
- teyxjUXYbp0doTGxKvQaTWp+JapeEaJPN2MDOhrRFjPrzgo3aW9+97UCAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "tsp";
};
};
};
@@ -297,34 +116,7 @@ in {
aliases = [
"x.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAnztrijsfao+fmNtwAjqwIDKsRaMP3ECsq2T2zqKvxwCyXk69G9bG
- RFhWjgaawS9ZhnHSlgWK/vtoR0O9NxpzdU/mvdQijbVGxM02DegjO9qDSIe8EGmA
- kscW4nDqYtw4rtjOVPfnNiWXbcWD8eiYR0kcSWmSvfOpVvdhTETqduTx5HRHyEFD
- JRQYR/tJSvVWXmM670PENAPNJFJ4VSJR60s5A+bFT7J/uw7HzJXX28LygJz73Dj2
- 2a4ev0WcZQngLq072h/91R/TOpg+ogUDVhXkQtKyFj7im0287JTL4bXGofZBhzaf
- +h9dFGs1QLoNyhG/cgt9fog7boSXTelAiQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- siem = {
- ip4.addr = "10.8.10.4";
- ip4.prefix = "10.8.10.0/24";
- aliases = [
- "makefu.siem"
- ];
- tinc.pubkey = ''
- Ed25519PublicKey = rFTglGxm563e/w82Q9Qqy/E+V/ipT4DOTyTuYrWrtmI
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCQKCAQEAx+OQXQj6rlXIByo48JZXSexRz5G5oJVZTHAJ0GF5f70U65C0x83p
- XtNp4LGYti+cyyzmQjf/N7jr2CxUlOATN2nRO4CT+JaMM2MoqnPWqTZBPMDiHq2y
- ce0zjLPPl0hVc5mg+6F0tgolbUvTIo2CgAIl5lNvJiVfmXRSehmMprf1NPkxJd/O
- vAOD7mgnCjkEAWElf1cfxSGZqSLbNltRK340nE5x6A5tY7iEueP/r9chEmOnVjKm
- t+GJAJIe1PClWJHJYAXF8I7R3g+XQIqgw+VTN3Ng5cS5W/mbTFIzLWMZpdZaAhWR
- 56pthtZAE5FZ+4vxMpDQ4yeDu0b6gajWNQICEAE=
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "x";
};
#wiregrill = {
# aliases = [
@@ -334,114 +126,9 @@ in {
#};
};
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@x";
+ ssh.pubkey = sshd-for "x";
};
-
- vbob = {
- ci = true;
- cores = 2;
- nets = {
- retiolum = {
- ip4.addr = "10.243.1.91";
- aliases = [
- "vbob.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA+0TIo0dS9LtSdrmH0ClPHLO7dHtV9Dj7gaBAsbyuwxAI5cQgYKwr
- 4G6t7IcJW+Gu2bh+LKtPP91+zYXq4Qr1nAaKw4ajsify6kpxsCBzknmwi6ibIJMI
- AK114dr/XSk/Pc6hOSA8kqDP4c0MZXwitRBiNjrWbTrQh6GJ3CXhmpZ2lJkoAyNP
- hjdPerbTUrhQlNW8FanyQQzOgN5I7/PXsZShmb3iNKz1Ban5yWKFCVpn8fjWQs5o
- Un2AKowH4Y+/g8faGemL8uy/k5xrHSrn05L92TPDUpAXrcZXzo6ao1OBiwJJVl7s
- AVduOY18FU82GUw7edR0e/b2UC6hUONflwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICPLTMl+thSq77cjYa2XF7lz5fA7JMftrLo8Dy/OBXSg root@nixos";
- };
- pigstarter = rec {
- cores = 1;
-
- extraZones = {
- "krebsco.de" = ''
- euer IN MX 1 aspmx.l.google.com.
- nixos.unstable IN CNAME krebscode.github.io.
- boot IN A ${nets.internet.ip4.addr}
- '';
- };
- nets = {
- internet = {
- ip4.addr = "192.40.56.122";
- ip6.addr = "2604:2880::841f:72c";
- aliases = [
- "pigstarter.i"
- ];
- };
- retiolum = {
- ip4.addr = "10.243.0.153";
- aliases = [
- "pigstarter.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA/efJuJRLUIZROe3QE8WYTD/zyNGRh9I2/yw+5It9HSNVDMIOV1FZ
- 9PaspsC+YQSBUQRN8SJ95G4RM6TIn/+ei7LiUYsf1Ik+uEOpP5EPthXqvdJEeswv
- 3QFwbpBeOMNdvmGvQLeR1uJKVyf39iep1wWGOSO1sLtUA+skUuN38QKc1BPASzFG
- 4ATM6rd2Tkt8+9hCeoePJdLr3pXat9BBuQIxImgx7m5EP02SH1ndb2wttQeAi9cE
- DdJadpzOcEgFatzXP3SoKVV9loRHz5HhV4WtAqBIkDvgjj2j+NnXolAUY25Ix+kv
- sfqfIw5aNLoIX4kDhuDEVBIyoc7/ofSbkQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
- wry = rec {
- ci = false;
- cores = 1;
- extraZones = {
- "krebsco.de" = ''
- wry IN A ${nets.internet.ip4.addr}
- tinc IN A ${nets.internet.ip4.addr}
- '';
- };
- nets = rec {
- internet = {
- ip4.addr = "104.233.87.86";
- aliases = [
- "wry.i"
- ];
- };
- retiolum = {
- via = internet;
- ip4.addr = "10.243.29.169";
- aliases = [
- "wry.r"
- "graph.wry.r"
- "paste.wry.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAs9bq++H4HF8EpZMfWGfoIsh/C+YNO2pg74UPBsP/tFFe71yzWwUn
- U9LW0n3bBqCMQ/oDthbSMwCkS9JzcUi22QJEdjbQs/aay9gZR115b+UxWPocw0Ms
- ZoREKo3Oe0hETk7Ing8NdBDI0kCBh9QnvqQ3iKd0rBae3DYvcWlDsY93GLGMddgA
- 7E9oa3EHVYH/MPZaeJtTknaJduanBSbiEb/xQOqxTadHoQASKU6DQD1czMH3hLG2
- 8Wn4MBj9fgKBAoIy092tIzPtE2QwAHO73yz4mSW/3r190hREgVbjuEPiw4w5mEyQ
- j+NeN3f3heFKx+GCgdWH9xPw6m6qPdqUiGUPq91KXMOhNa8lLcTp95mHdCMesZCF
- TFj7hf6y+SVt17Vo+YUL7UqnMtAm3eZZmwyDu0DfKFrdgz6MtDD+5dQp9g8VHpqw
- RfbaB1Srlr24EUYYoOBEF9CcIacFbsr+MKh+hQk5R0uEMSeAWARzxvvr69iMgdEC
- zDiu0rrRLN+CrfgkDir7pkRKxeA1lz8KpySyIZRziNg6mSHjKjih4++Bbu4N2ack
- 86h84qBrA8lq2xsub4+HgKZGH2l5Y8tvlr+rx0mQKEJkT6XDKCXZFPfl2N0QrWGT
- Dv7l2vn0QMj9E6+BdRhYaO/m3+cIZ9faM851nRj/gq2OOtzW3ekrne0CAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH4Tjx9qK6uWtxT1HCpeC0XvDZKO/kaPygyKatpAqU6I root@wry";
- };
filepimp = rec {
ci = false;
cores = 1;
@@ -457,16 +144,7 @@ in {
aliases = [
"filepimp.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA43w+A1TMOfugZ/CVwilJn4c36wWSjihaeVe7suZD0DSscKBcbkGg
- 3dTCSTnu6Qb9sYd2mKebKXLreO6nhEEoFGsRU0yw/1h8gl7mWYEdTifPfvM5EWwS
- wkN9dJ5njwIUSRyWH7QTsLkiRJVFN2UxEwrhAbo1FJ7yuhRgAKqKJSN4yPVViZwR
- oHyyobvm/i2J+XSiDI9MRo74vNjnDLvO7R6ErIrhOPP1bD9fx3u+UYUfgS0iCO3X
- UN0duBz/faRcl6IRytZOuHaIp30eJ4850ZK8RPz/Dqqj+USMFq60i0oMsuAi/ljB
- 8b+eQBt6OXu4MSntxoR8Ja7ht+EOTDnBOwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "filepimp";
};
};
};
@@ -489,68 +167,33 @@ in {
"dcpp.omo.r"
"torrent.omo.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAuHQEeowvxRkoHJUw6cUp431pnoIy4MVv7kTLgWEK46nzgZtld9LM
- ZdNMJB9CuOVVMHEaiY6Q5YchUmapGxwEObc0y+8zQxTPw3I4q0GkSJqKLPrsTpkn
- sgEkHPfs2GVdtIBXDn9I8i5JsY2+U8QF8fbIQSOO08/Vpa3nknDAMege9yEa3NFm
- s/+x+2pS+xV6uzf/H21XNv0oufInXwZH1NCNXAy5I2V6pz7BmAHilVOGCT7g2zn6
- GasmofiYEnro4V5s8gDlQkb7bCZEIA9EgX/HP6fZJQezSUHcDCQFI0vg26xywbr6
- 5+9tTn8fN2mWS5+Pdmx3haX1qFcBP5HglwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "omo";
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBGboU/P00yYiwYje53G0oqDFWmcSJ+hIpMsl4f/HH";
+ ssh.pubkey = sshd-for "omo";
};
wbob = rec {
ci = true;
cores = 4;
nets = {
- siem = {
- ip4.addr = "10.8.10.7";
- ip4.prefix = "10.8.10.0/24";
- aliases = [ "display.siem" ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA+/TpxsVIBL9J9QAe/+jB6sgu/O6J+KY4YrAzZ6dM4kbFv5JA64f5
- 6znv8EFqn6loS9Aez3e08P5scyGjiwWytdKN5Yztlffc0xDD7MUU2RiCsQF1X74J
- +1i8NhSq3PJ6UeUURxYYnAYzBlFvsxev4vpniFTsIR9tmcAYX9NT9420D6nV7xq7
- FdkoBlYj4eUQqQzHH1T/Lmt+BGmf+BufIJas+Oo/Sg59vIk9OM08WyAjHVT2iNbg
- LXDhzVaeGOOM3GOa0YGG0giM3Rd245YPaPiVbwrMy8HQRBpMzXOPjcC1nYZSjxrW
- LQxtRS+dmfEMG7MJ8T2T2bseX6z6mONc1QIDAQAB
- -----END RSA PUBLIC KEY-----
- -----BEGIN ED25519 PUBLIC KEY-----
- 3JGeGnADWR+hfb4TEoHDyopEYgkfGNJKwy71bqcsNrO
- -----END ED25519 PUBLIC KEY-----
- '';
- };
retiolum = {
ip4.addr = "10.243.214.15";
aliases = [
"wbob.r"
"hydra.wbob.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e
- QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal
- cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8
- khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs
- rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9
- TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "wbob";
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5ZmJSypW3LXIJ67DdbxMxCfLtORFkl5jEuD131S5Tr";
+ ssh.pubkey = sshd-for "wbob";
};
gum = rec {
ci = true;
extraZones = {
"krebsco.de" = ''
+ boot IN A ${nets.internet.ip4.addr}
boot.euer IN A ${nets.internet.ip4.addr}
cache.euer IN A ${nets.internet.ip4.addr}
cache.gum IN A ${nets.internet.ip4.addr}
@@ -558,6 +201,7 @@ in {
dl.euer IN A ${nets.internet.ip4.addr}
dockerhub IN A ${nets.internet.ip4.addr}
euer IN A ${nets.internet.ip4.addr}
+ euer IN MX 1 aspmx.l.google.com.
ghook IN A ${nets.internet.ip4.addr}
git.euer IN A ${nets.internet.ip4.addr}
gold IN A ${nets.internet.ip4.addr}
@@ -566,6 +210,7 @@ in {
iso.euer IN A ${nets.internet.ip4.addr}
mon.euer IN A ${nets.internet.ip4.addr}
netdata.euer IN A ${nets.internet.ip4.addr}
+ nixos.unstable IN CNAME krebscode.github.io.
o.euer IN A ${nets.internet.ip4.addr}
photostore IN A ${nets.internet.ip4.addr}
pigstarter IN A ${nets.internet.ip4.addr}
@@ -617,90 +262,24 @@ in {
"wiki.gum.r"
"wiki.makefu.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAvgvzx3rT/3zLuCkzXk1ZkYBkG4lltxrLOLNivohw2XAzrYDIw/ZY
- BTDDcD424EkNOF6g/3tIRWqvVGZ1u12WQ9A/R+2F7i1SsaE4nTxdNlQ5rjy80gO3
- i1ZubMkTGwd1OYjJytYdcMTwM9V9/8QYFiiWqh77Xxu/FhY6PcQqwHxM7SMyZCJ7
- 09gtZuR16ngKnKfo2tw6C3hHQtWCfORVbWQq5cmGzCb4sdIKow5BxUC855MulNsS
- u5l+G8wX+UbDI85VSDAtOP4QaSFzLL+U0aaDAmq0NO1QiODJoCo0iPhULZQTFZUa
- OMDYHHfqzluEI7n8ENI4WwchDXH+MstsgwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "gum";
};
};
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum";
+ ssh.pubkey = sshd-for "gum";
};
- shoney = rec {
- ci = false;
- cores = 1;
- nets = rec {
- siem = {
- via = internet;
- ip4.addr = "10.8.10.1";
- ip4.prefix = "10.8.10.0/24";
- aliases = [
- "shoney.siem"
- "graph.siem"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA0OK28PHsMGMxAqVRiRGv93zzEWJgV3hMFquWrpbYC3OZwHDYcNHu
- 74skwRRwwnbcq0ZtWroEvUTmZczuPt2FewdtuEutT7uZJnAYnzSOrB9lmmdoXKQU
- l4ho1LEf/J0sMBi7RU/OJosuruQTAl53ca5KQbRCXkcPlmq4KzUpvgPINpEpYQjB
- CGC3ErOvw2jXESbDnWomYZgJl3uilJUEYlyQEwyWVG+fO8uxlz9qKLXMlkoJTbs4
- fTIcxh7y6ZA7QfMN3Ruq1R66smfXQ4xu1hybvqL66RLiDQgH3BRyKIgobS1UxI4z
- L+xhIsiMXQIo2hv8aOUnf/7Ac9DXNR83GwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- tinc.port = 1655;
- };
- internet = {
- ip4.addr = "64.137.234.215";
- aliases = [
- "shoney.i"
- ];
- };
- retiolum = {
- ip4.addr = "10.243.205.131";
- aliases = [
- "shoney.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAsYXzbotmODJqos+Ilve8WyO2qBti6eMDSOP59Aqb18h8A5b4tCTL
- ygDo2xLLzRaINQAxfdaKcdMOWSEkiy1j/pBYs1tfqv4mT6BO+1t8LXz82D+YcT+4
- okGXklZ/H5L+T9cynbpKIwzTrw0DuOUhzs/WRFJU60B4cJ0Tl3IQs5ePX1SevVht
- M5n1ob47SCHxEuC+ZLNdLc6KRumcp3Ozk6Yxj3lZ0tqyngxY1C+1kTJwRyw9A7vO
- +DAH8t1YusYi7ICHcYt5J1p0ZGizcs8oEnZLBy4D+bJX86g7zbix1lZ37LxDCpQ5
- uCoAYFes7QqLVDYhucZ5ElRWdATM2mBtZwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
sdev = rec {
ci = true;
cores = 1;
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILtm6ETzNgLcXNkrKs2VUEiGsTKBmOFpW2fazbzdUfOg sdev";
+ ssh.pubkey = sshd-for "sdev";
nets = {
retiolum = {
ip4.addr = "10.243.83.237";
aliases = [
"sdev.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA8BwHwQ4pLZpskVnQONJsmzRPll4ZKMjAC56sY5p+GfT9ZBMkVDn+
- LeH9wuTRiX/ehgtBiyu8w37cz62hz/71H+3mnWJlTm9bbBTc5N0y8l9b+YYeExW4
- XPm4bUbJWKNRG9tHQAns/OREYDsHLsY6UoyNFmB0wTDpgs7egDCoe7E2eT+pG428
- ysCDYlaZaigOyW+bj/HFLj8FSfpF5C/ug7NE/D7QocadsRUiLtVYrJsfmT+KHWf+
- f5rLWLvuFiz1SWf7wZ9sICF3RCaC9Qhz7zplgHbvwbOHtF+Z/6DxduRMkggZUsUD
- nm+40Ex1XJTe+s4V4GKLgh/fDKBTS6JwewIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "sdev";
};
};
};
@@ -728,16 +307,7 @@ in {
aliases = [
"flap.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAwtLD+sgTQGO+eh2Ipq2r54J1I0byvfkaTBeBwhtUmWst+lUQUoGy
- 2fGReRYsb4ThDLeyK439jZuQBeXSc5r2g0IHBJCSWj3pVxc1HRTa8LASY7QuprQM
- 8rSQa2XUtx/KpfM2eVX0yIvLuPTxBoOf/AwklIf+NmL7WCfN7sfZssoakD5a1LGn
- 3EtZ2M/4GyoXJy34+B8v7LugeClnW3WDqUBZnNfUnsNWvoldMucxsl4fAhvEehrL
- hGgQMjHFOdKaLyatZOx6Pq4jAna+kiJoq3mVDsB4rcjLuz8XkAUZmVpe5fXAG4hr
- Ig8l/SI6ilu0zCWNSJ/v3wUzksm0P9AJkwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "flap";
};
};
};
@@ -750,105 +320,7 @@ in {
aliases = [
"nukular.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAnt/d9Ys9gmQMGEPzPydAs0Etp9aPb5PreogzVilvazFCZ8HiQHl/
- gRGlNBImcPPAPGgLjQ49TZ6V1s0bX0GMlu9gJxqU7Nz/TPbAaDJSmEDPkXnaMC97
- gLoluwJHURKPP6+0VNQuK/IOjjDLzLjRDiVeIg6NR0nFAQPlxUhrCN/PhxqNV5WP
- H1nR+a4UDoLcKbtgQP+4Eu09iEm+H6o5eCFTX2Ov9Ok2m948Jm0rAqUbPAISf9m4
- tOOhhUhn0xvQy5iNHI72ndLvogQ968rnFwBpZM7HF1FsiaQfOF9Nhf11rHCJod3P
- meq9GsIUyppZmEKecnTtVfG1oUHMbt1GxQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
-
- heidi = rec {
- cores = 1;
- nets = {
- retiolum = {
- ip4.addr = "10.243.124.21";
- aliases = [
- "heidi.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAqRLnAJNZ1OoO1bTS58DQgxi1VKgITHIuTW0fVGDvbXnsjPUB3cgx
- 1GEVtLc0LN6R9wrPKDaqHS6mkiRSDVScaW/FqkdFhTDaBJy8LfomL9ZmkU9DzkvQ
- jncDjr0WoR+49rJHYsUULp1fe98Ev+y3VwVdJOOH92pAj1CAAUdtfG7XcGyHznYY
- ZNLriGZe3l1AwsWMEflzHLeXcKQ/ZPOrjZ4EFVvfGfdQdJ24UUF3r4sBypYnasmA
- q8lCw9rCrFh1OS6mHLC9qsvGfal6X4x2/xKc5VxZD4MQ/Bp7pBi1kwfHpKoREFKo
- w/Jr3oG/uDxMGIzphGX185ObIkZ1wl/9DwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
-
-
- lariat = rec {
- cores = 2;
- nets = {
- retiolum = {
- ip4.addr = "10.243.64.7";
- aliases = [
- "lariat.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAqiDzxADQYY8cWBH+R5aKSoxaFHLvPvVMgB7R1Y6QVTqD5YUCuINX
- eBLFV9idHnHzdZU+xo/c8EFQf0hvyP0z3bcXaiw+RlpEYdK6tuaypJ3870toqWmA
- 269H8ufA3DA0hxlY7dwnhg8Rb7KGIlNN8fy4RMGe73PupF5aAmiDiEhPalv4E0qJ
- unmk5y1OHQFPxYm++yLo5SVFlcO89jDtGpvg5papp8JvtxTkrshby1lXf/sph3Cv
- d1z6h7S+HgT+BMwTZY5dIrwYAcob/t1sRmWsY62P1n02RbiJFm27wg0t/ZcfsI2o
- yBjRTiK5ACJaIdpM99/902gJsuJASPGB2QIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
-
- soundflower = rec {
- cores = 1;
- nets = {
- retiolum = {
- ip4.addr = "10.243.69.184";
- aliases = [
- "soundflower.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA0a0oenAy9MDa2M6NoLtB8elduGgc3oLtUwsm3iUu6w8L+Je5TndN
- H8dPn3sByUk1Jkd8tGGRk/vSFj/mtUn7xXKCnFXfKDqVowu/0KS3Q+6o4mcoATeb
- Ax7e6Cz1YH5+qhQjR7apuase9X9Dzp56//5VW2gaScvWevvzrij2x7eNvJRF+W/l
- FDXc8zBPkFW5TLFHOizRoLl4mK1hz2NrUiqcq5Ghs2yPsFxl/o5+e2MOwtdI49T6
- lMkeshAeNOSMKYfP9nmHZoKI/MIpGak0EF3ZQtLvyv+tM2Q0nuwH3RvxlK/Xf6U+
- 8SoQu4yRIeK+pMiLEHhFPzBpk+sblUlG7QIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
-
- falk = rec {
- cores = 1;
- nets = {
- retiolum = {
- ip4.addr = "10.243.120.19";
- aliases = [
- "falk.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA961eCQE562VPYjuZtd0+FNRfUghvD2ccjUlihMjzg46GAK+duqK+
- 4peWklGOL4eRYQBg6G2VDzWiU2MxXVbXUZaMrxh7fTc3G3LdbqTxzAv3GQKR/6iA
- 9bGUf6u4ztVNAcj2mrY3mfs4gMlBQyQ2wcM0ZUpiAMaRB4cdq7I4GVHbYTFYfQuI
- 2zdnr0w8AjlMpFFcD0ExsWeppiJsE7iiME/S2VVfh2NrEpAKQbLH9fKrfkiJA/+9
- 0VIH9wLLIYngUtQKbvEQ5xgx6ybrg0vO8ZqZ1ZGXYxOQZzWzPP0tvDU0QHSKYSWb
- FjcOf1lWSWjsjHxMl/Gh57hjNJFCbs8yjQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "nukular";
};
};
};
@@ -861,88 +333,7 @@ in {
aliases = [
"filebitch.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA2VjW30A3uQoo5QwbFTnl5fuGg81DZVu8HXmDwgEkhZYr5Xf3V5/d
- fmPlX1igzatWYX0OylFAY69r0V4dqeTubIf83sz1eqtpXjK4czG8A3wMHEXj5Pzs
- e1Qh8K4rHMEATc7Y/cwpQBi2THn2bhufqgaz94m8HrStCZcKCin3fDMbE01WHWX1
- KFqeBtUd7b9pWbXKlLBNpHTZoGxVQk0Hto9pxYzHecRsbQXykYk3Rw2tSuf0aH99
- oY0i3LjOb+f2oq2S4qVHqHZsMJfDVr+x2/LP1SIcc1lVTztWSSAzZEokE0/ejvXf
- wkquBVHXdl6LuzH+/V1I7OsaMhHShYu1LwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
-
- bridge = rec {
- cores = 1;
- nets = {
- retiolum = {
- ip4.addr = "10.243.26.29";
- aliases = [
- "excobridge.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEApeeMSYMuXg4o/fNHnG2ftp2WskZLrt63zhRag7U1HqYUnuPqY60d
- VVy9MBTawm6N02nC2Svm3V07ZXaRp/XsXQLx+evZcDjPjnDYgl2ZGX0ir5Cn50bm
- UzhJiMW6/J7AYvucgeAaVJ0YmIwRw6ndYGcxmXWi4TK0jSzhuSLgookWM6iJfbdB
- oaYsjiXisEvNxt7rBlCfacaHMlPhz3gr1gc4IDCwF+RAMM29NUN3OinI+/f56d7b
- /hLZWbimiwtvGVsGLiA2EIcfxQ7aD/LINu+XXMaq7f8QByXj/Lzi7456tDi3pdJg
- lyg9yqRJYt4Zle5PVejn08qiofTUmlEhnwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
-
- horisa = rec {
- cores = 2;
- nets = {
- retiolum = {
- ip4.addr = "10.243.226.213";
- aliases = [
- "horisa.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA1hhBqCku98gimv0yXr6DFwE2HUemigyqX8o7IsPOW5XT/K8o+V40
- Oxk3r0+c7IYREvug/raxoullf5TMJFzTzqzX4njgsiTs25V8D7hVT4jcRKTcXmBn
- XpjtD+tIeDW1E6dIMMDbxKCyfd/qaeg83G7gPobeFYr4JNqQLXrnotlWMO9S13UT
- +EgSP2pixv/dGIqX8WRg23YumO8jZKbso/sKKFMIEOJvnh/5EcWb24+q2sDRCitP
- sWJ5j/9M1Naec/Zl27Ac2HyMWRk39F9Oo+iSbc47QvjKTEmn37P4bBg3hY9FSSFo
- M90wG/NRbw1Voz6BgGlwOAoA+Ln0rVKqDQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
-
- tahoe = rec {
- cores = 1;
- nets = {
- internet = {
- ip4.addr = "148.251.47.69";
- aliases = [
- "wooki.i"
- ];
- };
- retiolum = {
- ip4.addr = "10.243.57.85";
- aliases = [
- "wooki.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAx6R+CuJu4Bql+DgGPpE7wI+iasRY6ltxW0/L04uW9XiOKiEjx66y
- QMMaW18bcb0SOfTE8qYo8pOsZ5E9FFPY6cKH4DGi8g1FpaODle9V8RrVg3F7RuZ8
- dXDXeZxvYvJ2LwPBvlr1aisqJqgxAwF2ipPPX97rAYbp46a/vkgU5bPF1OFlTDaH
- 9jjThuidiEwY4EMtJGKisnTGx8yS5iQibDMqzrcRpCxCLcl68FgFNKCTtSIj1mo6
- hgO1ZKmHw73ysmrL2tImmalHYcqDJnq/KInG2ZkCZI/2ZqfJyrRSTk86t5ubfD6p
- egC5N0Y5dQHJd66AytNwXxymiAcWuYth9QIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "filebitch";
};
};
};
@@ -955,40 +346,7 @@ in {
aliases = [
"senderechner.r"
];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA0zCc5aLVRO6NuxUoR6BVzq2PQ/U5AEjYTdGkQufRot42N29MhxY7
- lJBfPfkw/yg2FOzmAzTi62QyrLWSaF1x54rKu+JeNSsOAX+BorGhM67N45DGvJ0X
- rakIL0BrVoV7Kxssq3DscGVbjbNS5B5c+IvTp97me/MpuDrfYqUyZk5mS9nB0oDL
- inao/A5AtOO4sdqN5BNE9/KisN/9dD359Gz2ZGGq6Ki7o4HBdBj5vi0f4fTofZxT
- BJH4BxbWaHwXMC0HYGlhQS0Y7tKYT6h3ChxoLDuW2Ox2IF5AQ/O4t4PIBDp1XaAO
- OK8SsmsiD6ZZm6q/nLWBkYH08geYfq0BhQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
- tcac-0-1 = rec {
- cores = 1;
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcX7rlGmGp1zCStrERXZ3XuT/j69FDBXV4ceLn9RXsG tcac-0-1
- ";
- nets = {
- retiolum = {
- ip4.addr = "10.243.144.142";
- aliases = [
- "tcac-0-1.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA+3zuZa8FhFBcUNdNGyTQph6Jes0WDQB4CDcEcnK9okP60Z0ONq8j
- 7sKmxzQ43WFm04fd992Aa/KLbYBbXmGtYuu68DQwQGwk3HVNksp6ha7uVK1ibgNs
- zJIKizpFqK4NAYit0OfAy7ugVSvtyIxg9CDhnASDZ5NRq8/OLhvo5M4c3r3lGOlO
- Hv1nf4Tl2IYRln3c+AJEiw2369K46mRlt28yHeKUw1ur6hrbahnkYW+bjeliROIs
- QLp8J8Jl6evtPOyZpgyGHLQ/WPsQRK5svVA9ou17R//m4KNL1kBjTfxs7GaJWHLl
- HpSZTqRKsuK6K9R6kzu7NU81Wz0HXxw/qwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
+ tinc.pubkey = tinc-for "senderechner";
};
};
};
diff --git a/krebs/3modules/makefu/sshd/cake.pub b/krebs/3modules/makefu/sshd/cake.pub
new file mode 100644
index 000000000..8eab57ab7
--- /dev/null
+++ b/krebs/3modules/makefu/sshd/cake.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGyJlI0YpIh/LiiPMseD2IBHg+uVGrkSy0MPNeD+Jv8Y cake
diff --git a/krebs/3modules/makefu/sshd/crapi.pub b/krebs/3modules/makefu/sshd/crapi.pub
new file mode 100644
index 000000000..5361111a5
--- /dev/null
+++ b/krebs/3modules/makefu/sshd/crapi.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGaV5Ga5R8RTrA+nclxw6uy5Z+hPBLitQTfuXdsmbVW6 crapi
diff --git a/krebs/3modules/makefu/sshd/fileleech.pub b/krebs/3modules/makefu/sshd/fileleech.pub
new file mode 100644
index 000000000..22a3c7534
--- /dev/null
+++ b/krebs/3modules/makefu/sshd/fileleech.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech
diff --git a/krebs/3modules/makefu/sshd/firecracker.pub b/krebs/3modules/makefu/sshd/firecracker.pub
new file mode 100644
index 000000000..8e9ef5a37
--- /dev/null
+++ b/krebs/3modules/makefu/sshd/firecracker.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGk+QqJEPoBNP9KbPiivCI5YJ9psAKnujRrUL4bNqxwe firecracker
diff --git a/krebs/3modules/makefu/sshd/gum.pub b/krebs/3modules/makefu/sshd/gum.pub
new file mode 100644
index 000000000..c79e3cbee
--- /dev/null
+++ b/krebs/3modules/makefu/sshd/gum.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum
diff --git a/krebs/3modules/makefu/sshd/omo.pub b/krebs/3modules/makefu/sshd/omo.pub
new file mode 100644
index 000000000..63bbbc709
--- /dev/null
+++ b/krebs/3modules/makefu/sshd/omo.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBGboU/P00yYiwYje53G0oqDFWmcSJ+hIpMsl4f/HH
diff --git a/krebs/3modules/makefu/sshd/sdev.pub b/krebs/3modules/makefu/sshd/sdev.pub
new file mode 100644
index 000000000..972e9b6d4
--- /dev/null
+++ b/krebs/3modules/makefu/sshd/sdev.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILtm6ETzNgLcXNkrKs2VUEiGsTKBmOFpW2fazbzdUfOg sdev
diff --git a/krebs/3modules/makefu/sshd/studio.pub b/krebs/3modules/makefu/sshd/studio.pub
new file mode 100644
index 000000000..be5a4e6d3
--- /dev/null
+++ b/krebs/3modules/makefu/sshd/studio.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio
diff --git a/krebs/3modules/makefu/sshd/wbob.pub b/krebs/3modules/makefu/sshd/wbob.pub
new file mode 100644
index 000000000..8b1789f21
--- /dev/null
+++ b/krebs/3modules/makefu/sshd/wbob.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5ZmJSypW3LXIJ67DdbxMxCfLtORFkl5jEuD131S5Tr
diff --git a/krebs/3modules/makefu/sshd/x.pub b/krebs/3modules/makefu/sshd/x.pub
new file mode 100644
index 000000000..085f7f490
--- /dev/null
+++ b/krebs/3modules/makefu/sshd/x.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@x
diff --git a/krebs/3modules/makefu/tinc/cake.pub b/krebs/3modules/makefu/tinc/cake.pub
new file mode 100644
index 000000000..8a1e4b933
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/cake.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA0khdelSrOV/ZI9vvbV5aT1wVn2IfUfIdDCQIOnF2mZsrnIcuaedu
+jRfZnJST1vOfL7JksF1+8pYwSn34CjJCGhyFf25lc6mARXmZe/araNrVpTntCy2+
+MqG8KZe4mIda/WPTXRYGtFVQZeClM5SCZ7EECtw8sEkwt2QtOv43p/hiMXAkOQsq
+6xc9/b4Bry7d+IjJs3waKfFQllF+C+GuK8yF0YnCEb6GZw7xkxHIO1QV4KSQ4CH7
+36kEAdCSQ5rgaygRanUlUl+duQn1MLQ+lRlerAEcFfKrr3MKNz2jmGth8iUURdyP
+MHjSWe+RkLQ6zzBaVgoKKuI9MbIbhenJWwIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/crapi.pub b/krebs/3modules/makefu/tinc/crapi.pub
new file mode 100644
index 000000000..2b6104468
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/crapi.pub
@@ -0,0 +1,9 @@
+Ed25519PublicKey = Zkh6vtSNBvKYUjCPsMyAFJmxzueglCDoawVPCezKy4F
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAloXLBfZQEVW9mJ7uwOoa+DfV4ek/SG+JQuexJMugei/iNy0NjY66
+OVIkzFmED32c3D7S1+Q+5Mc3eR02k1o7XERpZeZhCtJOBlS4xMzCKH62E4USvH5L
+R4O8XX1o/tpeOuZvpnpY1oPmFFc/B5G2jWWQR4Slpbw7kODwYYm5o+B7n+MkVNrk
+OEOHLaaO6I5QB3GJvDH2JbwzDKLVClQM20L/EvIwnB+Xg0q3veKFj0WTXEK+tuME
+di++RV4thhZ9IOgRTJOeT94j7ulloh15gqYaIqRqgtzfWE2TnUxvl+upB+yQHNtl
+bJFLHkE34cQGxEv9dMjRe8i14+Onhb3B6wIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/filebitch.pub b/krebs/3modules/makefu/tinc/filebitch.pub
new file mode 100644
index 000000000..fe31accda
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/filebitch.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA2VjW30A3uQoo5QwbFTnl5fuGg81DZVu8HXmDwgEkhZYr5Xf3V5/d
+fmPlX1igzatWYX0OylFAY69r0V4dqeTubIf83sz1eqtpXjK4czG8A3wMHEXj5Pzs
+e1Qh8K4rHMEATc7Y/cwpQBi2THn2bhufqgaz94m8HrStCZcKCin3fDMbE01WHWX1
+KFqeBtUd7b9pWbXKlLBNpHTZoGxVQk0Hto9pxYzHecRsbQXykYk3Rw2tSuf0aH99
+oY0i3LjOb+f2oq2S4qVHqHZsMJfDVr+x2/LP1SIcc1lVTztWSSAzZEokE0/ejvXf
+wkquBVHXdl6LuzH+/V1I7OsaMhHShYu1LwIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/fileleech.pub b/krebs/3modules/makefu/tinc/fileleech.pub
new file mode 100644
index 000000000..1dc6a5b1f
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/fileleech.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA2W20+jYvuFUjPQ+E+7Xlabf8fW/XSnTTelfo2uRcJ3FMLYQ9H3rF
+8L8StPmxn8Q20FFH/MvRmgW8pU9z4RQ3nAi+utVYqAJQtOYA9FPMxssC08w82r0K
+YC6sgc9MeRjnCjQxQrQs4fqA6KpqSLxRf2c6kfNwYRgCxFMns2ncxOiPOoGLZait
+nJR3m0cSRm8yCTMbznlGH99+5+3HgvuBE/UYXmmGBs7w8DevaX76butzprZ8fm4z
+e5C7R9ofdVW70GGksfSI81y5xODWMbfjTRHKm4OBX7NOCiOTwx1wu8bYDN3EzN6V
+UM5PJfU42sViPEZmVuC8cDcP1xemHTkh9QIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/filepimp.pub b/krebs/3modules/makefu/tinc/filepimp.pub
new file mode 100644
index 000000000..007806230
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/filepimp.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA43w+A1TMOfugZ/CVwilJn4c36wWSjihaeVe7suZD0DSscKBcbkGg
+3dTCSTnu6Qb9sYd2mKebKXLreO6nhEEoFGsRU0yw/1h8gl7mWYEdTifPfvM5EWwS
+wkN9dJ5njwIUSRyWH7QTsLkiRJVFN2UxEwrhAbo1FJ7yuhRgAKqKJSN4yPVViZwR
+oHyyobvm/i2J+XSiDI9MRo74vNjnDLvO7R6ErIrhOPP1bD9fx3u+UYUfgS0iCO3X
+UN0duBz/faRcl6IRytZOuHaIp30eJ4850ZK8RPz/Dqqj+USMFq60i0oMsuAi/ljB
+8b+eQBt6OXu4MSntxoR8Ja7ht+EOTDnBOwIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/firecracker.pub b/krebs/3modules/makefu/tinc/firecracker.pub
new file mode 100644
index 000000000..6f7907829
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/firecracker.pub
@@ -0,0 +1,14 @@
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuZaPnN4pQVpKWKG1Yylx
+JghzOphuQMuzstedqKFo3MTUtgra27ul8IyqljJxVH+hnpObhDwzYS3Zz1BAp/WF
+SFAslLbpPEG7UrwmvZHa3jqE4m/uIMtgYK65iIfB8bs17lkvRchfTfzTvwdtPSkM
+zbgjq4HttI2aMoNggadfMSGdzv7hEhxFpRBAiXxJHOFTNa//ov/DehrW88blYQ3l
+lSS2ZR+WHNVYfRPvfejDnstGenNCJXkpMYPe5YD9CZa0sy639ejTGs+nluU5+uId
+lp+0QW5i8E3JvZDiIu9NF9cT+GZhKcgWyvwoA/yRFqRVWHUcK7w8MN1hmbExXFub
+pS3GW2/f50USjT2jvK6zg2/KzTio2yEfd/FpQwTmyzAUJbwBkJNyD1YmFGv54tWS
+/xDyn3+OsKT4VztfTPrH59MVZZd12WMavB3Y0VIEkVHhrK2BNIoMuJ9e96VDFZ14
+9N6ouRAchIydQweESiBzHr0DUXeZO1jNLlNM0q8+aaS/bONkiFzRrKkYnbqB6ION
+Ln6pg+5NtrZ/Cb7/UWwSNeooiiOnjzVLsZv3mEzt3IjcJO5iW3IOZhT29S9E3CwG
+0rqK7CiByJJXPB/LqwKZdN3WtZgCfPJ48abmzobHhEKTsVG230G4jMF/dLpV3sZT
+tIsbd9vYVSSP0Rg/K4hmsOMCAwEAAQ==
+-----END PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/flap.pub b/krebs/3modules/makefu/tinc/flap.pub
new file mode 100644
index 000000000..8906e659b
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/flap.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAwtLD+sgTQGO+eh2Ipq2r54J1I0byvfkaTBeBwhtUmWst+lUQUoGy
+2fGReRYsb4ThDLeyK439jZuQBeXSc5r2g0IHBJCSWj3pVxc1HRTa8LASY7QuprQM
+8rSQa2XUtx/KpfM2eVX0yIvLuPTxBoOf/AwklIf+NmL7WCfN7sfZssoakD5a1LGn
+3EtZ2M/4GyoXJy34+B8v7LugeClnW3WDqUBZnNfUnsNWvoldMucxsl4fAhvEehrL
+hGgQMjHFOdKaLyatZOx6Pq4jAna+kiJoq3mVDsB4rcjLuz8XkAUZmVpe5fXAG4hr
+Ig8l/SI6ilu0zCWNSJ/v3wUzksm0P9AJkwIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/gum.pub b/krebs/3modules/makefu/tinc/gum.pub
new file mode 100644
index 000000000..73f8563d0
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/gum.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAvgvzx3rT/3zLuCkzXk1ZkYBkG4lltxrLOLNivohw2XAzrYDIw/ZY
+BTDDcD424EkNOF6g/3tIRWqvVGZ1u12WQ9A/R+2F7i1SsaE4nTxdNlQ5rjy80gO3
+i1ZubMkTGwd1OYjJytYdcMTwM9V9/8QYFiiWqh77Xxu/FhY6PcQqwHxM7SMyZCJ7
+09gtZuR16ngKnKfo2tw6C3hHQtWCfORVbWQq5cmGzCb4sdIKow5BxUC855MulNsS
+u5l+G8wX+UbDI85VSDAtOP4QaSFzLL+U0aaDAmq0NO1QiODJoCo0iPhULZQTFZUa
+OMDYHHfqzluEI7n8ENI4WwchDXH+MstsgwIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/nukular.pub b/krebs/3modules/makefu/tinc/nukular.pub
new file mode 100644
index 000000000..eb5891b1b
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/nukular.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAnt/d9Ys9gmQMGEPzPydAs0Etp9aPb5PreogzVilvazFCZ8HiQHl/
+gRGlNBImcPPAPGgLjQ49TZ6V1s0bX0GMlu9gJxqU7Nz/TPbAaDJSmEDPkXnaMC97
+gLoluwJHURKPP6+0VNQuK/IOjjDLzLjRDiVeIg6NR0nFAQPlxUhrCN/PhxqNV5WP
+H1nR+a4UDoLcKbtgQP+4Eu09iEm+H6o5eCFTX2Ov9Ok2m948Jm0rAqUbPAISf9m4
+tOOhhUhn0xvQy5iNHI72ndLvogQ968rnFwBpZM7HF1FsiaQfOF9Nhf11rHCJod3P
+meq9GsIUyppZmEKecnTtVfG1oUHMbt1GxQIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/omo.pub b/krebs/3modules/makefu/tinc/omo.pub
new file mode 100644
index 000000000..ce558d10a
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/omo.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAuHQEeowvxRkoHJUw6cUp431pnoIy4MVv7kTLgWEK46nzgZtld9LM
+ZdNMJB9CuOVVMHEaiY6Q5YchUmapGxwEObc0y+8zQxTPw3I4q0GkSJqKLPrsTpkn
+sgEkHPfs2GVdtIBXDn9I8i5JsY2+U8QF8fbIQSOO08/Vpa3nknDAMege9yEa3NFm
+s/+x+2pS+xV6uzf/H21XNv0oufInXwZH1NCNXAy5I2V6pz7BmAHilVOGCT7g2zn6
+GasmofiYEnro4V5s8gDlQkb7bCZEIA9EgX/HP6fZJQezSUHcDCQFI0vg26xywbr6
+5+9tTn8fN2mWS5+Pdmx3haX1qFcBP5HglwIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/sdev.pub b/krebs/3modules/makefu/tinc/sdev.pub
new file mode 100644
index 000000000..be500bbab
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/sdev.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA8BwHwQ4pLZpskVnQONJsmzRPll4ZKMjAC56sY5p+GfT9ZBMkVDn+
+LeH9wuTRiX/ehgtBiyu8w37cz62hz/71H+3mnWJlTm9bbBTc5N0y8l9b+YYeExW4
+XPm4bUbJWKNRG9tHQAns/OREYDsHLsY6UoyNFmB0wTDpgs7egDCoe7E2eT+pG428
+ysCDYlaZaigOyW+bj/HFLj8FSfpF5C/ug7NE/D7QocadsRUiLtVYrJsfmT+KHWf+
+f5rLWLvuFiz1SWf7wZ9sICF3RCaC9Qhz7zplgHbvwbOHtF+Z/6DxduRMkggZUsUD
+nm+40Ex1XJTe+s4V4GKLgh/fDKBTS6JwewIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/senderechner.pub b/krebs/3modules/makefu/tinc/senderechner.pub
new file mode 100644
index 000000000..a6cbabc28
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/senderechner.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA0zCc5aLVRO6NuxUoR6BVzq2PQ/U5AEjYTdGkQufRot42N29MhxY7
+lJBfPfkw/yg2FOzmAzTi62QyrLWSaF1x54rKu+JeNSsOAX+BorGhM67N45DGvJ0X
+rakIL0BrVoV7Kxssq3DscGVbjbNS5B5c+IvTp97me/MpuDrfYqUyZk5mS9nB0oDL
+inao/A5AtOO4sdqN5BNE9/KisN/9dD359Gz2ZGGq6Ki7o4HBdBj5vi0f4fTofZxT
+BJH4BxbWaHwXMC0HYGlhQS0Y7tKYT6h3ChxoLDuW2Ox2IF5AQ/O4t4PIBDp1XaAO
+OK8SsmsiD6ZZm6q/nLWBkYH08geYfq0BhQIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/studio.pub b/krebs/3modules/makefu/tinc/studio.pub
new file mode 100644
index 000000000..b8fe8ee23
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/studio.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAwAdSac8Oy5tPu7ejwojY5YqaNOfd7i0NToE+oaRJ1yxzmUpj8Fti
+cGpcgBYhFXMVYoYfzLdkAlSYjWKAoShCq/ZEfIM67okXegXvL68zGksfXrmpdUuk
+GCCy2/Ul5urvYEis9UeUpbe6tUxU0zXUWCkhMQgHeO2xQEizfIfWsUn5sYtFFoKI
+jYbAcLbRtw+Islfih8G7ydPBh78WPGz6Xx79A5nmfI1VZDAToEqpqUoaqfzsTGd1
+78GZssE3o4veTmBFvLV3Fm/ltfXpzhAIcsi89V3RjrzFM7UMD8aV153OAzhddxIu
+8x6FibmMSzBXQDFuAac2+kp9mU0F0W4G1wIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/tsp.pub b/krebs/3modules/makefu/tinc/tsp.pub
new file mode 100644
index 000000000..48533da58
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/tsp.pub
@@ -0,0 +1,13 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEAwW+RjRcp3uarkfXZ+FcCYY2GFcfI595GDpLRuiS/YQAB3JZEirHi
+HFhDJN80fZ9qHqtq9Af462xSx+cIb282TxAqCM1Z9buipOcYTYo0m8xIqkT10dB3
+mR87B+Ed1H6G3J6isdwEb9ZMegyGIIeyR53FJQYMZXjxdJbAmGMDKqjZSk1D5mo+
+n5Vx3lGzTuDy84VyphfO2ypG48RHCxHUAx4Yt3o84LKoiy/y5E66jaowCOjZ6SqG
+R0cymuhoBhMIk2xAXk0Qn7MZ1AOm9N7Wru7FXyoLc7B3+Gb0/8jXOJciysTG7+Gr
+Txza6fJvq2FaH8iBnfezSELmicIYhc8Ynlq4xElcHhQEmRTQavVe/LDhJ0i6xJSi
+aOu0njnK+9xK+MyDkB7n8dO1Iwnn7aG4n3CjVBB4BDO08lrovD3zdpDX0xhWgPRo
+ReOJ3heRO/HsVpzxKlqraKWoHuOXXcREfU9cj3F6CRd0ECOhqtFMEr6TnuSc8GaE
+KCKxY1oN45NbEFOCv2XKd2wEZFH37LFO6xxzSRr1DbVuKRYIPjtOiFKpwN1TIT8v
+XGzTT4TJpBGnq0jfhFwhVjfCjLuGj29MCkvg0nqObQ07qYrjdQI4W1GnGOuyXkvQ
+teyxjUXYbp0doTGxKvQaTWp+JapeEaJPN2MDOhrRFjPrzgo3aW9+97UCAwEAAQ==
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/wbob.pub b/krebs/3modules/makefu/tinc/wbob.pub
new file mode 100644
index 000000000..8abfa34d4
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/wbob.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e
+QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal
+cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8
+khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs
+rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9
+TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/tinc/x.pub b/krebs/3modules/makefu/tinc/x.pub
new file mode 100644
index 000000000..da6482eed
--- /dev/null
+++ b/krebs/3modules/makefu/tinc/x.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAnztrijsfao+fmNtwAjqwIDKsRaMP3ECsq2T2zqKvxwCyXk69G9bG
+RFhWjgaawS9ZhnHSlgWK/vtoR0O9NxpzdU/mvdQijbVGxM02DegjO9qDSIe8EGmA
+kscW4nDqYtw4rtjOVPfnNiWXbcWD8eiYR0kcSWmSvfOpVvdhTETqduTx5HRHyEFD
+JRQYR/tJSvVWXmM670PENAPNJFJ4VSJR60s5A+bFT7J/uw7HzJXX28LygJz73Dj2
+2a4ev0WcZQngLq072h/91R/TOpg+ogUDVhXkQtKyFj7im0287JTL4bXGofZBhzaf
++h9dFGs1QLoNyhG/cgt9fog7boSXTelAiQIDAQAB
+-----END RSA PUBLIC KEY-----
From 6c8d0737107fa00fcd8b1c09bff0feedcaaaad7c Mon Sep 17 00:00:00 2001
From: Jan Heidbrink <jan.heidbrink@posteo.de>
Date: Tue, 26 Feb 2019 22:50:30 +0100
Subject: [PATCH 093/107] external: add toastbrot.r
---
krebs/3modules/external/default.nix | 30 +++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 1f80906f8..c9715cb85 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -299,6 +299,33 @@ in {
};
};
};
+ toastbrot = {
+ owner = config.krebs.users.jan;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.117.12";
+ aliases = [
+ "toastbrot.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA12VLPJMhGSh5fQgrB6bP
+ 2H1eew0/7t1xr3oJ3uaTZd7UIvPQ/aA5pB9xL5s+BIBvRa5P3QFWUAVhqchsPiRc
+ yC4awLvo6zrUZB3pJBFiUuThx1xzmazTbRNyJ0E3Dwi2VSp3dAi5xEwHSVDSElGj
+ DyRrdwyLe9lKghGHgNhB01QAt1/AO3A/TBs2RS/E0kuPhVQzpo5Ae5I530Cr0pf3
+ r/de1TdArIcOfnTvW7WNrdBhwLq14cfdXkZwJ2bBE9Q22FAJp5k21PW5dQ41oDuT
+ PYHZIH555sxifMThrUpuNHIrDtIQk6D+Km90WNf/lBGwZqQr/B5G6zSNX7d/0JbY
+ Hi8Ltq++Sf0XgWNir9+evGNLCBqAXdvQFrj2l7BuNywE0L2nZThnxjTxP6QLFnqO
+ IXY97x3p7AYcfmVFutfYqYM1HdyyehF711hhm30fdcXHsJ+GpQgGrj67+++N7g7g
+ fjWBGNI9EL9CyTZ/N9U3TGeoxooc1BSaAiHmaPoYaAeI0Y/W6bNrixpL3aI5X8MH
+ Flen2y2XEk2n+pXozPDbLAT+MZ3sWwODDYRc8zGbV2RlMvL94LHh95/JC0itdXa3
+ uNRDtSnfbNe4eHw9/HMDkclhywuE+hbyq+JNNodqLwG/o1/r3GI+ggOyCdZHjF4B
+ 4R8QXUJiqUdcbR3WQDR5i10CAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ };
+ };
tpsw = {
cores = 2;
owner = config.krebs.users.ciko; # main laptop
@@ -411,6 +438,9 @@ in {
mail = "dickbutt@excogitation.de";
pubkey = ssh-for "exco";
};
+ jan = {
+ mail = "jan.heidbrink@posteo.de";
+ };
kmein = {
mail = "kieran.meinhardt@gmail.com";
pubkey = ssh-for "kmein";
From f786e5a22f4dcf6a852d8cf87695e6fd90faf888 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 27 Feb 2019 23:27:39 +0100
Subject: [PATCH 094/107] ma: make extensive use of defaults for inventory
---
krebs/3modules/makefu/default.nix | 189 ++++++------------
.../makefu/{tinc => retiolum}/cake.pub | 0
.../makefu/{tinc => retiolum}/crapi.pub | 0
.../makefu/{tinc => retiolum}/filebitch.pub | 0
.../makefu/{tinc => retiolum}/fileleech.pub | 0
.../makefu/{tinc => retiolum}/filepimp.pub | 0
.../makefu/{tinc => retiolum}/firecracker.pub | 0
.../makefu/{tinc => retiolum}/flap.pub | 0
.../makefu/{tinc => retiolum}/gum.pub | 0
.../makefu/{tinc => retiolum}/nukular.pub | 0
.../makefu/{tinc => retiolum}/omo.pub | 0
.../makefu/{tinc => retiolum}/sdev.pub | 0
.../{tinc => retiolum}/senderechner.pub | 0
.../makefu/{tinc => retiolum}/studio.pub | 0
.../makefu/{tinc => retiolum}/tsp.pub | 0
.../makefu/{tinc => retiolum}/wbob.pub | 0
.../3modules/makefu/{tinc => retiolum}/x.pub | 0
krebs/3modules/makefu/wiregrill/gum.pub | 1 +
krebs/3modules/makefu/wiregrill/x.pub | 1 +
19 files changed, 65 insertions(+), 126 deletions(-)
rename krebs/3modules/makefu/{tinc => retiolum}/cake.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/crapi.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/filebitch.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/fileleech.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/filepimp.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/firecracker.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/flap.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/gum.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/nukular.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/omo.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/sdev.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/senderechner.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/studio.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/tsp.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/wbob.pub (100%)
rename krebs/3modules/makefu/{tinc => retiolum}/x.pub (100%)
create mode 100644 krebs/3modules/makefu/wiregrill/gum.pub
create mode 100644 krebs/3modules/makefu/wiregrill/x.pub
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 8c7e415cb..c65b27973 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -5,128 +5,103 @@
with import <stockholm/lib>;
{ config, ... }: let
- hostDefaults = hostName: host: flip recursiveUpdate host ({
- owner = config.krebs.users.makefu;
- } // optionalAttrs (host.nets?retiolum) {
- nets.retiolum.ip6.addr =
- (krebs.genipv6 "retiolum" "makefu" { inherit hostName; }).address;
- });
+ hostDefaults = hostName: host: foldl' recursiveUpdate {} [
+ {
+ owner = config.krebs.users.makefu;
+ }
+ # Retiolum defaults
+ (let
+ pubkey-path = ./retiolum + "/${hostName}.pub";
+ in optionalAttrs (pathExists pubkey-path) {
+ nets.retiolum = {
+ tinc.pubkey = readFile pubkey-path;
+ aliases = [
+ "${hostName}.r"
+ ];
+ ip6.addr =
+ (krebs.genipv6 "retiolum" "makefu" { inherit hostName; }).address;
+ };
+ })
+ # Wiregrill defaults
+ (let
+ pubkey-path = ./wiregrill + "/${hostName}.pub";
+ in optionalAttrs (pathExists pubkey-path) {
+ nets.wiregrill = {
+ aliases = [
+ "${hostName}.w"
+ ];
+ ip6.addr =
+ (krebs.genipv6 "wiregrill" "makefu" { inherit hostName; }).address;
+ wireguard.pubkey = readFile pubkey-path;
+ };
+ })
+ # SSHD defaults
+ (let
+ pubkey-path = ./sshd + "/${hostName}.pub";
+ in optionalAttrs (pathExists pubkey-path) {
+ ssh.pubkey = readFile pubkey-path;
+ # We assume that if the sshd pubkey exits then there must be a privkey in
+ # the screts store as well
+ ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
+ })
+ host
+ ];
pub-for = name: builtins.readFile (./ssh + "/${name}.pub");
- sshd-for = name: builtins.readFile (./sshd + "/${name}.pub");
- tinc-for= name: builtins.readFile (./tinc + "/${name}.pub");
-
+ w6 = ip: (krebs.genipv6 "wiregrill" "makefu" ip).address;
in {
hosts = mapAttrs hostDefaults {
cake = rec {
cores = 4;
ci = false;
nets = {
- retiolum = {
- ip4.addr = "10.243.136.236";
- aliases = [
- "cake.r"
- ];
- tinc.pubkey = tinc-for "cake";
- };
+ retiolum.ip4.addr = "10.243.136.236";
};
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = sshd-for "cake";
};
crapi = rec { # raspi1
cores = 1;
ci = false;
nets = {
- retiolum = {
- ip4.addr = "10.243.136.237";
- aliases = [
- "crapi.r"
- ];
- tinc.pubkey = tinc-for "crapi";
- };
+ retiolum.ip4.addr = "10.243.136.237";
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = sshd-for "crapi";
};
firecracker = {
cores = 4;
nets = {
- retiolum = {
- ip4.addr = "10.243.12.12";
- ip6.addr = "42:0:0:0:0:0:0:12";
- aliases = [
- "firecracker.r"
- ];
- tinc.pubkey = tinc-for "firecracker";
- };
+ retiolum.ip4.addr = "10.243.12.12";
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = sshd-for "firecracker";
};
studio = rec {
ci = false;
cores = 4;
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = sshd-for "studio";
nets = {
- retiolum = {
- ip4.addr = "10.243.227.163";
- aliases = [
- "studio.r"
- ];
- tinc.pubkey = tinc-for "studio";
- };
+ retiolum.ip4.addr = "10.243.227.163";
};
};
fileleech = rec {
ci = false;
cores = 4;
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = "";
nets = {
- retiolum = {
- ip4.addr = "10.243.113.98";
- aliases = [
- "fileleech.r"
- ];
- tinc.pubkey = tinc-for "fileleech";
- };
+ retiolum.ip4.addr = "10.243.113.98";
};
};
tsp = {
ci = true;
cores = 1;
nets = {
- retiolum = {
- ip4.addr = "10.243.0.212";
- aliases = [
- "tsp.r"
- ];
- tinc.pubkey = tinc-for "tsp";
- };
+ retiolum.ip4.addr = "10.243.0.212";
};
};
x = {
ci = true;
cores = 4;
nets = {
- retiolum = {
- ip4.addr = "10.243.0.91";
- aliases = [
- "x.r"
- ];
- tinc.pubkey = tinc-for "x";
+ retiolum.ip4.addr = "10.243.0.91";
+ wiregrill = {
+ # defaults
};
- #wiregrill = {
- # aliases = [
- # "x.w"
- # ];
- # wireguard.pubkey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g=";
- #};
};
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = sshd-for "x";
};
filepimp = rec {
@@ -139,13 +114,7 @@ in {
"filepimp.lan"
];
};
- retiolum = {
- ip4.addr = "10.243.153.102";
- aliases = [
- "filepimp.r"
- ];
- tinc.pubkey = tinc-for "filepimp";
- };
+ retiolum.ip4.addr = "10.243.153.102";
};
};
@@ -163,15 +132,11 @@ in {
retiolum = {
ip4.addr = "10.243.0.89";
aliases = [
- "omo.r"
"dcpp.omo.r"
"torrent.omo.r"
];
- tinc.pubkey = tinc-for "omo";
};
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = sshd-for "omo";
};
wbob = rec {
ci = true;
@@ -180,14 +145,10 @@ in {
retiolum = {
ip4.addr = "10.243.214.15";
aliases = [
- "wbob.r"
"hydra.wbob.r"
];
- tinc.pubkey = tinc-for "wbob";
};
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = sshd-for "wbob";
};
gum = rec {
ci = true;
@@ -231,13 +192,16 @@ in {
"nextgum.i"
];
};
- #wiregrill = {
- # via = internet;
- # aliases = [
- # "gum.w"
- # ];
- # wireguard.pubkey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo=";
- #};
+ wiregrill = {
+ via = internet;
+ ip6.addr = w6 "1";
+ wireguard = {
+ subnets = [
+ (krebs.genipv6 "wiregrill" "external" 0).subnetCIDR
+ (krebs.genipv6 "wiregrill" "makefu" 0).subnetCIDR
+ ];
+ };
+ };
retiolum = {
via = internet;
ip4.addr = "10.243.0.213";
@@ -250,7 +214,6 @@ in {
"dcpp.gum.r"
"dcpp.nextgum.r"
"graph.r"
- "gum.r"
"logs.makefu.r"
"netdata.makefu.r"
"nextgum.r"
@@ -262,25 +225,15 @@ in {
"wiki.gum.r"
"wiki.makefu.r"
];
- tinc.pubkey = tinc-for "gum";
};
};
- ssh.pubkey = sshd-for "gum";
};
sdev = rec {
ci = true;
cores = 1;
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = sshd-for "sdev";
nets = {
- retiolum = {
- ip4.addr = "10.243.83.237";
- aliases = [
- "sdev.r"
- ];
- tinc.pubkey = tinc-for "sdev";
- };
+ retiolum.ip4.addr = "10.243.83.237";
};
};
@@ -304,10 +257,6 @@ in {
};
retiolum = {
ip4.addr = "10.243.211.172";
- aliases = [
- "flap.r"
- ];
- tinc.pubkey = tinc-for "flap";
};
};
};
@@ -317,10 +266,6 @@ in {
nets = {
retiolum = {
ip4.addr = "10.243.231.219";
- aliases = [
- "nukular.r"
- ];
- tinc.pubkey = tinc-for "nukular";
};
};
};
@@ -330,10 +275,6 @@ in {
nets = {
retiolum = {
ip4.addr = "10.243.189.130";
- aliases = [
- "filebitch.r"
- ];
- tinc.pubkey = tinc-for "filebitch";
};
};
};
@@ -343,10 +284,6 @@ in {
nets = {
retiolum = {
ip4.addr = "10.243.0.163";
- aliases = [
- "senderechner.r"
- ];
- tinc.pubkey = tinc-for "senderechner";
};
};
};
diff --git a/krebs/3modules/makefu/tinc/cake.pub b/krebs/3modules/makefu/retiolum/cake.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/cake.pub
rename to krebs/3modules/makefu/retiolum/cake.pub
diff --git a/krebs/3modules/makefu/tinc/crapi.pub b/krebs/3modules/makefu/retiolum/crapi.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/crapi.pub
rename to krebs/3modules/makefu/retiolum/crapi.pub
diff --git a/krebs/3modules/makefu/tinc/filebitch.pub b/krebs/3modules/makefu/retiolum/filebitch.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/filebitch.pub
rename to krebs/3modules/makefu/retiolum/filebitch.pub
diff --git a/krebs/3modules/makefu/tinc/fileleech.pub b/krebs/3modules/makefu/retiolum/fileleech.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/fileleech.pub
rename to krebs/3modules/makefu/retiolum/fileleech.pub
diff --git a/krebs/3modules/makefu/tinc/filepimp.pub b/krebs/3modules/makefu/retiolum/filepimp.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/filepimp.pub
rename to krebs/3modules/makefu/retiolum/filepimp.pub
diff --git a/krebs/3modules/makefu/tinc/firecracker.pub b/krebs/3modules/makefu/retiolum/firecracker.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/firecracker.pub
rename to krebs/3modules/makefu/retiolum/firecracker.pub
diff --git a/krebs/3modules/makefu/tinc/flap.pub b/krebs/3modules/makefu/retiolum/flap.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/flap.pub
rename to krebs/3modules/makefu/retiolum/flap.pub
diff --git a/krebs/3modules/makefu/tinc/gum.pub b/krebs/3modules/makefu/retiolum/gum.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/gum.pub
rename to krebs/3modules/makefu/retiolum/gum.pub
diff --git a/krebs/3modules/makefu/tinc/nukular.pub b/krebs/3modules/makefu/retiolum/nukular.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/nukular.pub
rename to krebs/3modules/makefu/retiolum/nukular.pub
diff --git a/krebs/3modules/makefu/tinc/omo.pub b/krebs/3modules/makefu/retiolum/omo.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/omo.pub
rename to krebs/3modules/makefu/retiolum/omo.pub
diff --git a/krebs/3modules/makefu/tinc/sdev.pub b/krebs/3modules/makefu/retiolum/sdev.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/sdev.pub
rename to krebs/3modules/makefu/retiolum/sdev.pub
diff --git a/krebs/3modules/makefu/tinc/senderechner.pub b/krebs/3modules/makefu/retiolum/senderechner.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/senderechner.pub
rename to krebs/3modules/makefu/retiolum/senderechner.pub
diff --git a/krebs/3modules/makefu/tinc/studio.pub b/krebs/3modules/makefu/retiolum/studio.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/studio.pub
rename to krebs/3modules/makefu/retiolum/studio.pub
diff --git a/krebs/3modules/makefu/tinc/tsp.pub b/krebs/3modules/makefu/retiolum/tsp.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/tsp.pub
rename to krebs/3modules/makefu/retiolum/tsp.pub
diff --git a/krebs/3modules/makefu/tinc/wbob.pub b/krebs/3modules/makefu/retiolum/wbob.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/wbob.pub
rename to krebs/3modules/makefu/retiolum/wbob.pub
diff --git a/krebs/3modules/makefu/tinc/x.pub b/krebs/3modules/makefu/retiolum/x.pub
similarity index 100%
rename from krebs/3modules/makefu/tinc/x.pub
rename to krebs/3modules/makefu/retiolum/x.pub
diff --git a/krebs/3modules/makefu/wiregrill/gum.pub b/krebs/3modules/makefu/wiregrill/gum.pub
new file mode 100644
index 000000000..4a5f666cc
--- /dev/null
+++ b/krebs/3modules/makefu/wiregrill/gum.pub
@@ -0,0 +1 @@
+yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo=
diff --git a/krebs/3modules/makefu/wiregrill/x.pub b/krebs/3modules/makefu/wiregrill/x.pub
new file mode 100644
index 000000000..cfa9eb254
--- /dev/null
+++ b/krebs/3modules/makefu/wiregrill/x.pub
@@ -0,0 +1 @@
+fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g=
From ec2dffd71e30f831c4ff631713dd14bea9e48df3 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 27 Feb 2019 23:58:28 +0100
Subject: [PATCH 095/107] ma: add base name to aliases when overriding
---
krebs/3modules/makefu/default.nix | 3 +++
1 file changed, 3 insertions(+)
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index c65b27973..b38c9104f 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -132,6 +132,7 @@ in {
retiolum = {
ip4.addr = "10.243.0.89";
aliases = [
+ "omo.r"
"dcpp.omo.r"
"torrent.omo.r"
];
@@ -145,6 +146,7 @@ in {
retiolum = {
ip4.addr = "10.243.214.15";
aliases = [
+ "wbob.r"
"hydra.wbob.r"
];
};
@@ -206,6 +208,7 @@ in {
via = internet;
ip4.addr = "10.243.0.213";
aliases = [
+ "gum.r"
"backup.makefu.r"
"blog.gum.r"
"blog.makefu.r"
From 4b7673a6a7f221119883ec043519b2f7323779e1 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 1 Mar 2019 11:25:44 +0100
Subject: [PATCH 096/107] external: add palo-pepe.pubkey
---
krebs/3modules/external/palo.nix | 3 +++
1 file changed, 3 insertions(+)
diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix
index e151ad358..cefac0959 100644
--- a/krebs/3modules/external/palo.nix
+++ b/krebs/3modules/external/palo.nix
@@ -76,6 +76,9 @@ in {
users = {
palo = {
};
+ palo-pepe = {
+ pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCe3j1dk8o7e0cFn+RepOjdeYcS0YcG0d6NnsMoq8pjqzLRuvOVN4CmsuRo4UJtWOUVv8kIWLcegks2RXbKOSTFAnvEIpPlSmL3BgvFGmUiOmPw1w93yxdVnfd9kJ6SBNuS+kFspKPvOEV9yVpjTywKZ0qKWjRd89Vz2+8aFJ/R3hyE+YqpzlzYbrucEIXbEWESqnzrx61NrWwd1ueHj0RYMDBjIJjVfIIK3W32vQ//pYJio1di0PpOPK2Ya0yugSixymuQBvzCgaedVeLdJ0k1d7d5iVb4LjCR8zg0Jnf1RLfpqRrFYwMJpwuhtIEevfNrhzqZA58QgHO6iOg50FeaD5k1rlWfoOvX2rcV5iqCC9jClIfMKzePdm+MeVorBXp+bflOhyPJG+Qrz6NTE9Ohe5A71Z0bBa96MEoW1hyrLCn0+z+Cx5kt7n2QzAAa/VPNjRDZeHbsu26MrvViEoh+FcPqx4DUIUaDRs/TNIvMGAl14E6gur68AI01a0PZJ/gnqZeOJKuyz4pKT0nIcg0EvkjXM2uEJ9m8h4IBAqTUYMZYm7iJBfpbwT6ePxFfah4q960orBUwW87CyPu/wDGmDblQ7dpkuw+skpzNgOGzerDyGAGKOsjGfYZpqsv9303S2f7884NAIK1ohgpMELytEYpY4YNi2KQYfHhgoQRJ5w== palo@pepe";
+ };
};
}
From 244c773212b9bd37b5f9d03434708640b7d72ad0 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 4 Mar 2019 00:49:16 +0100
Subject: [PATCH 097/107] nixpkgs: 9bd45dd -> 4c0be40
---
krebs/nixpkgs.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index b6124ad41..b93f612dd 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "9bd45dddf8171e2fd4288d684f4f70a2025ded19",
- "date": "2019-02-15T12:11:24-05:00",
- "sha256": "1idrxrymwqfsfysav3yl8lya1jhgg8xzgq9hy7dpdd63770vn8c1",
+ "rev": "4c0be40815511c7e5f592e95587ef075487639b5",
+ "date": "2019-03-02T20:00:09+00:00",
+ "sha256": "1vk04dsbvhj99s2pdwq0m5glckxqa8c1wz3p14d4zabkggnqhini",
"fetchSubmodules": false
}
From fb1d5f4addd1b3b564248b1359253bf788b1c08a Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 4 Mar 2019 08:47:18 +0100
Subject: [PATCH 098/107] ma pkgs.Fluffy: init at 2.7
---
makefu/5pkgs/Fluffy/default.nix | 42 +++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)
create mode 100644 makefu/5pkgs/Fluffy/default.nix
diff --git a/makefu/5pkgs/Fluffy/default.nix b/makefu/5pkgs/Fluffy/default.nix
new file mode 100644
index 000000000..59a04a52d
--- /dev/null
+++ b/makefu/5pkgs/Fluffy/default.nix
@@ -0,0 +1,42 @@
+{ lib, pkgs, python3Packages, ... }:
+
+with python3Packages; buildPythonApplication rec {
+ name = "Fluffy-${version}";
+ format = "other";
+ version = "2.7";
+
+ src = pkgs.fetchFromGitHub {
+ owner = "fourminute";
+ repo = "Fluffy";
+ rev = "v${version}";
+ sha256 = "1l346bklidcl40q91cfdszrfskdwlmfjbmsc3mgs0i8wi1yhvq99";
+ };
+
+ prePatch = ''
+ sed -e "s|/tmp|$HOME/.config/fluffy|" -i linux/fluffy.desktop
+ '';
+
+ installPhase = ''
+ env
+ install -Dm 644 linux/80-fluffy-switch.rules "$out/etc/udev/rules.d/80-fluffy-switch.rules"
+ install -Dm 644 linux/fluffy.desktop "$out/usr/share/applications/fluffy.desktop"
+ install -Dm 644 icons/16x16/fluffy.png "$out/share/icons/hicolor/16x16/apps/fluffy.png"
+ install -Dm 644 icons/24x24/fluffy.png "$out/share/icons/hicolor/24x24/apps/fluffy.png"
+ install -Dm 644 icons/32x32/fluffy.png "$out/share/icons/hicolor/32x32/apps/fluffy.png"
+ install -Dm 644 icons/48x48/fluffy.png "$out/share/icons/hicolor/48x48/apps/fluffy.png"
+ install -Dm 644 icons/64x64/fluffy.png "$out/share/icons/hicolor/64x64/apps/fluffy.png"
+ install -Dm 644 icons/128x128/fluffy.png "$out/share/icons/hicolor/128x128/apps/fluffy.png"
+ install -Dm 755 fluffy.pyw "$out/bin/fluffy"
+ wrapProgram "$out/bin/fluffy" --set PYTHONPATH "$PYTHONPATH"
+ '';
+
+ propagatedBuildInputs = [
+ pyqt5 pyusb libusb1 configparser tkinter
+ ];
+
+ meta = {
+ homepage = https://github.com/fourminute/Fluffy;
+ description = "A feature-rich tool for installing NSPs";
+ license = lib.licenses.gpl3;
+ };
+}
From 9c702551abbf5c486d9dac3becc4d5e998511a52 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 6 Mar 2019 16:42:27 +0100
Subject: [PATCH 099/107] ma bureautomation: split into files
---
makefu/1systems/wbob/config.nix | 3 +-
.../bureautomation/automation/10h_timer.nix | 147 ++++++++
.../automation/bureau-shutdown.nix | 55 +++
.../bureautomation/automation/nachtlicht.nix | 43 +++
.../bureautomation/binary_sensor/buttons.nix | 17 +
.../bureautomation/binary_sensor/motion.nix | 12 +
.../bureautomation/camera/verkehrskamera.nix | 14 +
makefu/2configs/bureautomation/hass.nix | 317 ++++--------------
.../led-fader.nix | 2 +-
.../2configs/bureautomation/light/buzzer.nix | 28 ++
.../bureautomation/light/statuslight.nix | 56 ++++
.../bureautomation/script/multi_blink.nix | 37 ++
.../bureautomation/sensor/espeasy.nix | 31 ++
.../bureautomation/sensor/influxdb.nix | 18 +
.../bureautomation/sensor/outside.nix | 25 ++
.../bureautomation/switch/tasmota_switch.nix | 19 ++
16 files changed, 561 insertions(+), 263 deletions(-)
create mode 100644 makefu/2configs/bureautomation/automation/10h_timer.nix
create mode 100644 makefu/2configs/bureautomation/automation/bureau-shutdown.nix
create mode 100644 makefu/2configs/bureautomation/automation/nachtlicht.nix
create mode 100644 makefu/2configs/bureautomation/binary_sensor/buttons.nix
create mode 100644 makefu/2configs/bureautomation/binary_sensor/motion.nix
create mode 100644 makefu/2configs/bureautomation/camera/verkehrskamera.nix
rename makefu/2configs/{deployment => bureautomation}/led-fader.nix (94%)
create mode 100644 makefu/2configs/bureautomation/light/buzzer.nix
create mode 100644 makefu/2configs/bureautomation/light/statuslight.nix
create mode 100644 makefu/2configs/bureautomation/script/multi_blink.nix
create mode 100644 makefu/2configs/bureautomation/sensor/espeasy.nix
create mode 100644 makefu/2configs/bureautomation/sensor/influxdb.nix
create mode 100644 makefu/2configs/bureautomation/sensor/outside.nix
create mode 100644 makefu/2configs/bureautomation/switch/tasmota_switch.nix
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index 3930406b1..ab77f16dd 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -9,6 +9,7 @@ in {
imports =
[ # Include the results of the hardware scan.
<stockholm/makefu>
+ <stockholm/makefu/2configs/support-nixos.nix>
<stockholm/makefu/2configs/zsh-user.nix>
<stockholm/makefu/2configs/tools/core.nix>
# <stockholm/makefu/2configs/disable_v6.nix>
@@ -39,7 +40,6 @@ in {
<stockholm/makefu/2configs/stats/telegraf/europastats.nix>
<stockholm/makefu/2configs/stats/external/aralast.nix>
<stockholm/makefu/2configs/stats/arafetch.nix>
- <stockholm/makefu/2configs/deployment/led-fader.nix>
<stockholm/makefu/2configs/hw/mceusb.nix>
# <stockholm/makefu/2configs/stats/telegraf/bamstats.nix>
{ environment.systemPackages = [ pkgs.vlc ]; }
@@ -51,6 +51,7 @@ in {
];
}
<stockholm/makefu/2configs/bureautomation>
+ <stockholm/makefu/2configs/bureautomation/led-fader.nix>
<stockholm/makefu/2configs/bureautomation/mpd.nix>
<stockholm/makefu/2configs/bureautomation/hass.nix>
(let
diff --git a/makefu/2configs/bureautomation/automation/10h_timer.nix b/makefu/2configs/bureautomation/automation/10h_timer.nix
new file mode 100644
index 000000000..a311d468c
--- /dev/null
+++ b/makefu/2configs/bureautomation/automation/10h_timer.nix
@@ -0,0 +1,147 @@
+[
+ { alias = "start Felix 10h";
+ trigger = {
+ platform = "state";
+ entity_id = "binary_sensor.redbutton";
+ to = "on";
+ };
+ condition = {
+ condition = "and";
+ conditions = [
+ {
+ condition = "state";
+ entity_id = "timer.felix_10h";
+ state = "idle";
+ }
+ {
+ condition = "time";
+ after = "06:00:00";
+ before = "12:00:00";
+ }
+ ];
+ };
+ action = [
+ { service = "timer.start";
+ entity_id = [ "timer.felix_10h" "timer.felix_8_30h" "timer.felix_7h" ] ;
+ }
+ { service = "homeassistant.turn_on";
+ entity_id = [
+ "script.buzz_red_led_fast"
+ "script.blitz_10s"
+ ];
+ }
+ { service = "light.turn_on";
+ data = {
+ effect = "2";
+ entity_id = [ "light.status_felix" ];
+ };
+ }
+ ];
+ }
+
+ { alias = "Disable Felix timer at button press";
+ trigger = {
+ platform = "state";
+ entity_id = "binary_sensor.redbutton";
+ to = "on";
+ };
+ condition = {
+ condition = "and";
+ conditions = [
+ {
+ condition = "state";
+ entity_id = "timer.felix_10h";
+ state = "active";
+ }
+ {
+ condition = "time";
+ after = "12:00:00";
+ before = "22:00:00";
+ }
+ ];
+ };
+ action =
+ [
+ {
+ service = "timer.cancel";
+ entity_id = [ "timer.felix_10h" "timer.felix_8_30h" "timer.felix_7h" ];
+ }
+ {
+ service = "homeassistant.turn_on";
+ entity_id = [ "script.buzz_red_led_fast" ];
+ }
+ {
+ service = "homeassistant.turn_off";
+ entity_id = [ "light.status_felix" ];
+ }
+ ];
+ }
+
+ {
+ alias = "Genug gearbeitet Felix";
+ trigger =
+ {
+ platform = "event";
+ event_type = "timer.finished";
+ event_data.entity_id = "timer.felix_7h";
+ };
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ rgb_color= [0 255 0];
+ # effect = "0";
+ entity_id = [ "light.status_felix" ];
+ };
+ }
+ ];
+ }
+
+ {
+ alias = "nun aber nach hause";
+ trigger =
+ {
+ platform = "event";
+ event_type = "timer.finished";
+ event_data.entity_id = "timer.felix_8_30h";
+ };
+ action =
+ [
+ { service = "light.turn_on";
+ data = {
+ rgb_color= [255 255 0];
+ # effect = "0";
+ entity_id = [ "light.status_felix" ];
+ };
+ }
+ ];
+ }
+
+ {
+ alias = "Zu lange Felix!";
+ trigger =
+ {
+ platform = "event";
+ event_type = "timer.finished";
+ event_data.entity_id = "timer.felix_10h";
+ };
+ action =
+ [
+ # TODO: Pushbullet
+ {
+ service = "homeassistant.turn_on";
+ entity_id = [
+ "script.buzz_red_led"
+ "script.blitz_10s"
+ ];
+ }
+ { service = "light.turn_on";
+ data = {
+ rgb_color= [255 0 0];
+ effect = "0";
+ entity_id = [ "light.status_felix" ];
+ };
+ }
+ ];
+ }
+]
diff --git a/makefu/2configs/bureautomation/automation/bureau-shutdown.nix b/makefu/2configs/bureautomation/automation/bureau-shutdown.nix
new file mode 100644
index 000000000..9e6574300
--- /dev/null
+++ b/makefu/2configs/bureautomation/automation/bureau-shutdown.nix
@@ -0,0 +1,55 @@
+[
+ { alias = "Turn on Fernseher on movement";
+ trigger = {
+ platform = "state";
+ entity_id = "binary_sensor.motion";
+ to = "on";
+ };
+ action = {
+ service = "homeassistant.turn_on";
+ entity_id = [
+ "switch.fernseher"
+ "switch.feuer"
+ ];
+ };
+ }
+ { alias = "Turn off Fernseher 10 minutes after last movement";
+ trigger = [
+ { # trigger when movement was detected at the time
+ platform = "state";
+ entity_id = "binary_sensor.motion";
+ to = "off";
+ for.minutes = 10;
+ }
+ { # trigger at 20:00 no matter what
+ # to avoid 'everybody left before 18:00:00'
+ platform = "time";
+ at = "18:00:00";
+ }
+ ];
+ action = {
+ service = "homeassistant.turn_off";
+ entity_id = [
+ "switch.fernseher"
+ "switch.feuer"
+ "light.status_felix"
+ ];
+ };
+ condition =
+ { condition = "and";
+ conditions = [
+ {
+ condition = "time";
+ before = "06:30:00"; #only turn off between 6:30 and 18:00
+ after = "18:00:00";
+ # weekday = [ "mon" "tue" "wed" "thu" "fri" ];
+ }
+ {
+ condition = "state";
+ entity_id = "binary_sensor.motion";
+ state = "off";
+ }
+ ];
+ };
+ }
+]
diff --git a/makefu/2configs/bureautomation/automation/nachtlicht.nix b/makefu/2configs/bureautomation/automation/nachtlicht.nix
new file mode 100644
index 000000000..066e9b06c
--- /dev/null
+++ b/makefu/2configs/bureautomation/automation/nachtlicht.nix
@@ -0,0 +1,43 @@
+[
+ {
+ alias = "Turn off Nachtlicht on sunrise";
+ trigger =
+ {
+ platform = "sun";
+ event = "sunrise";
+ };
+ action =
+ {
+ service = "homeassistant.turn_off";
+ entity_id = [ "switch.nachtlicht" ];
+ };
+ }
+
+ {
+ alias = "Turn on Nachtlicht on motion and dusk";
+ trigger =
+ {
+ platform = "state";
+ entity_id = "binary_sensor.motion";
+ to = "on";
+ };
+ condition = # 'when dark'
+ {
+ condition = "or";
+ conditions = [
+ { condition = "sun";
+ after = "sunset";
+ after_offset = "-00:45:00"; # on dusk
+ }
+ { condition = "sun";
+ before = "sunrise";
+ }
+ ];
+ };
+ action =
+ {
+ service = "homeassistant.turn_on";
+ entity_id = [ "switch.nachtlicht" ];
+ };
+ }
+]
diff --git a/makefu/2configs/bureautomation/binary_sensor/buttons.nix b/makefu/2configs/bureautomation/binary_sensor/buttons.nix
new file mode 100644
index 000000000..e23c4a362
--- /dev/null
+++ b/makefu/2configs/bureautomation/binary_sensor/buttons.nix
@@ -0,0 +1,17 @@
+let
+ tasmota_button = name: topic:
+ # detects a pushbutton press from tasmota
+ { platform = "mqtt";
+ inherit name;
+ state_topic = "/bam/${topic}/cmnd/POWER";
+ availability_topic = "/bam/${topic}/tele/LWT";
+ payload_on = "ON";
+ payload_off = "OFF";
+ payload_available= "Online";
+ payload_not_available= "Offline";
+ # expire_after = "5"; #expire after 5 seconds
+ qos = 1;
+ };
+in [
+ (tasmota_button "RedButton" "redbutton")
+]
diff --git a/makefu/2configs/bureautomation/binary_sensor/motion.nix b/makefu/2configs/bureautomation/binary_sensor/motion.nix
new file mode 100644
index 000000000..ad8fab038
--- /dev/null
+++ b/makefu/2configs/bureautomation/binary_sensor/motion.nix
@@ -0,0 +1,12 @@
+[
+ { platform = "mqtt";
+ device_class = "motion";
+ name = "Motion";
+ state_topic = "/bam/easy2/movement/Switch";
+ payload_on = "1";
+ payload_off = "0";
+ availability_topic = "/bam/easy2/tele/LWT";
+ payload_available = "Online";
+ payload_not_available = "Offline";
+ }
+]
diff --git a/makefu/2configs/bureautomation/camera/verkehrskamera.nix b/makefu/2configs/bureautomation/camera/verkehrskamera.nix
new file mode 100644
index 000000000..f2dfdcd91
--- /dev/null
+++ b/makefu/2configs/bureautomation/camera/verkehrskamera.nix
@@ -0,0 +1,14 @@
+[
+ { name = "Baumarkt";
+ platform = "generic";
+ still_image_url = http://t4915209254324-p80-c0-h6jv2afnujcoftrcstsafb45kdrqv4buy.webdirect.mdex.de/oneshotimage ;# baumarkt
+ }
+ { name = "Autobahn Heilbronn";
+ platform = "generic";
+ still_image_url = https://api.svz-bw.de/v2/verkehrskameras/kameras/K10 ;
+ }
+ { name = "Autobahn Singen";
+ platform = "generic";
+ still_image_url = https://api.svz-bw.de/v2/verkehrskameras/kameras/K11 ;
+ }
+]
diff --git a/makefu/2configs/bureautomation/hass.nix b/makefu/2configs/bureautomation/hass.nix
index b70c9b030..007d00b09 100644
--- a/makefu/2configs/bureautomation/hass.nix
+++ b/makefu/2configs/bureautomation/hass.nix
@@ -1,76 +1,5 @@
{ pkgs, lib, ... }:
let
- tasmota_rgb = name: topic:
-# LED WS2812b
-# effect_state_topic: "stat/led/Scheme"
-# effect_command_topic: "cmnd/led/Scheme"
-# effect_value_template: "{{ value_json.Scheme }}"
- { platform = "mqtt";
- inherit name;
- retain = false;
- qos = 1;
- optimistic = false;
- # state
- # TODO: currently broken, will not use the custom state topic
- state_topic = "/bam/${topic}/stat/POWER";
- command_topic = "/bam/${topic}/cmnd/POWER";
- availability_topic = "/bam/${topic}/tele/LWT";
- payload_on= "ON";
- payload_off= "OFF";
- payload_available= "Online";
- payload_not_available= "Offline";
- # brightness
- brightness_state_topic = "/bam/${topic}/stat/Dimmer";
- brightness_command_topic = "/bam/${topic}/cmnd/Dimmer";
- brightness_value_template = "{{ value_json.Dimmer }}";
- brightness_scale = 100;
- # color
- rgb_state_topic = "/bam/${topic}/stat/Color";
- rgb_command_topic = "/bam/${topic}/cmnd/Color2";
- rgb_command_mode = "hex";
- rgb_command_template = "{{ '%02x%02x%02x' | format(red, green, blue)}}";
- # effects
- effect_state_topic = "/bam/${topic}/stat/Scheme";
- effect_command_topic = "/bam/${topic}/cmnd/Scheme";
- effect_value_template = "{{ value_json.Scheme }}";
- effect_list = [ 0 1 2 3 4 5 6 7 8 9 10 11 12 ];
-};
- tasmota_plug = name: topic:
- { platform = "mqtt";
- inherit name;
- state_topic = "/bam/${topic}/stat/POWER";
- command_topic = "/bam/${topic}/cmnd/POWER";
- availability_topic = "/bam/${topic}/tele/LWT";
- payload_on= "ON";
- payload_off= "OFF";
- payload_available= "Online";
- payload_not_available= "Offline";
- };
- espeasy_dht22 = name: [
- { platform = "mqtt";
- name = "${name} DHT22 Temperature";
- device_class = "temperature";
- state_topic = "/bam/${name}/dht22/Temperature";
- availability_topic = "/bam/${name}/tele/LWT";
- payload_available = "Online";
- payload_not_available = "Offline";
- }
- { platform = "mqtt";
- device_class = "humidity";
- name = "${name} DHT22 Humidity";
- state_topic = "/bam/${name}/dht22/Humidity";
- availability_topic = "/bam/${name}/tele/LWT";
- payload_available = "Online";
- payload_not_available = "Offline";
- }];
- espeasy_ds18 = name:
- { platform = "mqtt";
- name = "${name} DS18 Temperature";
- state_topic = "/bam/${name}/ds18/Temperature";
- availability_topic = "/bam/${name}/tele/LWT";
- payload_available = "Online";
- payload_not_available = "Offline";
- };
in {
networking.firewall.allowedTCPPorts = [ 8123 ];
@@ -104,90 +33,43 @@ in {
retain = true;
};
};
- switch = [
- (tasmota_plug "Bauarbeiterlampe" "plug")
- (tasmota_plug "Blitzdings" "plug2")
- (tasmota_plug "Fernseher" "plug3")
- (tasmota_plug "Feuer" "plug4")
- (tasmota_plug "Nachtlicht" "plug5")
- ];
- light = [
- (tasmota_rgb "Status Felix" "status1")
- ];
- binary_sensor = [
- { platform = "mqtt";
- device_class = "motion";
- name = "Motion";
- state_topic = "/bam/easy2/movement/Switch";
- payload_on = "1";
- payload_off = "0";
- availability_topic = "/bam/easy2/tele/LWT";
- payload_available = "Online";
- payload_not_available = "Offline";
+ switch = (import ./switch/tasmota_switch.nix);
+ light = (import ./light/statuslight.nix) ++
+ (import ./light/buzzer.nix);
+ timer = {
+ felix_10h = {
+ name = "Felix 10h Timer";
+ duration = "10:00:00";
+ };
+ felix_8_30h = {
+ name = "Felix 8_30h Timer";
+ duration = "08:30:00";
+ };
+ felix_7h = {
+ name = "Felix 7h Timer";
+ duration = "07:00:00";
+ };
+ };
+ notify = [
+ {
+ platform = "kodi";
+ name = "wbob";
+ host = "192.168.8.11";
}
];
- sensor =
- (espeasy_dht22 "easy1") ++
- (espeasy_dht22 "easy2") ++
- [ (espeasy_ds18 "easy3" )
- { platform = "luftdaten";
- name = "Ditzingen";
- sensorid = "5341";
- monitored_conditions = [ "P1" "P2" ];
- }
+ script = (import ./script/multi_blink.nix) {inherit lib;};
+ binary_sensor =
+ (import ./binary_sensor/buttons.nix) ++
+ (import ./binary_sensor/motion.nix);
+
+ sensor =
+ (import ./sensor/espeasy.nix) ++
+ ((import ./sensor/outside.nix) {inherit lib;}) ++
+ (import ./sensor/influxdb.nix);
+
+ camera =
+ (import ./camera/verkehrskamera.nix);
- { platform = "darksky";
- api_key = lib.removeSuffix "\n"
- (builtins.readFile <secrets/hass/darksky.apikey>);
- language = "de";
- monitored_conditions = [ "summary" "icon"
- "nearest_storm_distance" "precip_probability"
- "precip_intensity"
- "temperature" # "temperature_high" "temperature_low"
- "apparent_temperature"
- "hourly_summary" # next 24 hours text
- "humidity"
- "pressure"
- "uv_index" ];
- units = "si" ;
- update_interval = {
- days = 0;
- hours = 0;
- minutes = 30;
- seconds = 0;
- };
- }
- #{ platform = "influxdb";
- # queries = [
- # { name = "mean value of feinstaub P1";
- # where = '' "node" = 'esp8266-1355142' '';
- # measurement = "feinstaub";
- # database = "telegraf";
- # field = "P1";
- # }
- # { name = "mean value of feinstaub P2";
- # where = '' "node" = 'esp8266-1355142' '';
- # measurement = "feinstaub";
- # database = "telegraf";
- # field = "P2";
- # }
- # ];
- #}
- ];
- camera = [
- { name = "Baumarkt";
- platform = "generic";
- still_image_url = http://t4915209254324-p80-c0-h6jv2afnujcoftrcstsafb45kdrqv4buy.webdirect.mdex.de/oneshotimage ;# baumarkt
- }
- { name = "Autobahn Heilbronn";
- platform = "generic";
- still_image_url = https://api.svz-bw.de/v2/verkehrskameras/kameras/K10 ;
- }
- { name = "Autobahn Singen";
- platform = "generic";
- still_image_url = https://api.svz-bw.de/v2/verkehrskameras/kameras/K11 ;
- }
- ];
frontend = { };
http = { };
conversation = {};
@@ -203,13 +85,14 @@ in {
"group.outside"
"group.switches"
"group.automation"
- "group.camera"
+ # "group.camera"
];
};
automation = [
- "automation.turn_off_fernseher_10_minutes_after_last_movement"
- "automation.turn_off_nachtlicht_on_sunrise"
- "automation.turn_on_nachtlicht_on_motion_and_dusk"
+ "timer.felix_10h"
+ "script.blitz_10s"
+ "script.buzz_red_led_fast"
+ "camera.Baumarkt"
];
switches = [
"switch.bauarbeiterlampe"
@@ -218,125 +101,37 @@ in {
"switch.feuer"
"switch.nachtlicht"
"light.status_felix"
+ "light.status_daniel"
+ "light.buslicht"
+ "light.redbutton_buzzer"
];
- camera = [
- "camera.Baumarkt"
- "camera.Autobahn_Heilbronn"
- "camera.Autobahn_Singen"
- ];
+
+ camera = [ ];
sensors = [
"binary_sensor.motion"
+ "binary_sensor.redbutton"
"sensor.easy2_dht22_humidity"
"sensor.easy2_dht22_temperature"
];
outside = [
- "sensor.ditzingen_pm10"
- "sensor.ditzingen_pm25"
+ # "sensor.ditzingen_pm10"
+ # "sensor.ditzingen_pm25"
"sensor.dark_sky_temperature"
"sensor.dark_sky_humidity"
- "sensor.dark_sky_pressure"
+ # "sensor.dark_sky_pressure"
"sensor.dark_sky_hourly_summary"
- "sensor.dark_sky_minutely_summary"
+ "camera.Autobahn_Heilbronn"
+ "camera.Autobahn_Singen"
];
};
# only for automation
# feedreader.urls = [ "http://www.heise.de/security/rss/news-atom.xml" ];
- automation = [
- { alias = "Turn on Fernseher on movement";
- trigger = {
- platform = "state";
- entity_id = "binary_sensor.motion";
- to = "on";
- };
- action = {
- service = "homeassistant.turn_on";
- entity_id = [
- "switch.fernseher"
- "switch.feuer"
- "light.status_felix"
- ];
- };
- }
- {
- alias = "Turn off Nachtlicht on sunrise";
- trigger =
- {
- platform = "sun";
- event = "sunrise";
- };
- action =
- {
- service = "homeassistant.turn_off";
- entity_id = [ "switch.nachtlicht" ];
- };
- }
- {
- alias = "Turn on Nachtlicht on motion and dusk";
- trigger =
- {
- platform = "state";
- entity_id = "binary_sensor.motion";
- to = "on";
- };
- condition = # 'when dark'
- {
- condition = "or";
- conditions = [
- { condition = "sun";
- after = "sunset";
- after_offset = "-00:45:00"; # on dusk
- }
- { condition = "sun";
- before = "sunrise";
- }
- ];
- };
- action =
- {
- service = "homeassistant.turn_on";
- entity_id = [ "switch.nachtlicht" ];
- };
- }
- { alias = "Turn off Fernseher 10 minutes after last movement";
- trigger = [
- { # trigger when movement was detected at the time
- platform = "state";
- entity_id = "binary_sensor.motion";
- to = "off";
- for.minutes = 10;
- }
- { # trigger at 20:00 no matter what
- # to avoid 'everybody left before 18:00:00'
- platform = "time";
- at = "18:00:00";
- }
- ];
- action = {
- service = "homeassistant.turn_off";
- entity_id = [
- "switch.fernseher"
- "switch.feuer"
- "light.status_felix"
- ];
- };
- condition =
- { condition = "and";
- conditions = [
- {
- condition = "time";
- before = "06:30:00"; #only turn off between 6:30 and 18:00
- after = "18:00:00";
- # weekday = [ "mon" "tue" "wed" "thu" "fri" ];
- }
- {
- condition = "state";
- entity_id = "binary_sensor.motion";
- state = "off";
- }
- ];
- };
- }
- ];
+ # we don't use imports because the expressions do not merge in
+ # home-assistant
+ automation = (import ./automation/bureau-shutdown.nix) ++
+ (import ./automation/nachtlicht.nix) ++
+ (import ./automation/10h_timer.nix);
+
};
};
}
diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/bureautomation/led-fader.nix
similarity index 94%
rename from makefu/2configs/deployment/led-fader.nix
rename to makefu/2configs/bureautomation/led-fader.nix
index d34b66125..d7f728534 100644
--- a/makefu/2configs/deployment/led-fader.nix
+++ b/makefu/2configs/bureautomation/led-fader.nix
@@ -14,7 +14,7 @@ in {
serviceConfig = {
# User = "nobody"; # need a user with permissions to run nix-shell
ExecStartPre = pkgs.writeDash "sleep.sh" "sleep 2";
- ExecStart = "${pkg}/bin/ampel 4";
+ ExecStart = "${pkg}/bin/ampel";
Restart = "always";
RestartSec = 10;
PrivateTmp = true;
diff --git a/makefu/2configs/bureautomation/light/buzzer.nix b/makefu/2configs/bureautomation/light/buzzer.nix
new file mode 100644
index 000000000..2067e47bf
--- /dev/null
+++ b/makefu/2configs/bureautomation/light/buzzer.nix
@@ -0,0 +1,28 @@
+let
+ tasmota_pwm = name: topic: pwmid: max:
+ let
+ id = "PWM${toString pwmid}";
+ in { platform = "mqtt";
+ inherit name;
+ state_topic = "/bam/${topic}/stat/RESULT";
+ state_value_template = ''{%- if value_json["PWM"]["${id}"]| int > 0 -%} ${toString max} {%- else -%} 0 {%- endif -%}'';
+
+ command_topic = "/bam/${topic}/cmnd/${id}";
+ on_command_type = "brightness";
+ brightness_command_topic = "/bam/${topic}/cmnd/${id}";
+ brightness_value_template = ''{{value_json["PWM"]["${id}"]}}'';
+ brightness_scale = max;
+ payload_on = "${toString max}";
+ payload_off = "0";
+ availability_topic = "/bam/${topic}/tele/LWT";
+ payload_available= "Online";
+ payload_not_available= "Offline";
+ retain = true;
+ optimistic = false;
+ qos = 0;
+ };
+in
+[
+# (tasmota_pwm "RedButton LED" "redbutton" 1 1023) #LED PWM1
+ (tasmota_pwm "RedButton Buzzer" "redbutton" 2 512) #buzzer PWM2
+]
diff --git a/makefu/2configs/bureautomation/light/statuslight.nix b/makefu/2configs/bureautomation/light/statuslight.nix
new file mode 100644
index 000000000..3a9582f2f
--- /dev/null
+++ b/makefu/2configs/bureautomation/light/statuslight.nix
@@ -0,0 +1,56 @@
+let
+ tasmota_rgb = name: topic:
+# LED WS2812b
+# effect_state_topic: "stat/led/Scheme"
+# effect_command_topic: "cmnd/led/Scheme"
+# effect_value_template: "{{ value_json.Scheme }}"
+ { platform = "mqtt";
+ inherit name;
+ retain = false;
+ qos = 1;
+ optimistic = false;
+ # state
+ # TODO: currently broken, will not use the custom state topic
+ state_topic = "/bam/${topic}/stat/POWER";
+ command_topic = "/bam/${topic}/cmnd/POWER";
+ availability_topic = "/bam/${topic}/tele/LWT";
+ payload_on= "ON";
+ payload_off= "OFF";
+ payload_available= "Online";
+ payload_not_available= "Offline";
+ # brightness
+ brightness_state_topic = "/bam/${topic}/stat/Dimmer";
+ brightness_command_topic = "/bam/${topic}/cmnd/Dimmer";
+ brightness_value_template = "{{ value_json.Dimmer }}";
+ brightness_scale = 100;
+ # color
+ rgb_state_topic = "/bam/${topic}/stat/Color";
+ rgb_command_topic = "/bam/${topic}/cmnd/Color2";
+ rgb_command_mode = "hex";
+ rgb_command_template = "{{ '%02x%02x%02x' | format(red, green, blue)}}";
+ # effects
+ effect_state_topic = "/bam/${topic}/stat/Scheme";
+ effect_command_topic = "/bam/${topic}/cmnd/Scheme";
+ effect_value_template = "{{ value_json.Scheme }}";
+ effect_list = [
+ 0 # single color for LED light
+ 1 # start wake up sequence (same as Wakeup)
+ 2 # cycle up through colors using Speed option
+ 3 # cycle down through colors using Speed option
+ 4 # random cycle through colors using Speed and Fade
+ 5 # clock mode (example)
+ 6 # candlelight pattern
+ 7 # RGB pattern
+ 8 # Christmas pattern
+ 9 # Hannukah pattern
+ 10 # Kwanzaa pattern
+ 11 # rainbow pattern
+ 12 # fire pattern
+ ];
+ };
+in
+[
+ (tasmota_rgb "Status Felix" "status1")
+ (tasmota_rgb "Status Daniel" "status2")
+ (tasmota_rgb "Buslicht" "buslicht")
+]
diff --git a/makefu/2configs/bureautomation/script/multi_blink.nix b/makefu/2configs/bureautomation/script/multi_blink.nix
new file mode 100644
index 000000000..bb28dd46f
--- /dev/null
+++ b/makefu/2configs/bureautomation/script/multi_blink.nix
@@ -0,0 +1,37 @@
+{lib, ... }:
+let
+ # let an entity blink for X times with a delay of Y milliseconds
+ flash_entity = { entity, delay ? 500, count ? 4, alias ? "${entity}_blink_${toString count}_${toString delay}" }:
+ {
+ inherit alias;
+ sequence = lib.flatten (builtins.genList (i: [
+ { service = "homeassistant.turn_on";
+ data.entity_id = entity;
+ }
+ { delay.milliseconds = delay; }
+ { service = "homeassistant.turn_off";
+ data.entity_id = entity;
+ }
+ { delay.milliseconds = delay; }
+ ]
+ ) count);
+ };
+in {
+ buzz_red_led = (flash_entity {
+ entity = "light.redbutton_buzzer";
+ alias = "Red Button Buzz";
+ count = 4;
+ });
+ buzz_red_led_fast = (flash_entity {
+ entity = "light.redbutton_buzzer";
+ delay = 250;
+ count = 2;
+ alias = "Red Button Buzz fast";
+ });
+ blitz_10s = (flash_entity {
+ entity = "switch.blitzdings";
+ delay = 10000;
+ count = 1;
+ alias = "blitz for 10 seconds";
+ });
+}
diff --git a/makefu/2configs/bureautomation/sensor/espeasy.nix b/makefu/2configs/bureautomation/sensor/espeasy.nix
new file mode 100644
index 000000000..4b78ee84e
--- /dev/null
+++ b/makefu/2configs/bureautomation/sensor/espeasy.nix
@@ -0,0 +1,31 @@
+let
+ espeasy_dht22 = name: [
+ { platform = "mqtt";
+ name = "${name} DHT22 Temperature";
+ device_class = "temperature";
+ state_topic = "/bam/${name}/dht22/Temperature";
+ availability_topic = "/bam/${name}/tele/LWT";
+ payload_available = "Online";
+ payload_not_available = "Offline";
+ }
+ { platform = "mqtt";
+ device_class = "humidity";
+ name = "${name} DHT22 Humidity";
+ state_topic = "/bam/${name}/dht22/Humidity";
+ availability_topic = "/bam/${name}/tele/LWT";
+ payload_available = "Online";
+ payload_not_available = "Offline";
+ }];
+ espeasy_ds18 = name:
+ { platform = "mqtt";
+ name = "${name} DS18 Temperature";
+ state_topic = "/bam/${name}/ds18/Temperature";
+ availability_topic = "/bam/${name}/tele/LWT";
+ payload_available = "Online";
+ payload_not_available = "Offline";
+ };
+in
+(espeasy_dht22 "easy1") ++
+(espeasy_dht22 "easy2") ++ [
+ (espeasy_ds18 "easy3" )
+]
diff --git a/makefu/2configs/bureautomation/sensor/influxdb.nix b/makefu/2configs/bureautomation/sensor/influxdb.nix
new file mode 100644
index 000000000..820a56c4d
--- /dev/null
+++ b/makefu/2configs/bureautomation/sensor/influxdb.nix
@@ -0,0 +1,18 @@
+[
+ #{ platform = "influxdb";
+ # queries = [
+ # { name = "mean value of feinstaub P1";
+ # where = '' "node" = 'esp8266-1355142' '';
+ # measurement = "feinstaub";
+ # database = "telegraf";
+ # field = "P1";
+ # }
+ # { name = "mean value of feinstaub P2";
+ # where = '' "node" = 'esp8266-1355142' '';
+ # measurement = "feinstaub";
+ # database = "telegraf";
+ # field = "P2";
+ # }
+ # ];
+ #}
+]
diff --git a/makefu/2configs/bureautomation/sensor/outside.nix b/makefu/2configs/bureautomation/sensor/outside.nix
new file mode 100644
index 000000000..7dbc192a4
--- /dev/null
+++ b/makefu/2configs/bureautomation/sensor/outside.nix
@@ -0,0 +1,25 @@
+{lib,...}: [
+ { platform = "darksky";
+ api_key = lib.removeSuffix "\n"
+ (builtins.readFile <secrets/hass/darksky.apikey>);
+ language = "de";
+ monitored_conditions = [
+ "summary" "icon"
+ "nearest_storm_distance" "precip_probability"
+ "precip_intensity"
+ "temperature" # "temperature_high" "temperature_low"
+ "apparent_temperature"
+ "hourly_summary" # next 24 hours text
+ "humidity"
+ "pressure"
+ "uv_index"
+ ];
+ units = "si" ;
+ update_interval = { days = 0; hours = 0; minutes = 30; seconds = 0; };
+ }
+ { platform = "luftdaten";
+ name = "Ditzingen";
+ sensorid = "5341";
+ monitored_conditions = [ "P1" "P2" ];
+ }
+ ]
diff --git a/makefu/2configs/bureautomation/switch/tasmota_switch.nix b/makefu/2configs/bureautomation/switch/tasmota_switch.nix
new file mode 100644
index 000000000..b00a8e454
--- /dev/null
+++ b/makefu/2configs/bureautomation/switch/tasmota_switch.nix
@@ -0,0 +1,19 @@
+let
+ tasmota_plug = name: topic:
+ { platform = "mqtt";
+ inherit name;
+ state_topic = "/bam/${topic}/stat/POWER";
+ command_topic = "/bam/${topic}/cmnd/POWER";
+ availability_topic = "/bam/${topic}/tele/LWT";
+ payload_on= "ON";
+ payload_off= "OFF";
+ payload_available= "Online";
+ payload_not_available= "Offline";
+ };
+in [
+ (tasmota_plug "Bauarbeiterlampe" "plug")
+ (tasmota_plug "Blitzdings" "plug2")
+ (tasmota_plug "Fernseher" "plug3")
+ (tasmota_plug "Feuer" "plug4")
+ (tasmota_plug "Nachtlicht" "plug5")
+]
From 7e9a2417ba27a19d6db0a87b075b9d55a237931a Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 6 Mar 2019 16:42:52 +0100
Subject: [PATCH 100/107] ma homeautomation: update google-muell
---
makefu/2configs/homeautomation/default.nix | 65 +++++++++++++++----
.../2configs/homeautomation/google-muell.nix | 3 +-
2 files changed, 55 insertions(+), 13 deletions(-)
diff --git a/makefu/2configs/homeautomation/default.nix b/makefu/2configs/homeautomation/default.nix
index 2af311c3b..4e9ac0ee3 100644
--- a/makefu/2configs/homeautomation/default.nix
+++ b/makefu/2configs/homeautomation/default.nix
@@ -55,7 +55,8 @@ let
payload_not_available = "Offline";
};
- firetv = "192.168.1.238";
+ firetv = "192.168.1.183";
+ hassdir = "/var/lib/hass";
tasmota_plug = name: topic:
{ platform = "mqtt";
inherit name;
@@ -105,13 +106,7 @@ in {
imports = [
./mqtt.nix
];
- #systemd.services.firetv = {
- # wantedBy = [ "multi-user.target" ];
- # serviceConfig = {
- # User = "nobody";
- # ExecStart = "${pkgs.python-firetv}/bin/firetv-server -d ${firetv}:5555";
- # };
- #};
+
services.home-assistant = {
config = {
homeassistant = {
@@ -133,9 +128,11 @@ in {
{ platform = "kodi";
host = firetv;
}
- #{ platform = "firetv";
- # # assumes python-firetv running
- #}
+ { platform = "firetv";
+ name = "FireTV Stick";
+ host = firetv;
+ adbkey = <secrets/hass/adbkey>;
+ }
];
mqtt = {
broker = "localhost";
@@ -211,9 +208,12 @@ in {
flur = [
"light.flurlicht"
"binary_sensor.flur_bewegung"
+ "automation.dunkel_bei_sonnenuntergang"
+ "automation.hell_bei_sonnenaufgang"
];
wohnzimmer = [
"media_player.kodi"
+ "media_player.firetv_stick"
];
draussen = [
"sensor.dark_sky_temperature"
@@ -240,6 +240,47 @@ in {
];
light = [ (tasmota_rgb "Flurlicht" "flurlicht" ) ];
automation = [
+ { alias = "Dunkel bei Sonnenuntergang";
+ trigger = {
+ platform = "sun";
+ event = "sunset";
+ # offset: "-00:45:00"
+ };
+ action = [
+ {
+ service= "light.turn_on";
+ data = {
+ entity_id= "light.flurlicht";
+ # rgb_color = [ 0,0,0 ]; <-- TODO default color
+ brightness_pct = 15;
+ };
+ }
+ {
+ service= "light.turn_off";
+ entity_id= "light.flurlicht";
+ }
+ ];
+ }
+ { alias = "Hell bei Sonnenaufgang";
+ trigger = {
+ platform = "sun";
+ event = "sunrise";
+ # offset: "-00:00:00"
+ };
+ action = [
+ {
+ service= "light.turn_on";
+ data = {
+ entity_id= "light.flurlicht";
+ brightness_pct = 85;
+ };
+ }
+ {
+ service= "light.turn_off";
+ entity_id= "light.flurlicht";
+ }
+ ];
+ }
{ alias = "Staubsauger Strom aus nach 6h";
trigger = {
platform = "state";
@@ -255,7 +296,7 @@ in {
];
};
enable = true;
- #configDir = "/var/lib/hass";
+ configDir = hassdir;
};
nixpkgs.config.permittedInsecurePackages = [
"homeassistant-0.77.2"
diff --git a/makefu/2configs/homeautomation/google-muell.nix b/makefu/2configs/homeautomation/google-muell.nix
index 5870f298d..c81eae201 100644
--- a/makefu/2configs/homeautomation/google-muell.nix
+++ b/makefu/2configs/homeautomation/google-muell.nix
@@ -9,7 +9,8 @@ let
# TODO: generate this credential file locally
ampelcred = "${home}/google-muell-creds.json";
sleepval = "1800";
- default-color = "244,220,66";
+ # default-color = "18,63,40";
+ default-color = "255,127,0";
config_json = toFile "config.json" (toJSON {
mq_hostname = "localhost";
mq_port = 1883;
From 5a26810af163a89bcda3747611bf059c307ce1f3 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 6 Mar 2019 16:43:06 +0100
Subject: [PATCH 101/107] ma pkgs.ampel: bump rev
---
makefu/5pkgs/ampel/default.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/makefu/5pkgs/ampel/default.nix b/makefu/5pkgs/ampel/default.nix
index 70fdfda78..fb722a52f 100644
--- a/makefu/5pkgs/ampel/default.nix
+++ b/makefu/5pkgs/ampel/default.nix
@@ -2,7 +2,7 @@
with pkgs.python3Packages;buildPythonPackage rec {
name = "ampel-${version}";
- version = "0.2.4";
+ version = "0.2.5";
propagatedBuildInputs = [
docopt
@@ -16,8 +16,8 @@ with pkgs.python3Packages;buildPythonPackage rec {
src = pkgs.fetchgit {
url = "http://cgit.euer.krebsco.de/ampel";
- rev = "04e1c8c38ffe53175ae719121ad88534a8a662db";
- sha256 = "00jgr3jg2yi91hd7388v8rncfbq8fx8dvr03sg749dzpsg58hfxn";
+ rev = "ce239876820699f02054e71b4fd0950509833379";
+ sha256 = "1ja32lr04lwq4shi49kppa1zzjw0zlqaqy71pr5sbajgp4zj7kh8";
};
meta = {
homepage = http://cgit.euer.krebsco.de/ampel;
From 593a519f6eb210913be25c441cd54c25c12744c6 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 6 Mar 2019 16:43:52 +0100
Subject: [PATCH 102/107] ma crapi.r: split into software and hardware config
---
makefu/1systems/crapi/config.nix | 33 +------------------
makefu/1systems/crapi/hardware-config.nix | 39 +++++++++++++++++++++++
2 files changed, 40 insertions(+), 32 deletions(-)
create mode 100644 makefu/1systems/crapi/hardware-config.nix
diff --git a/makefu/1systems/crapi/config.nix b/makefu/1systems/crapi/config.nix
index d96b872d5..e7c6c3666 100644
--- a/makefu/1systems/crapi/config.nix
+++ b/makefu/1systems/crapi/config.nix
@@ -1,46 +1,15 @@
{ config, pkgs, lib, ... }:
{
- # :l <nixpkgs>
- # builtins.readDir (pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs-channels"; rev = "6c064e6b"; sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd"; })
imports = [
<stockholm/makefu>
+ ./hardware-config.nix
<stockholm/makefu/2configs>
<stockholm/makefu/2configs/tinc/retiolum.nix>
<stockholm/makefu/2configs/save-diskspace.nix>
];
krebs.build.host = config.krebs.hosts.crapi;
- # NixOS wants to enable GRUB by default
- boot.loader.grub.enable = false;
- # Enables the generation of /boot/extlinux/extlinux.conf
- boot.loader.generic-extlinux-compatible.enable = true;
-
- boot.kernelPackages = pkgs.linuxPackages_rpi;
-
- nix.binaryCaches = [ "http://nixos-arm.dezgeg.me/channel" ];
- nix.binaryCachePublicKeys = [ "nixos-arm.dezgeg.me-1:xBaUKS3n17BZPKeyxL4JfbTqECsT+ysbDJz29kLFRW0=%" ];
-
- fileSystems = {
- "/boot" = {
- device = "/dev/disk/by-label/NIXOS_BOOT";
- fsType = "vfat";
- };
- "/" = {
- device = "/dev/disk/by-label/NIXOS_SD";
- fsType = "ext4";
- };
- };
-
- system.activationScripts.create-swap = ''
- if [ ! -e /swapfile ]; then
- fallocate -l 2G /swapfile
- mkswap /swapfile
- fi
- '';
- swapDevices = [ { device = "/swapfile"; size = 2048; } ];
-
- nix.package = lib.mkForce pkgs.nixStable;
services.openssh.enable = true;
}
diff --git a/makefu/1systems/crapi/hardware-config.nix b/makefu/1systems/crapi/hardware-config.nix
new file mode 100644
index 000000000..bba31dabd
--- /dev/null
+++ b/makefu/1systems/crapi/hardware-config.nix
@@ -0,0 +1,39 @@
+{ pkgs, lib, ... }:
+{
+ #raspi1
+ boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" "console=ttyS1,115200n8" ];
+
+ boot.loader.grub.enable = false;
+ boot.loader.raspberryPi.enable = true;
+ boot.loader.raspberryPi.version = 1;
+ boot.loader.raspberryPi.uboot.enable = true;
+ boot.loader.raspberryPi.uboot.configurationLimit = 1;
+ boot.loader.generationsDir.enable = lib.mkDefault false;
+ hardware.enableRedistributableFirmware = true;
+ boot.cleanTmpDir = true;
+ environment.systemPackages = [ pkgs.raspberrypi-tools ];
+ boot.kernelPackages = pkgs.linuxPackages_rpi;
+
+ nix.binaryCaches = [ "http://nixos-arm.dezgeg.me/channel" ];
+ nix.binaryCachePublicKeys = [ "nixos-arm.dezgeg.me-1:xBaUKS3n17BZPKeyxL4JfbTqECsT+ysbDJz29kLFRW0=%" ];
+
+ fileSystems = {
+ "/boot" = {
+ device = "/dev/disk/by-label/NIXOS_BOOT";
+ fsType = "vfat";
+ };
+ "/" = {
+ device = "/dev/disk/by-label/NIXOS_SD";
+ fsType = "ext4";
+ };
+ };
+
+ system.activationScripts.create-swap = ''
+ if [ ! -e /swapfile ]; then
+ fallocate -l 2G /swapfile
+ mkswap /swapfile
+ chmod 600 /swapfile
+ fi
+ '';
+ swapDevices = [ { device = "/swapfile"; size = 4096; } ];
+}
From 33e5e058c29c27c69db0ae100046dcf000895294 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 6 Mar 2019 16:44:14 +0100
Subject: [PATCH 103/107] ma x.r: re-enable virtualbox
---
makefu/1systems/x/config.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index ceeccc0b2..de55e9e89 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -59,7 +59,7 @@
# Virtualization
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
<stockholm/makefu/2configs/virtualisation/docker.nix>
- # <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
+ <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
#{
# networking.firewall.allowedTCPPorts = [ 8080 ];
# networking.nat = {
From f0b56730f21e14680261b2e3ddcdd438bbd15903 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 6 Mar 2019 16:44:36 +0100
Subject: [PATCH 104/107] ma save-diskspace: programs.info ->
documentation.info
---
makefu/2configs/save-diskspace.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/makefu/2configs/save-diskspace.nix b/makefu/2configs/save-diskspace.nix
index 4fd569768..b6725e730 100644
--- a/makefu/2configs/save-diskspace.nix
+++ b/makefu/2configs/save-diskspace.nix
@@ -4,8 +4,8 @@ _:
environment.noXlibs = true;
nix.gc.automatic = true;
nix.gc.dates = "03:10";
- programs.info.enable = false;
- programs.man.enable = false;
+ documentation.info.enable = false;
+ documentation.man.enable = false;
services.journald.extraConfig = "SystemMaxUse=50M";
services.nixosManual.enable = false;
}
From 6615696461195bbfbfd0fe7ae0d8ff8a4f0b8db1 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 6 Mar 2019 16:45:01 +0100
Subject: [PATCH 105/107] ma pkgs.init-host: init
---
makefu/2configs/tools/dev.nix | 1 +
makefu/5pkgs/init-host/default.nix | 47 ++++++++++++++++++++++++++++++
2 files changed, 48 insertions(+)
create mode 100644 makefu/5pkgs/init-host/default.nix
diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix
index 0c877fc7b..fe25bd49a 100644
--- a/makefu/2configs/tools/dev.nix
+++ b/makefu/2configs/tools/dev.nix
@@ -26,5 +26,6 @@
nix-review
# git-related
tig
+ init-host
];
}
diff --git a/makefu/5pkgs/init-host/default.nix b/makefu/5pkgs/init-host/default.nix
new file mode 100644
index 000000000..d1d3f7195
--- /dev/null
+++ b/makefu/5pkgs/init-host/default.nix
@@ -0,0 +1,47 @@
+{ pkgs }:
+pkgs.writeDashBin "generate-secrets" ''
+ set -euf
+ HOSTNAME="''${1?must provide hostname}"
+ TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d)
+ PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1)
+ HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null
+
+ ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null
+ ${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null
+ ${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null
+ cat <<EOF > $TMPDIR/hashedPasswords.nix
+ {
+ root = "$HASHED_PASSWORD";
+ }
+ EOF
+
+ cd $TMPDIR
+ for x in *; do
+ ${pkgs.coreutils}/bin/cat $x | secrets insert -m $HOSTNAME/$x > /dev/null
+ done
+ echo $PASSWORD | secrets insert -m $HOSTNAME/root > /dev/null
+
+ cat <<EOF
+ $HOSTNAME = {
+ cores = 1;
+ owner = config.krebs.users.makefu;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.0.changeme";
+ ip6.addr = "42:0:0:0:0:0:0:changeme";
+ aliases = [
+ "$HOSTNAME.r"
+ ];
+ tinc.pubkey = ${"''"}
+ $(cat $TMPDIR/retiolum.rsa_key.pub)
+ ${"''"};
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "$(cat $TMPDIR/ssh.id_ed25519.pub)";
+ };
+ EOF
+
+ rm -rf $TMPDIR
+''
+
From da5fb52eb08097565c0e78035beb14a8a0ab2366 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 6 Mar 2019 16:45:38 +0100
Subject: [PATCH 106/107] ma nixpkgs.json: bump revision
---
makefu/krops.nix | 1 +
makefu/nixpkgs.json | 6 +++---
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/makefu/krops.nix b/makefu/krops.nix
index 57a3b3bbf..7c3fbcf4a 100644
--- a/makefu/krops.nix
+++ b/makefu/krops.nix
@@ -23,6 +23,7 @@
# nixos-18.09 @ 2018-09-18
# + uhub/sqlite: 5dd7610401747
# + hovercraft: 7134801b17d72
+ # + PR#53934: eac6797380af1
nixpkgs = if host-src.arm6 then {
# TODO: we want to track the unstable channel
symlink = "/nix/var/nix/profiles/per-user/root/channels/nixos/";
diff --git a/makefu/nixpkgs.json b/makefu/nixpkgs.json
index 7c14f78a8..08dd7156e 100644
--- a/makefu/nixpkgs.json
+++ b/makefu/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/makefu/nixpkgs",
- "rev": "16fc6279dddabc42f8556d6368ed4215d916794f",
- "date": "2019-02-16T22:29:33+01:00",
- "sha256": "0bgm0gybqysy1si2zd8b2h6200hgmi8qsyi6qhcnvd4n555f3iic",
+ "rev": "cba65c1ab2aec20f0eaa77d6747f16798688e1bb",
+ "date": "2019-02-25T00:04:17+01:00",
+ "sha256": "1h6d9kghs7n7nql7fw5v9fpmpgdq6xq62npc7cfvyam8g4ma9iwn",
"fetchSubmodules": false
}
From 44540e08146438e99840c6aff1af1b9a312d54ed Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 7 Mar 2019 21:50:19 +0100
Subject: [PATCH 107/107] nixpkgs: 4c0be40 -> 8abca4b
---
krebs/nixpkgs.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index b93f612dd..28c98ceb2 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "4c0be40815511c7e5f592e95587ef075487639b5",
- "date": "2019-03-02T20:00:09+00:00",
- "sha256": "1vk04dsbvhj99s2pdwq0m5glckxqa8c1wz3p14d4zabkggnqhini",
+ "rev": "8abca4bc7b8b313c6e3073d074d623d1095c0dba",
+ "date": "2019-03-07T09:54:51+01:00",
+ "sha256": "1qhhlqkwzxwhq8ga4n7p4zg4nrhl79m6x4qd0pgaic6n4z5m82gr",
"fetchSubmodules": false
}