Merge branch 'master' of pnp:stockholm

This commit is contained in:
makefu 2015-10-27 18:12:29 +01:00
commit a85114c59c
71 changed files with 2499 additions and 438 deletions

View file

@ -1,93 +1,61 @@
# Welcome to the top-level default.nix of stockholm.
#
# You can discover the whole thing easily using the `get` utility,
# which can be found at http://cgit.cd.krebsco.de/get/tree/get
# To install `get` on any Nix-enabled system, use:
#
# nix-env -f /path/to/stockholm -iA pkgs.get
#
# The "current" arguments are used to provide information about the user who's
# evaluating this file. This information is used to determine which user
# namespace is to be used. Of course there's nothing trying to prevent you
# from forging this information. E.g. you could try to generate the deployment
# script for some random user's system, targeting some random host:
#
# LOGNAME=tv get krebs.deploy system=nomic target=8.8.8.8
#
{ current-date ? abort "current-date not defined"
, current-host-name ? abort "current-host-name not defined"
, current-user-name ? builtins.getEnv "LOGNAME"
}@current:
, StrictHostKeyChecking ? "yes"
}@args:
let stockholm = {
# The generated scripts to deploy (or infest) systems can be found in the
# `krebs` attribute. There's also an init script, but it's in its early
# stages, not well integrated and mostly useless at the moment. :)
#
# You'll also find lib here, which is nixpkgs/lib + krebs lib, but nobody
# is really accessing this directly, as this lib gets reexported below.
inherit krebs;
# All systems of all users can be found here.
#
# /!\ Please note that `get users.${user-name}.${host-name}.system` is a
# bad idea because it will produce vast amounts of output. These are the
# actual and complete system derivations that can be installed on the
# respective host.
#
# Another thing to notice here is that other user's systems might not be
# evaluable because of missing secrets. If you _are_ able to evaluate
# another user's system, then you probably share a similar naming scheme
# for your secret files! :)
inherit users;
# Additionally, output lib and pkgs for easy access from the shell.
# Notice how we're evaluating just the base module to obtain pkgs.
inherit lib;
inherit (eval {}) pkgs;
inherit pkgs;
};
krebs = import ./krebs (current // { inherit stockholm; });
inherit (krebs) lib;
krebs = import ./krebs (args // { inherit lib stockholm; });
lib =
let
lib = import <nixpkgs/lib>;
klib = import ./krebs/4lib { inherit lib; };
#ulib = import (./. + "/${current-user-name}/4lib") { lib = lib // klib; };
ulib = {}; # TODO
in
builtins // lib // klib // ulib // rec {
# TODO move this stuff
stockholm-path = ./.;
nspath = ns: p: stockholm-path + "/${ns}/${p}";
};
inherit (eval {}) pkgs;
# Path resolvers for common and individual files.
# Example: `upath "3modules"` produces the current user's 3modules directory
kpath = lib.nspath "krebs";
upath = lib.nspath current-user-name;
# This is the base module. Its purpose is to provide modules and
# packages, both common ones, found in krebs/ as well as the current user's,
# found in the user's namespace.
base-module = {
base-module = { config, ... }: {
imports = map (f: f "3modules") [ kpath upath ];
krebs.current.enable = true;
krebs.current.host = config.krebs.hosts.${current-host-name};
krebs.current.user = config.krebs.users.${current-user-name};
nixpkgs.config.packageOverrides = pkgs:
let
# Notice the ordering. Krebs packages can only depend on Nixpkgs,
# whereas user packages additionally can depend on krebs packages.
kpkgs = import (kpath "5pkgs") { inherit pkgs; };
upkgs = import (upath "5pkgs") { pkgs = pkgs // kpkgs; };
kpkgs = import (kpath "5pkgs") { inherit lib pkgs; };
upkgs = import (upath "5pkgs") { inherit lib; pkgs = pkgs // kpkgs; };
in
kpkgs // upkgs;
};
# The above base module is used together with a NixOS configuration to
# produce a system. Notice how stockholm really just provides additional
# packages and modules on top of NixOS. Some of this stuff might become
# useful to a broader audience, at which point it should probably be merged
# and pull-requested for inclusion into NixOS/nixpkgs.
# TODO provide krebs lib, so modules don't have to import it awkwardly
eval = config: import <nixpkgs/nixos/lib/eval-config.nix> {
specialArgs = {
inherit lib;
};
modules = [
base-module
config
];
};
# Any top-level directory other than krebs/ is considered to be a user
# namespace, configuring a bunch of systems.
# Have a look at the definition of install in krebs/default.nix to see how
# nix-env is using this attribute set to obtain the system to be installed.
# TODO move user namespaces' to users/, so no exception for krebs/ is needed
users =
lib.mapAttrs
@ -96,8 +64,6 @@ let stockholm = {
(n: t: !lib.hasPrefix "." n && t == "directory" && n != "krebs")
(builtins.readDir ./.));
# Given a path to a user namespace, provide an attribute of evaluated
# system configurations, keyed by system names (AKA host names).
eval-all-systems = path:
lib.mapAttrs'
(n: _: (lib.nameValuePair (lib.removeSuffix ".nix" n)

View file

@ -1,6 +1,6 @@
{ config, lib, ... }:
with import ../4lib { inherit lib; };
with lib;
let
target = config.krebs.build // { user.name = "root"; };

View file

@ -0,0 +1,26 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.krebs.current;
out = {
options.krebs.current = api;
config = mkIf cfg.enable imp;
};
api = {
enable = mkEnableOption "krebs.current";
host = mkOption {
type = types.host;
};
user = mkOption {
type = types.user;
};
};
imp = {
};
in out

View file

@ -1,6 +1,6 @@
{ config, lib, ... }:
with import ../4lib { inherit lib; };
with lib;
let
cfg = config.krebs;
@ -8,6 +8,7 @@ let
imports = [
./bepasty-server.nix
./build.nix
./current.nix
./exim-retiolum.nix
./exim-smarthost.nix
./github-hosts-sync.nix
@ -76,6 +77,7 @@ let
imp = mkMerge [
{ krebs = import ./lass { inherit lib; }; }
{ krebs = import ./makefu { inherit lib; }; }
{ krebs = import ./shared { inherit lib; }; }
{ krebs = import ./tv { inherit lib; }; }
{
krebs.dns.providers = {
@ -105,8 +107,8 @@ let
# Implements environment.etc."zones/<zone-name>"
environment.etc = let
stripEmptyLines = s: concatStringsSep "\n"
(remove "\n" (remove "" (splitString "\n" s)));
stripEmptyLines = s: (concatStringsSep "\n"
(remove "\n" (remove "" (splitString "\n" s)))) + "\n";
all-zones = foldAttrs (sum: current: sum + "\n" +current ) ""
([cfg.zone-head-config] ++ combined-hosts);
combined-hosts = (mapAttrsToList (name: value: value.extraZones) cfg.hosts );

View file

@ -6,7 +6,7 @@
# TODO when authorized_keys changes, then restart ssh
# (or kill already connected users somehow)
with import ../4lib { inherit lib; };
with lib;
let
cfg = config.krebs.git;

View file

@ -1,7 +1,6 @@
{ config, lib, pkgs, ... }:
with builtins;
with import ../4lib { inherit lib; };
with lib;
let
cfg = config.krebs.github-hosts-sync;

View file

@ -1,8 +1,36 @@
{ lib, ... }:
with import ../../4lib { inherit lib; };
with lib;
{
let
testHosts = lib.genAttrs [
"test-arch"
"test-centos6"
"test-centos7"
] (name: {
inherit name;
cores = 1;
nets = {
retiolum = {
addrs4 = ["10.243.111.111"];
addrs6 = ["42:0:0:0:0:0:0:7357"];
aliases = [
"test.retiolum"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAy41YKF/wpHLnN370MSdnAo63QUW30aw+6O79cnaJyxoL6ZQkk4Nd
mrX2tBIfb2hhhgm4Jecy33WVymoEL7EiRZ6gshJaYwte51Jnrac6IFQyiRGMqHY5
TG/6IzzTOkeQrT1fw3Yfh0NRfqLBZLr0nAFoqgzIVRxvy+QO1gCU2UDKkQ/y5df1
K+YsMipxU08dsOkPkmLdC/+vDaZiEdYljIS3Omd+ED5JmLM3MSs/ZPQ8xjkjEAy8
QqD9/67bDoeXyg1ZxED2n0+aRKtU/CK/66Li//yev6yv38OQSEM4t/V0dr9sjLcY
VIdkxKf96F9r3vcDf/9xw2HrqVoy+D5XYQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
});
in {
hosts = addNames {
echelon = {
cores = 4;
@ -104,7 +132,11 @@ with import ../../4lib { inherit lib; };
uriel = {
cores = 1;
dc = "lass";
nets = rec {
nets = {
gg23 = {
addrs4 = ["10.23.1.12"];
aliases = ["uriel.gg23"];
};
retiolum = {
addrs4 = ["10.243.81.176"];
addrs6 = ["42:dc25:60cf:94ef:759b:d2b6:98a9:2e56"];
@ -131,7 +163,11 @@ with import ../../4lib { inherit lib; };
mors = {
cores = 2;
dc = "lass";
nets = rec {
nets = {
gg23 = {
addrs4 = ["10.23.1.11"];
aliases = ["mors.gg23"];
};
retiolum = {
addrs4 = ["10.243.0.2"];
addrs6 = ["42:0:0:0:0:0:0:dea7"];
@ -155,8 +191,24 @@ with import ../../4lib { inherit lib; };
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAMPlIG+6u75GJ3kvsPF6OoIZsU+u8ZQ+rdviv5fNMD";
};
schnabel-ap = {
nets = {
gg23 = {
addrs4 = ["10.23.1.20"];
aliases = ["schnabel-ap.gg23"];
};
};
};
Reichsfunk-ap = {
nets = {
gg23 = {
addrs4 = ["10.23.1.10"];
aliases = ["Reichsfunk-ap.gg23"];
};
};
};
};
} // testHosts;
users = addNames {
lass = {
pubkey = readFile ../../Zpubkeys/lass.ssh.pub;

View file

@ -1,6 +1,6 @@
{ lib, ... }:
with import ../../4lib { inherit lib; };
with lib;
{
hosts = addNames {
@ -185,6 +185,7 @@ with import ../../4lib { inherit lib; };
addrs6 = ["42:6e1e:cc8a:7cef:827:f938:8c64:baad"];
aliases = [
"graphs.wry.retiolum"
"graphs.retiolum"
"paste.wry.retiolum"
"paste.retiolum"
"wry.retiolum"

View file

@ -0,0 +1,42 @@
{ lib, ... }:
with lib;
{
hosts = addNames {
wolf = {
#dc = "shack";
nets = {
#shack = {
# addrs4 = [ TODO ];
# aliases = ["wolf.shack"];
#};
retiolum = {
addrs4 = ["10.243.77.1"];
addrs6 = ["42:0:0:0:0:0:77:1"];
aliases = [
"wolf.retiolum"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAzpXyEATt8+ElxPq650/fkboEC9RvTWqN6UIAl/R4Zu+uDhAZ2ekb
HBjoSbRxu/0w2I37nwWUhEOemxGm4PXCgWrtO0jeRF4nVNYu3ZBppA3vuVALUWq7
apxRUEL9FdsWQlXGo4PVd20dGaDTi8M/Ggo755MStVTY0rRLluxyPq6VAa015sNg
4NOFuWm0NDn4e+qrahTCTiSjbCU8rWixm0GktV40kdg0QAiFbEcRhuXF1s9/yojk
7JT/nFg6LELjWUSSNZnioj5oSfVbThDRelIld9VaAKBAZZ5/zy6T2XSeDfoepytH
8aw6itEuTCy1M1DTiTG+12SPPw+ubG+NqQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYMXMWZIK0jjnZDM9INiYAKcwjXs2241vew54K8veCR";
};
};
users = addNames {
shared = {
mail = "spam@krebsco.de";
pubkey = "lol"; # TODO krebs.users.shared.pubkey should be unnecessary
};
};
}

View file

@ -95,8 +95,12 @@ let
ExecStartPre = pkgs.writeScript "tinc_graphs-init" ''
#!/bin/sh
mkdir -p "${internal_dir}" "${external_dir}"
if ! test -e "${cfg.workingDir}/internal/index.html"; then
cp -fr "$(${pkgs.tinc_graphs}/bin/tincstats-static-dir)/internal/" "${internal_dir}"
cp -fr "$(${pkgs.tinc_graphs}/bin/tincstats-static-dir)/internal/." "${internal_dir}"
fi
if ! test -e "${cfg.workingDir}/external/index.html"; then
cp -fr "$(${pkgs.tinc_graphs}/bin/tincstats-static-dir)/external/." "${external_dir}"
fi
'';
@ -118,7 +122,6 @@ let
users.extraUsers.tinc_graphs = {
uid = 3925439960; #genid tinc_graphs
home = "/var/spool/tinc_graphs";
createHome = true;
};
krebs.nginx.servers = mkIf cfg.nginx.enable {

View file

@ -1,6 +1,6 @@
{ lib, ... }:
with import ../../4lib { inherit lib; };
with lib;
{
dns.providers = {
@ -65,7 +65,7 @@ with import ../../4lib { inherit lib; };
dc = "tv"; #dc = "cac";
nets = rec {
internet = {
addrs4 = ["104.233.84.215"];
addrs4 = ["104.167.114.142"];
aliases = [
"mkdir.internet"
];
@ -231,6 +231,7 @@ with import ../../4lib { inherit lib; };
addrs6 = ["42:0:0:0:0:0:0:1337"];
aliases = [
"wu.retiolum"
"cgit.wu.retiolum"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----

View file

@ -56,6 +56,13 @@ let
https://nixos.org/channels/nixos-unstable/git-revision
];
};
verbose = mkOption {
type = types.bool;
default = false;
description = ''
verbose output of urlwatch
'';
};
};
urlsFile = toFile "urls" (concatStringsSep "\n" cfg.urls);
@ -106,7 +113,7 @@ let
cd /tmp
urlwatch -e --urls="$urlsFile" > changes 2>&1 || :
urlwatch -e ${optionalString cfg.verbose "-v"} --urls="$urlsFile" > changes || :
if test -s changes; then
date=$(date -R)

View file

@ -3,8 +3,6 @@
with builtins;
with lib;
builtins //
lib //
rec {
eq = x: y: x == y;

View file

@ -3,8 +3,8 @@ set -eux
{
umount /mnt/nix
umount /mnt/root
umount /boot || :
umount /mnt/boot
umount /boot || :
umount /mnt
coreutils_path=$(set +f; for i in /nix/store/*coreutils*/bin; do :; done; echo $i)

View file

@ -18,6 +18,13 @@ prepare() {(
esac
;;
esac
elif test -e /etc/centos-release; then
case $(cat /etc/centos-release) in
'CentOS release 6.5 (Final)')
prepare_centos "$@"
exit
;;
esac
fi
echo "$0 prepare: unknown OS" >&2
exit -1

View file

@ -1,7 +1,6 @@
{ pkgs, ... }:
with import ../4lib { inherit (pkgs) lib; };
{ lib, pkgs, ... }:
with lib;
let
subdirs = mapAttrs (_: flip pkgs.callPackage {}) (subdirsOf ./.);
pkgs' = pkgs // subdirs;
@ -55,4 +54,8 @@ subdirs // rec {
gcc -O -Wall -o "$exe" $src
strip --strip-unneeded "$exe"
'';
writeNixFromCabal = name: path: pkgs.runCommand name {} ''
${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out
'';
}

View file

@ -2,14 +2,14 @@
python3Packages.buildPythonPackage rec {
name = "tinc_graphs-${version}";
version = "0.3.6";
version = "0.3.9";
propagatedBuildInputs = with pkgs;[
python3Packages.pygeoip
## ${geolite-legacy}/share/GeoIP/GeoIPCity.dat
];
src = fetchurl {
url = "https://pypi.python.org/packages/source/t/tinc_graphs/tinc_graphs-${version}.tar.gz";
sha256 = "0ghdx9aaipmppvc2b6cgks4nxw6zsb0fhjrmnisbx7rz0vjvzc74";
sha256 = "0hjmkiclvyjb3707285x4b8mk5aqjcvh383hvkad1h7p1n61qrfx";
};
preFixup = with pkgs;''
wrapProgram $out/bin/build-graphs --prefix PATH : "$out/bin"

10
krebs/Zhosts/wolf Normal file
View file

@ -0,0 +1,10 @@
Subnet = 10.243.77.1/32
Subnet = 42:0:0:0:0:0:77:1/128
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAzpXyEATt8+ElxPq650/fkboEC9RvTWqN6UIAl/R4Zu+uDhAZ2ekb
HBjoSbRxu/0w2I37nwWUhEOemxGm4PXCgWrtO0jeRF4nVNYu3ZBppA3vuVALUWq7
apxRUEL9FdsWQlXGo4PVd20dGaDTi8M/Ggo755MStVTY0rRLluxyPq6VAa015sNg
4NOFuWm0NDn4e+qrahTCTiSjbCU8rWixm0GktV40kdg0QAiFbEcRhuXF1s9/yojk
7JT/nFg6LELjWUSSNZnioj5oSfVbThDRelIld9VaAKBAZZ5/zy6T2XSeDfoepytH
8aw6itEuTCy1M1DTiTG+12SPPw+ubG+NqQIDAQAB
-----END RSA PUBLIC KEY-----

View file

@ -1,14 +1,16 @@
{ current-date
, current-host-name
, current-user-name
, lib
, stockholm
, StrictHostKeyChecking ? "yes"
}:
let out = {
inherit deploy;
inherit infest;
inherit init;
inherit lib;
inherit nixos-install;
};
deploy =
@ -23,7 +25,7 @@ let out = {
set -efu
(${populate args})
${rootssh target ''
${install args}
${nix-install args}
${config.krebs.build.profile}/bin/switch-to-configuration switch
''}
echo OK
@ -39,63 +41,14 @@ let out = {
# krebs.infest
set -efu
# XXX type -p is non-standard
#export RSYNC_RSH; RSYNC_RSH="$(type -p ssh) \
# -o 'HostName $ {target.host.infest.addr}' \
# -o 'Port $ {toString target.host.infest.port}' \
#"
#ssh() {
# eval "$RSYNC_RSH \"\$@\""
#}
${lib.rootssh target ''
${rootssh target ''
${builtins.readFile ./4lib/infest/prepare.sh}
${builtins.readFile ./4lib/infest/install-nix.sh}
''}
(${lib.populate args})
${lib.rootssh target ''
export PATH; PATH=/root/.nix-profile/bin:$PATH
src=$(type -p nixos-install)
cat_src() {
sed < "$src" "$(
{ sed < "$src" -n '
/^if ! test -e "\$mountPoint\/\$NIXOS_CONFIG/,/^fi$/=
/^nixpkgs=/=
/^NIX_PATH=/,/^$/{/./=}
# Disable: Copy the NixOS/Nixpkgs sources to the target as
# the initial contents of the NixOS channel.
/^srcs=/,/^ln -sfn /=
'
} | sed 's:$:s/^/#krebs#/:'
)"
}
# Location to insert install
i=$(sed -n '/^echo "building the system configuration/=' "$src")
{
cat_src | sed -n "1,$i{p}"
cat ${lib.doc (install args)}
cat_src | sed -n "$i,\''${$i!p}"
} > nixos-install
chmod +x nixos-install
## Wrap inserted install into chroot.
#nix_env=$(cat_src | sed -n '
# s:.*\(/nix/store/[a-z0-9]*-nix-[0-9.]\+/bin/nix-env\).*:\1:p;T;q
#')
#echo nix-env is $nix_env
#sed -i '
# s:^nix-env:chroot $mountPoint '"$nix_env"':
#' nixos-install
unset SSL_CERT_FILE
./nixos-install
(${nixos-install args})
${rootssh target ''
${builtins.readFile ./4lib/infest/finalize.sh}
''}
'';
@ -135,10 +88,74 @@ let out = {
EOF
'';
lib = import ./4lib { lib = import <nixpkgs/lib>; } // rec {
stockholm-path = ../.;
nspath = ns: p: stockholm-path + "/${ns}/${p}";
};
nixos-install =
{ system ? current-host-name
, target ? system
}@args: let
in ''
#! /bin/sh
# ${current-date} ${current-user-name}@${current-host-name}
# krebs.nixos-install
(${populate args})
${rootssh target ''
export PATH; PATH=/root/.nix-profile/bin:$PATH
src=$(type -p nixos-install)
cat_src() {
sed < "$src" "$(
{ sed < "$src" -n '
/^if ! test -e "\$mountPoint\/\$NIXOS_CONFIG/,/^fi$/=
/^nixpkgs=/=
/^NIX_PATH=/,/^$/{/./=}
# Disable: Copy the NixOS/Nixpkgs sources to the target as
# the initial contents of the NixOS channel.
/^srcs=/,/^ln -sfn /=
'
} | sed 's:$:s/^/#krebs#/:'
)"
}
# Location to insert `nix-install`
i=$(sed -n '/^echo "building the system configuration/=' "$src")
{
cat_src | sed -n "1,$i{p}"
cat ${doc (nix-install args)}
cat_src | sed -n "$i,\''${$i!p}"
} > nixos-install
chmod +x nixos-install
# Wrap inserted nix-install into chroot.
nix_env=$(cat_src | sed -n '
s:.*\(/nix/store/[a-z0-9]*-nix-[0-9.]\+/bin/nix-env\).*:\1:p;T;q
')
echo "nix-env is $nix_env" >&2
findpkg() {(
name=$1
path=$(find /nix/store \
-mindepth 1 -maxdepth 1 -type d -name '*-'"$name"'-*' \
| head -n 1 | sed s:^/mnt::)
if echo "$path" | grep .; then
echo "$name is $path" >&2
else
echo "Error: package not found: $name" >&2
exit 1
fi
)}
cacert=$(findpkg cacert)
coreutils=$(findpkg coreutils)
cp "$cacert"/etc/ssl/certs/ca-bundle.crt /mnt/root/SSL_CERT_FILE
env="$coreutils/bin/env SSL_CERT_FILE=/root/SSL_CERT_FILE"
sed -i '
s:^NIX_PATH=:chroot $mountPoint '"$env"' &:
s:^nix-env:'"$nix_env"':
' nixos-install
./nixos-install
''}
'';
doc = s:
let b = "EOF${builtins.hashString "sha256" s}"; in
@ -152,7 +169,7 @@ let out = {
stockholm.users.${current-user-name}.${system}.config
or (abort "unknown system: ${system}, user: ${current-user-name}");
install =
nix-install =
{ system ? current-host-name
, target ? system
}:
@ -203,11 +220,8 @@ let out = {
current-host = config.krebs.hosts.${current-host-name};
current-user = config.krebs.users.${current-user-name};
target-host = config.krebs.hosts.${system};
methods.dir = config:
let
can-link = config.host.name == target-host.name;
can-push = config.host.name == current-host.name;
push-method = ''
rsync \
@ -221,11 +235,11 @@ let out = {
${config.path}/ \
root@${target}:${config.target-path}
'';
url = "file://${config.host.name}${config.path}";
in
#if can-link then link-method else
if can-push then push-method else
throw "cannot source ${url}";
let dir = "file://${config.host.name}${config.path}"; in
# /!\ revise this message when using more than just push-method
throw "No way to push ${dir} from ${current-host.name} to ${target}";
methods.git = config:
rootssh target ''
@ -251,7 +265,10 @@ let out = {
in out;
rootssh = target: script:
"ssh root@${target} -T ${doc ''
let
flags = "-o StrictHostKeyChecking=${StrictHostKeyChecking}";
in
"ssh ${flags} root@${target} -T ${doc ''
set -efu
${script}
''}";

View file

@ -27,30 +27,9 @@ in {
}
{
nix.maxJobs = 1;
sound.enable = false;
}
];
krebs.build = {
user = config.krebs.users.lass;
host = config.krebs.hosts.cloudkrebs;
source = {
dir.secrets = {
host = config.krebs.hosts.mors;
path = "/home/lass/secrets/${config.krebs.build.host.name}";
};
dir.stockholm = {
host = config.krebs.hosts.mors;
path = "/home/lass/dev/stockholm";
};
};
};
networking.hostName = "cloudkrebs";
environment.systemPackages = [
pkgs.dic
];
krebs.build.host = config.krebs.hosts.cloudkrebs;
}

View file

@ -31,26 +31,23 @@ in {
}
{
nix.maxJobs = 1;
sound.enable = false;
}
{
imports = [
../3modules/dnsmasq.nix
];
lass.dnsmasq = {
enable = true;
config = ''
interface=retiolum
'';
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p udp --dport 53"; target = "ACCEPT"; }
];
}
];
krebs.build = {
user = config.krebs.users.lass;
host = config.krebs.hosts.echelon;
source = {
dir.secrets = {
host = config.krebs.hosts.mors;
path = "/home/lass/secrets/${config.krebs.build.host.name}";
};
dir.stockholm = {
host = config.krebs.hosts.mors;
path = "/home/lass/dev/stockholm";
};
};
};
networking.hostName = config.krebs.build.host.name;
krebs.build.host = config.krebs.hosts.echelon;
}

View file

@ -2,7 +2,7 @@
{
imports = [
../2configs/desktop-base.nix
../2configs/baseX.nix
../2configs/programs.nix
../2configs/bitcoin.nix
../2configs/browsers.nix
@ -10,7 +10,6 @@
../2configs/pass.nix
../2configs/virtualbox.nix
../2configs/elster.nix
../2configs/urxvt.nix
../2configs/steam.nix
../2configs/wine.nix
../2configs/texlive.nix
@ -18,7 +17,6 @@
#../2configs/ircd.nix
../2configs/chromium-patched.nix
../2configs/git.nix
#../../2configs/tv/synaptics.nix
../2configs/retiolum.nix
../2configs/wordpress.nix
../2configs/bitlbee.nix
@ -26,22 +24,8 @@
../2configs/skype.nix
];
krebs.build = {
user = config.krebs.users.lass;
host = config.krebs.hosts.mors;
source = {
dir.secrets = {
host = config.krebs.hosts.mors;
path = "/home/lass/secrets/${config.krebs.build.host.name}";
};
dir.stockholm = {
host = config.krebs.hosts.mors;
path = "/home/lass/dev/stockholm";
};
};
};
krebs.build.host = config.krebs.hosts.mors;
networking.hostName = "mors";
networking.wireless.enable = true;
networking.extraHosts = ''
@ -52,8 +36,6 @@
10.243.206.102 apanowicz.de
'';
nix.maxJobs = 4;
hardware.enableAllFirmware = true;
nixpkgs.config.allowUnfree = true;
@ -159,11 +141,6 @@
emulateWheel = true;
};
#system.activationScripts.trackpoint = ''
# echo 0 > '/sys/devices/platform/i8042/serio1/serio2/speed'
# echo 220 > '/sys/devices/platform/i8042/serio1/serio2/sensitivity'
#'';
services.xserver = {
videoDriver = "intel";
vaapiDrivers = [ pkgs.vaapiIntel ];
@ -210,9 +187,19 @@
];
};
};
#touchpad config
services.xserver.synaptics = {
enable = true;
accelFactor = "0.035";
additionalOptions = ''
Option "FingerHigh" "60"
Option "FingerLow" "60"
'';
tapButtons = false;
twoFingerScroll = true;
};
#for google hangout
users.extraUsers.gm.extraGroups = [ "audio" "video" ];
}

View file

@ -0,0 +1,36 @@
{ config, lib, pkgs, ... }:
let
inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
inherit (lib) head;
in {
imports = [
../2configs/base.nix
{
boot.loader.grub = {
device = "/dev/sda";
splashImage = null;
};
boot.initrd.availableKernelModules = [
"ata_piix"
"vmw_pvscsi"
];
fileSystems."/" = {
device = "/dev/sda1";
};
}
{
networking.dhcpcd.allowInterfaces = [
"enp*"
];
}
{
sound.enable = false;
}
];
krebs.build.host = config.krebs.hosts.test-arch;
}

View file

@ -0,0 +1,30 @@
{ config, lib, pkgs, ... }:
let
inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
inherit (lib) head;
ip = "168.235.148.52";
in {
imports = [
../2configs/base.nix
../2configs/os-templates/CAC-CentOS-6.5-64bit.nix
{
networking.interfaces.enp11s0.ip4 = [
{
address = ip;
prefixLength = 24;
}
];
networking.defaultGateway = getDefaultGateway ip;
networking.nameservers = [
"8.8.8.8"
];
}
{
sound.enable = false;
}
];
krebs.build.host = config.krebs.hosts.test-centos6;
}

View file

@ -0,0 +1,31 @@
{ config, lib, pkgs, ... }:
let
inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
inherit (lib) head;
ip = "168.235.145.85";
in {
imports = [
../2configs/base.nix
../2configs/os-templates/CAC-CentOS-7-64bit.nix
{
networking.interfaces.enp2s1.ip4 = [
{
address = ip;
prefixLength = 24;
}
];
networking.defaultGateway = getDefaultGateway ip;
networking.nameservers = [
"8.8.8.8"
];
}
{
sound.enable = false;
}
];
krebs.build.host = config.krebs.hosts.test-centos7;
}

View file

@ -3,11 +3,10 @@
with builtins;
{
imports = [
../2configs/desktop-base.nix
../2configs/baseX.nix
../2configs/browsers.nix
../2configs/games.nix
../2configs/pass.nix
../2configs/urxvt.nix
../2configs/bird.nix
../2configs/git.nix
../2configs/chromium-patched.nix
@ -25,26 +24,9 @@ with builtins;
}
];
krebs.build = {
user = config.krebs.users.lass;
target = "root@uriel";
host = config.krebs.hosts.uriel;
source = {
dir.secrets = {
host = config.krebs.hosts.mors;
path = "/home/lass/secrets/${config.krebs.build.host.name}";
};
dir.stockholm = {
host = config.krebs.hosts.mors;
path = "/home/lass/dev/stockholm";
};
};
};
networking.hostName = "uriel";
krebs.build.host = config.krebs.hosts.uriel;
networking.wireless.enable = true;
nix.maxJobs = 2;
hardware.enableAllFirmware = true;
nixpkgs.config.allowUnfree = true;
@ -65,8 +47,6 @@ with builtins;
initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
#kernelModules = [ "kvm-intel" "msr" ];
kernelModules = [ "msr" ];
extraModprobeConfig = ''
'';
};
fileSystems = {
"/" = {
@ -93,11 +73,4 @@ with builtins;
Option "FingerLow" "60"
'';
};
environment.systemPackages = with pkgs; [
];
#for google hangout
users.extraUsers.google.extraGroups = [ "audio" "video" ];
}

View file

@ -38,14 +38,28 @@ with lib;
}
];
networking.hostName = config.krebs.build.host.name;
nix.maxJobs = config.krebs.build.host.cores;
krebs = {
enable = true;
search-domain = "retiolum";
exim-retiolum.enable = true;
build.source = {
git.nixpkgs = {
url = https://github.com/Lassulus/nixpkgs;
rev = "b9270a2e8ac3d2cf4c95075a9529528aa1d859da";
build = {
user = config.krebs.users.lass;
source = {
git.nixpkgs = {
url = https://github.com/Lassulus/nixpkgs;
rev = "33bdc011f5360288cd10b9fda90da2950442b2ab";
};
dir.secrets = {
host = config.krebs.hosts.mors;
path = "/home/lass/secrets/${config.krebs.build.host.name}";
};
dir.stockholm = {
host = config.krebs.hosts.mors;
path = "/home/lass/stockholm";
};
};
};
};
@ -82,6 +96,9 @@ with lib;
#network
iptables
#stuff for dl
aria2
];
programs.bash = {
@ -123,12 +140,6 @@ with lib;
"sendmail"
];
#services.gitolite = {
# enable = true;
# dataDir = "/home/gitolite";
# adminPubkey = config.sshKeys.lass.pub;
#};
services.openssh = {
enable = true;
hostKeys = [

View file

@ -5,6 +5,7 @@ let
in {
imports = [
./base.nix
./urxvt.nix
];
time.timeZone = "Europe/Berlin";
@ -30,6 +31,7 @@ in {
powertop
sxiv
much
push
#window manager stuff
haskellPackages.xmobar

View file

@ -0,0 +1,203 @@
{ config, pkgs, ... }:
let
newsfile = pkgs.writeText "feeds" ''
aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#news
aktuelle_themen|http://bundestag.de/service/rss/Bundestag_Aktuelle_Themen.rss|#news #bundestag
allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#news
anon|http://anoninsiders.net/feed/|#news
antirez|http://antirez.com/rss|#news
arbor|http://feeds2.feedburner.com/asert/|#news
archlinux|http://www.archlinux.org/feeds/news/|#news
ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#news
asiaone_asia|http://news.asiaone.com/rss/asia|#news
asiaone_business|http://business.asiaone.com/rss.xml|#news
asiaone_sci|http://news.asiaone.com/rss/science-and-tech|#news
asiaone_world|http://news.asiaone.com/rss/world|#news
augustl|http://augustl.com/atom.xml|#news
bbc|http://feeds.bbci.co.uk/news/rss.xml|#news
bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#news #bundestag
bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#news #bundestag
bdt_pressemitteilungen|http://bundestag.de/service/rss/Bundestag_Presse.rss|#news #bundestag
bdt_wd|http://bundestag.de/service/rss/Bundestag_WD.rss|#news #bundestag
bitcoinpakistan|https://bitcoinspakistan.com/feed/|#news #financial
c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#news
cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#news
carta|http://feeds2.feedburner.com/carta-standard-rss|#news
catholic_news|http://feeds.feedburner.com/catholicnewsagency/dailynews|#news
cbc_busi|http://rss.cbc.ca/lineup/business.xml|#news
cbc_offbeat|http://www.cbc.ca/cmlink/rss-offbeat|#news
cbc_pol|http://rss.cbc.ca/lineup/politics.xml|#news
cbc_tech|http://rss.cbc.ca/lineup/technology.xml|#news
cbc_top|http://rss.cbc.ca/lineup/topstories.xml|#news
ccc|http://www.ccc.de/rss/updates.rdf|#news
chan_b|https://boards.4chan.org/b/index.rss|#brainfuck
chan_biz|https://boards.4chan.org/biz/index.rss|#news #brainfuck
chan_int|https://boards.4chan.org/int/index.rss|#news #brainfuck
cna|http://www.channelnewsasia.com/starterkit/servlet/cna/rss/home.xml|#news
coinspotting|http://coinspotting.com/rss|#news #financial
cryptanalysis|https://cryptanalys.is/rss.php|#news
cryptocoinsnews|http://www.cryptocoinsnews.com/feed/|#news #financial
cryptogon|http://www.cryptogon.com/?feed=rss2|#news
csm|http://rss.csmonitor.com/feeds/csm|#news
csm_world|http://rss.csmonitor.com/feeds/world|#news
cyberguerrilla|https://www.cyberguerrilla.org/a/2012/?feed=rss2|#news
danisch|http://www.danisch.de/blog/feed/|#news
dod|http://www.defense.gov/news/afps2.xml|#news
dwn|http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/|#news
ecat|http://ecat.com/feed|#news
eia_press|http://www.eia.gov/rss/press_rss.xml|#news
eia_today|http://www.eia.gov/rss/todayinenergy.xml|#news
embargowatch|https://embargowatch.wordpress.com/feed/|#news
ethereum-comments|http://blog.ethereum.org/comments/feed|#news
ethereum|http://blog.ethereum.org/feed|#news
europa_ric|http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml|#news
eu_survei|http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx|#news
exploitdb|http://www.exploit-db.com/rss.xml|#news
fars|http://www.farsnews.com/rss.php|#news #test
faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#news
faz_politik|http://www.faz.net/rss/aktuell/politik/|#news
faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#news #financial
fbi|http://www.fbi.gov/homepage/RSS|#news #bullerei
fbi_news|http://www.fbi.gov/news/news_blog/rss.xml|#news
fbi_press|http://www.fbi.gov/news/current/rss.xml|#news #bullerei
fbi_stories|http://www.fbi.gov/news/stories/all-stories/rss.xml|#news #bullerei
fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#news #financial
fefe|http://blog.fefe.de/rss.xml|#news
forbes|http://www.forbes.com/forbes/feed2/|#news
forbes_realtime|http://www.forbes.com/real-time/feed2/|#news
fox|http://feeds.foxnews.com/foxnews/latest|#news
geheimorganisation|http://geheimorganisation.org/feed/|#news
GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#news
gmanet|http://www.gmanetwork.com/news/rss/news|#news
golem|http://www.golem.de/rss.php?feed=RSS1.0|#news
google|http://news.google.com/?output=rss|#news
greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#news
guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#news
gulli|http://ticker.gulli.com/rss/|#news
handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#news #financial
heise|http://heise.de.feedsportal.com/c/35207/f/653902/index.rss|#news
hindu_business|http://www.thehindubusinessline.com/?service=rss|#news #financial
hindu|http://www.thehindu.com/?service=rss|#news
hintergrund|http://www.hintergrund.de/index.php?option=com_bca-rss-syndicator&feed_id=8|#news
ign|http://feeds.ign.com/ign/all|#news
independent|http://www.independent.com/rss/headlines/|#news
indymedia|http://de.indymedia.org/RSS/newswire.xml|#news
info_libera|http://www.informationliberation.com/rss.xml|#news
klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#news
korea_herald|http://www.koreaherald.com/rss_xml.php|#news
linuxinsider|http://www.linuxinsider.com/perl/syndication/rssfull.pl|#news
lisp|http://planet.lisp.org/rss20.xml|#news
liveleak|http://www.liveleak.com/rss|#news
lolmythesis|http://lolmythesis.com/rss|#news
LtU|http://lambda-the-ultimate.org/rss.xml|#news
lukepalmer|http://lukepalmer.wordpress.com/feed/|#news
mit|http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss|#news
mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#news
nds|http://www.nachdenkseiten.de/?feed=atom|#news
netzpolitik|https://netzpolitik.org/feed/|#news
newsbtc|http://newsbtc.com/feed/|#news #financial
nnewsg|http://www.net-news-global.net/rss/rssfeed.xml|#news
npr_busi|http://www.npr.org/rss/rss.php?id=1006|#news
npr_headlines|http://www.npr.org/rss/rss.php?id=1001|#news
npr_pol|http://www.npr.org/rss/rss.php?id=1012|#news
npr_world|http://www.npr.org/rss/rss.php?id=1004|#news
nsa|http://www.nsa.gov/rss.shtml|#news #bullerei
nytimes|http://rss.nytimes.com/services/xml/rss/nyt/World.xml|#news
painload|https://github.com/krebscode/painload/commits/master.atom|#news
phys|http://phys.org/rss-feed/|#news
piraten|https://www.piratenpartei.de/feed/|#news
polizei_berlin|http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml|#news #bullerei
presse_polizei|http://www.presseportal.de/rss/polizei.rss2|#news #bullerei
presseportal|http://www.presseportal.de/rss/presseportal.rss2|#news
prisonplanet|http://prisonplanet.com/feed.rss|#news
proofmarket|https://proofmarket.org/feed_problem|#news
rawstory|http://www.rawstory.com/rs/feed/|#news
reddit_4chan|http://www.reddit.com/r/4chan/new/.rss|#news #brainfuck
reddit_anticonsum|http://www.reddit.com/r/Anticonsumption/new/.rss|#news
reddit_btc|http://www.reddit.com/r/Bitcoin/new/.rss|#news #financial
reddit_prog|http://www.reddit.com/r/programming/new/.rss|#news
reddit_tpp|http://www.reddit.com/r/twitchplayspokemon/.rss|#news #tpp
reddit_world|http://www.reddit.com/r/worldnews/.rss|#news
r-ethereum|http://www.reddit.com/r/ethereum/.rss|#news
reuters|http://feeds.reuters.com/Reuters/worldNews|#news
reuters-odd|http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml|#news
rt|http://rt.com/rss/news/|#news
schallurauch|http://feeds.feedburner.com/SchallUndRauch|#news
sciencemag|http://news.sciencemag.org/rss/current.xml|#news
scmp|http://www.scmp.com/rss/91/feed|#news
sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#news
shackspace|http://shackspace.de/?feed=rss2|#news
shz_news|http://www.shz.de/nachrichten/newsticker/rss|#news
sky_busi|http://news.sky.com/feeds/rss/business.xml|#news
sky_pol|http://news.sky.com/feeds/rss/politics.xml|#news
sky_strange|http://news.sky.com/feeds/rss/strange.xml|#news
sky_tech|http://news.sky.com/feeds/rss/technology.xml|#news
sky_world|http://news.sky.com/feeds/rss/world.xml|#news
slashdot|http://rss.slashdot.org/Slashdot/slashdot|#news
slate|http://feeds.slate.com/slate|#news
spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#news
spiegelfechter|http://feeds.feedburner.com/DerSpiegelfechter?format=xml|#news
spiegel_top|http://www.spiegel.de/schlagzeilen/tops/index.rss|#news
standardmedia_ke|http://www.standardmedia.co.ke/rss/headlines.php|#news
stern|http://www.stern.de/feed/standard/all/|#news
stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#news
sz_politik|http://rss.sueddeutsche.de/rss/Politik|#news
sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#news #financial
sz_wissen|http://suche.sueddeutsche.de/rss/Wissen|#news
tagesschau|http://www.tagesschau.de/newsticker.rdf|#news
taz|http://taz.de/Themen-des-Tages/!p15;rss/|#news
telegraph_finance|http://www.telegraph.co.uk/finance/rss|#news #financial
telegraph_pol|http://www.telegraph.co.uk/news/politics/rss|#news
telegraph_uk|http://www.telegraph.co.uk/news/uknews/rss|#news
telegraph_world|http://www.telegraph.co.uk/news/worldnews/rss|#news
telepolis|http://www.heise.de/tp/rss/news-atom.xml|#news
the_insider|http://www.theinsider.org/rss/news/headlines-xml.asp|#news
tigsource|http://www.tigsource.com/feed/|#news
times|http://www.thetimes.co.uk/tto/news/rss|#news
tinc|http://tinc-vpn.org/news/index.rss|#news
topix_b|http://www.topix.com/rss/wire/de/berlin|#news
torr_bits|http://feeds.feedburner.com/TorrentfreakBits|#news
torrentfreak|http://feeds.feedburner.com/Torrentfreak|#news
torr_news|http://feed.torrentfreak.com/Torrentfreak/|#news
travel_warnings|http://feeds.travel.state.gov/ca/travelwarnings-alerts|#news
truther|http://truthernews.wordpress.com/feed/|#news
un_afr|http://www.un.org/apps/news/rss/rss_africa.asp|#news
un_am|http://www.un.org/apps/news/rss/rss_americas.asp|#news
un_eu|http://www.un.org/apps/news/rss/rss_europe.asp|#news
un_me|http://www.un.org/apps/news/rss/rss_mideast.asp|#news
un_pac|http://www.un.org/apps/news/rss/rss_asiapac.asp|#news
un_top|http://www.un.org/apps/news/rss/rss_top.asp|#news
us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#news
vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news
weechat|http://dev.weechat.org/feed/atom|#news
wired_sci|http://www.wired.com/category/science/feed/|#news
wp_world|http://feeds.washingtonpost.com/rss/rss_blogpost|#news
xkcd|https://xkcd.com/rss.xml|#news
zdnet|http://www.zdnet.com/news/rss.xml|#news
chan_g|https://boards.4chan.org/g/index.rss|#news
chan_x|https://boards.4chan.org/x/index.rss|#news
chan_sci|https://boards.4chan.org/sci/index.rss|#news
reddit_consp|http://reddit.com/r/conspiracy/.rss|#news
reddit_sci|http://www.reddit.com/r/science/.rss|#news
reddit_tech|http://www.reddit.com/r/technology/.rss|#news
reddit_nix|http://www.reddit.com/r/nixos/.rss|#news
reddit_haskell|http://www.reddit.com/r/haskell/.rss|#news
hackernews|https://news.ycombinator.com/rss|#news
'';
in {
imports = [
../3modules/newsbot-js.nix
];
environment.systemPackages = [
pkgs.newsbot-js
];
lass.newsbot-js = {
enable = true;
ircServer = "localhost";
feeds = newsfile;
urlShortenerHost = "go";
urlShortenerPort = "80";
};
}

View file

@ -0,0 +1,47 @@
_:
{
boot.loader.grub = {
device = "/dev/sda";
splashImage = null;
};
boot.initrd.availableKernelModules = [
"ata_piix"
"vmw_pvscsi"
];
fileSystems."/" = {
device = "/dev/VolGroup/lv_root";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/sda1";
fsType = "ext4";
};
swapDevices = [
{ device = "/dev/VolGroup/lv_swap"; }
];
users.extraGroups = {
# ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories
# Loaded: loaded (/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/example/systemd/system/systemd-tmpfiles-setup.service)
# Active: failed (Result: exit-code) since Mon 2015-03-16 10:29:18 UTC; 4s ago
# Docs: man:tmpfiles.d(5)
# man:systemd-tmpfiles(8)
# Process: 19272 ExecStart=/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev (code=exited, status=1/FAILURE)
# Main PID: 19272 (code=exited, status=1/FAILURE)
#
# Mar 16 10:29:17 cd systemd-tmpfiles[19272]: [/usr/lib/tmpfiles.d/legacy.conf:26] Unknown group 'lock'.
# Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal configured, ignoring.
# Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal/7b35116927d74ea58785e00b47ac0f0d configured, ignoring.
# Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service: main process exited, code=exited, status=1/FAILURE
# Mar 16 10:29:18 cd systemd[1]: Failed to start Create Volatile Files and Directories.
# Mar 16 10:29:18 cd systemd[1]: Unit systemd-tmpfiles-setup.service entered failed state.
# Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service failed.
# warning: error(s) occured while switching to the new configuration
lock.gid = 10001;
};
}

View file

@ -1,11 +0,0 @@
{ config, ... }:
{
imports = [
../3modules/sshkeys.nix
];
config.sshKeys.lass.pub = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== lass@mors";
config.sshKeys.uriel.pub = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDExWuRcltGM2FqXO695nm6/QY3wU3r1bDTyCpMrLfUSym7TxcXDSmZSWcueexPXV6GENuUfjJPZswOdWqIo5u2AXw9t0aGvwEDmI6uJ7K5nzQOsXIneGMdYuoOaAzWI8pxZ4N+lIP1HsOYttIPDp8RwU6kyG+Ud8mnVHWSTO13C7xC9vePnDP6b+44nHS691Zj3X/Cq35Ls0ISC3EM17jreucdP62L3TKk2R4NCm3Sjqj+OYEv0LAqIpgqSw5FypTYQgNByxRcIcNDlri63Q1yVftUP1338UiUfxtraUu6cqa2CdsHQmtX5mTNWEluVWO3uUKTz9zla3rShC+d3qvr lass@uriel";
}

View file

@ -1,7 +1,13 @@
_:
{
imports = [
./xresources.nix
./bitlbee.nix
./folderPerms.nix
./go.nix
./newsbot-js.nix
./per-user.nix
./urxvtd.nix
./xresources.nix
];
}

55
lass/3modules/dnsmasq.nix Normal file
View file

@ -0,0 +1,55 @@
{ config, lib, pkgs, ... }:
with builtins;
with lib;
let
cfg = config.lass.dnsmasq;
out = {
options.lass.dnsmasq = api;
config = mkIf cfg.enable imp;
};
api = {
enable = mkEnableOption "dnsmasq";
config = mkOption {
type = types.str;
#TODO: find a good default
default = ''
'';
description = "configuration dnsmasq is started with";
};
};
configFile = pkgs.writeText "dnsmasq.conf" cfg.config;
imp = {
#users.extraUsers.go = {
# name = "go";
# uid = 42774411; #genid go
# description = "go url shortener user";
# home = "/var/lib/go";
# createHome = true;
#};
systemd.services.dnsmasq = {
description = "dnsmasq";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = with pkgs; [
dnsmasq
];
restartIfChanged = true;
serviceConfig = {
Restart = "always";
ExecStart = "${pkgs.dnsmasq}/bin/dnsmasq -k -C ${configFile}";
};
};
};
in out

View file

@ -0,0 +1,87 @@
{ config, lib, pkgs, ... }:
with builtins;
with lib;
let
cfg = config.lass.newsbot-js;
out = {
options.lass.newsbot-js = api;
config = mkIf cfg.enable imp;
};
api = {
enable = mkEnableOption "Enable krebs newsbot";
ircServer = mkOption {
type = types.str;
default = "echelon.retiolum";
description = "to which server the bot should connect";
};
channel = mkOption {
type = types.str;
default = "#news";
description = "post the news in this channel";
};
masterNick = mkOption {
type = types.str;
default = "knews";
description = "nickname of the master bot";
};
feeds = mkOption {
type = types.path;
description = ''
file with feeds to post
format:
$nick|$feedURI
'';
};
urlShortenerHost = mkOption {
type = types.str;
default = "echelon";
description = "what server to use for url shortening, host";
};
urlShortenerPort = mkOption {
type = types.str;
default = "80";
description = "what server to use for url shortening, port";
};
};
imp = {
users.extraUsers.newsbot-js = {
name = "newsbot-js";
uid = 1616759810; #genid newsbot-js
description = "newsbot-js user";
home = "/var/empty";
};
systemd.services.newsbot-js = {
description = "krebs newsbot";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = with pkgs; [
newsbot-js
];
environment = {
irc_server = cfg.ircServer;
master_nick = cfg.masterNick;
news_channel = cfg.channel;
feeds_file = cfg.feeds;
url_shortener_host = cfg.urlShortenerHost;
url_shortener_port = cfg.urlShortenerPort;
};
restartIfChanged = true;
serviceConfig = {
User = "newsbot-js";
Restart = "always";
ExecStart = "${pkgs.newsbot-js}/bin/newsbot";
};
};
};
in out

View file

@ -1,26 +0,0 @@
{ lib, ... }:
with lib;
{
options = {
sshKeys = mkOption {
type = types.attrsOf (types.submodule (
{ config, ... }:
{
options = {
pub = mkOption {
type = types.str;
description = "Public part of the ssh key.";
};
priv = mkOption {
type = types.str;
description = "Private part of the ssh key.";
};
};
}));
description = "collection of ssh-keys";
};
};
}

View file

@ -1,12 +1,8 @@
{ lib, pkgs, ... }:
let
krebs = import ../../krebs/4lib { inherit lib; };
in
with lib;
with krebs;
krebs // rec {
{
simpleScript = name: content:
pkgs.stdenv.mkDerivation {

View file

@ -26,8 +26,8 @@ in nodePackages.buildNodePackage {
src = fetchgit {
url = "http://cgit.echelon/newsbot-js/";
rev = "cd32ef7b39819f53c7125b22c594202724cc8754";
sha256 = "425e800f7638a5679ed8a049614a7533f3c8dd09659061885240dc93952ff0ae";
rev = "b22729670236bfa6491207d57c5d7565137625ca";
sha256 = "8ff00de56d85543399776c82d41d92ccc68000e5dce0f008d926748e188f3c69";
};
phases = [

View file

@ -32,6 +32,8 @@
# ../2configs/graphite-standalone.nix
];
krebs.urlwatch.verbose = true;
krebs.Reaktor.enable = true;
krebs.Reaktor.debug = true;
krebs.Reaktor.nickname = "Reaktor|bot";

View file

@ -50,7 +50,7 @@ in {
# TODO: remove hard-coded hostname
complete = {
listen = [ "${internal-ip}:80" ];
server-names = [ "graphs.wry" ];
server-names = [ "graphs.wry" "graphs.retiolum" "graphs.wry.retiolum" ];
};
anonymous = {
listen = [ "${external-ip}:80" ] ;

View file

@ -10,6 +10,8 @@
https://api.github.com/repos/ovh/python-ovh/tags
https://api.github.com/repos/embray/d2to1/tags
http://git.sysphere.org/vicious/log/?qt=grep&q=Next+release
https://github.com/bepasty/bepasty-server/tags
https://pypi.python.org/simple/xstatic/
];
};

View file

@ -7,6 +7,5 @@ in
alsa-hdspmixer = callPackage ./alsa-tools { alsaToolTarget="hdspmixer";};
alsa-hdspconf = callPackage ./alsa-tools { alsaToolTarget="hdspconf";};
alsa-hdsploader = callPackage ./alsa-tools { alsaToolTarget="hdsploader";};
tinc_graphs = callPackage ./tinc_graphs {};
awesomecfg = callPackage ./awesomecfg {};
}

106
shared/1systems/wolf.nix Normal file
View file

@ -0,0 +1,106 @@
{ config, lib, pkgs, ... }:
with lib;
{
imports = [
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
];
krebs.build.host = config.krebs.hosts.wolf;
# TODO rename shared user to "krebs"
krebs.build.user = config.krebs.users.shared;
krebs.build.target = "wolf";
krebs.enable = true;
krebs.retiolum = {
enable = true;
connectTo = [
# TODO remove connectTo cd, this was only used for bootstrapping
"cd"
"gum"
"pigstarter"
];
};
krebs.build.source = {
git.nixpkgs = {
url = https://github.com/NixOS/nixpkgs;
rev = "e916273209560b302ab231606babf5ce1c481f08";
};
dir.secrets = {
host = config.krebs.current.host;
path = "${getEnv "HOME"}/secrets/krebs/wolf";
};
dir.stockholm = {
host = config.krebs.current.host;
path = "${getEnv "HOME"}/stockholm";
};
};
networking.hostName = config.krebs.build.host.name;
boot.kernel.sysctl = {
# Enable IPv6 Privacy Extensions
"net.ipv6.conf.all.use_tempaddr" = 2;
"net.ipv6.conf.default.use_tempaddr" = 2;
};
boot.initrd.availableKernelModules = [
"ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk"
];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/vda";
fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; };
swapDevices = [
{ device = "/dev/disk/by-label/swap"; }
];
nix.maxJobs = 1;
nix.trustedBinaryCaches = [
"https://cache.nixos.org"
"http://cache.nixos.org"
"http://hydra.nixos.org"
];
nix.useChroot = true;
nixpkgs.config.packageOverrides = pkgs: {
nano = pkgs.vim;
};
environment.systemPackages = with pkgs; [
git
rxvt_unicode.terminfo
];
time.timeZone = "Europe/Berlin";
programs.ssh.startAgent = false;
services.openssh = {
enable = true;
hostKeys = [
{ type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
];
};
services.cron.enable = false;
services.nscd.enable = false;
services.ntp.enable = false;
users.mutableUsers = false;
users.extraUsers.root.openssh.authorizedKeys.keys = [
# TODO
config.krebs.users.lass.pubkey
config.krebs.users.makefu.pubkey
config.krebs.users.tv.pubkey
];
# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "15.09";
}

View file

@ -0,0 +1,5 @@
# TODO don't require 3modules
_:
{
}

5
shared/5pkgs/default.nix Normal file
View file

@ -0,0 +1,5 @@
# TODO don't require 5pkgs
_:
{
}

View file

@ -114,7 +114,6 @@ with lib;
];
environment.systemPackages = with pkgs; [
git # required for ./deploy, clone_or_update
htop
iftop
iotop

View file

@ -88,7 +88,6 @@ in
];
environment.systemPackages = with pkgs; [
git # required for ./deploy, clone_or_update
htop
iftop
iotop

View file

@ -64,27 +64,24 @@ with lib;
];
boot.initrd.luks = {
cryptoModules = [ "aes" "sha1" "xts" ];
cryptoModules = [ "aes" "sha512" "xts" ];
devices = [
{
name = "luks1";
device = "/dev/disk/by-uuid/cac73902-1023-4906-8e95-3a8b245337d4";
}
{ name = "luks1"; device = "/dev/sda2"; }
];
};
fileSystems."/" =
{ device = "/dev/disk/by-uuid/de4780fc-0473-4708-81df-299b7383274c";
{ device = "/dev/mapper/nomic1-root";
fsType = "btrfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/be3a1d80-3157-4d7c-86cc-ef01b64eff5e";
{ device = "/dev/sda1";
fsType = "ext4";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/9db9c8ff-51da-4cbd-9f0a-0cd3333bbaff";
{ device = "/dev/mapper/nomic1-home";
fsType = "btrfs";
};

View file

@ -84,7 +84,6 @@ in
];
environment.systemPackages = with pkgs; [
git # required for ./deploy, clone_or_update
htop
iftop
iotop

View file

@ -29,25 +29,16 @@ with lib;
#../2configs/consul-client.nix
../2configs/git.nix
../2configs/mail-client.nix
../2configs/xserver.nix
../2configs/synaptics.nix # TODO w110er if xserver is enabled
../2configs/test.nix
../2configs/xserver
{
environment.systemPackages = with pkgs; [
# stockholm
genid
git
gnumake
hashPassword
lentil
parallel
(pkgs.writeScriptBin "ff" ''
#! ${pkgs.bash}/bin/bash
exec sudo -u ff -i <<EOF
exec ${pkgs.firefoxWrapper}/bin/firefox $(printf " %q" "$@")
EOF
'')
(pkgs.writeScriptBin "im" ''
#! ${pkgs.bash}/bin/bash
export PATH=${makeSearchPath "bin" (with pkgs; [
@ -71,6 +62,7 @@ with lib;
bind # dig
cac
dic
ff
file
get
gitAndTools.qgit

View file

@ -14,6 +14,12 @@ in
networking.hostName = config.krebs.build.host.name;
imports = [
{
# stockholm dependencies
environment.systemPackages = with pkgs; [
git
];
}
{
# TODO never put hashedPassword into the store
users.extraUsers =
@ -147,10 +153,9 @@ in
}
{
nixpkgs.config.packageOverrides = pkgs:
{
nano = pkgs.runCommand "empty" {} "mkdir -p $out";
};
nixpkgs.config.packageOverrides = pkgs: {
nano = pkgs.vim;
};
services.cron.enable = false;
services.nscd.enable = false;

View file

@ -1,14 +0,0 @@
{ config, pkgs, ... }:
{
# TODO this is host specific
services.xserver.synaptics = {
enable = true;
twoFingerScroll = true;
accelFactor = "0.035";
additionalOptions = ''
Option "FingerHigh" "60"
Option "FingerLow" "60"
'';
};
}

View file

@ -1,31 +0,0 @@
{ config, lib, pkgs, ... }:
with import ../4lib { inherit lib pkgs; };
let
out = {
environment.systemPackages = [
su-test
];
security.sudo.extraConfig = ''
tv ALL=(test) NOPASSWD: ALL
'';
users.extraUsers.test = {
shell = "${test-shell}";
};
};
su-test = pkgs.execveBin "su-test" rec {
filename = "/var/setuid-wrappers/sudo";
argv = ["sudo" "-u" "test" "-i"];
};
test-shell = pkgs.execve "test-shell" rec {
filename = "${pkgs.bash}/bin/bash";
argv = ["sh" "--noprofile" "-l"];
envp.ENV = pkgs.writeText "test-env" ''
${shell.cat "Hello, `$(j0w\nd0g!)`!\\o/\n"} >&2
'';
};
in out

View file

@ -29,10 +29,6 @@
# 2014-09-24 ref https://github.com/4z3/xintmap
http://www.mathstat.dal.ca/~selinger/quipper/
# 2014-12-12 remove nixopsUnstable when nixops get's bumped to 1.3
# ref https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/package-management/nixops/unstable.nix
http://nixos.org/releases/nixops/
## other
https://nixos.org/channels/nixos-unstable/git-revision
@ -51,6 +47,10 @@
# ref <stockholm/krebs/3modules>, services.openssh.knownHosts.github*
https://help.github.com/articles/what-ip-addresses-does-github-use-that-i-should-whitelist/
# <stockholm/tv/2configs/xserver/xserver.conf.nix>
# is derived from `configFile` in:
https://raw.githubusercontent.com/NixOS/nixpkgs/master/nixos/modules/services/x11/xserver.nix
];
};
}

View file

@ -1,41 +0,0 @@
{ config, pkgs, ... }:
{
imports = [
../2configs/urxvt.nix # TODO via xserver
];
services.xserver.enable = true;
#fonts.enableFontConfig = true;
#fonts.enableFontDir = true;
fonts.fonts = [
pkgs.xlibs.fontschumachermisc
];
#services.xfs.enable = true;
#services.xserver.useXFS = "unix/:7100";
services.xserver.displayManager.desktopManagerHandlesLidAndPower = true;
#services.xserver.display = 11;
#services.xserver.tty = 11;
# services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
#services.xserver.multitouch.enable = true;
services.xserver.windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [
X11-xshape
];
services.xserver.windowManager.xmonad.enable = true;
services.xserver.windowManager.xmonad.enableContribAndExtras = true;
services.xserver.windowManager.default = "xmonad";
services.xserver.desktopManager.default = "none";
services.xserver.desktopManager.xterm.enable = false;
services.xserver.displayManager.slim.enable = true;
#services.xserver.displayManager.auto.enable = true;
#services.xserver.displayManager.auto.user = "tv";
#services.xserver.displayManager.job.logsXsession = true;
}

View file

@ -0,0 +1,215 @@
{ config, lib, pkgs, ... }:
with lib;
pkgs.writeText "Xresources" ''
!URxvt*background: #050505
! 2013-02-25 \e was reas escape before
! *VT100.Translations: #override\
! :<Btn4Down>: string("\e[5~")\n\
! :<Btn5Down>: string("\e[6~")
! XTerm*VT100*Translations: #override \
! Shift<Key>Return: string(" &") string(0x0A) \n\
! Meta<Key>Return: string(" | less") string(0x0A) \n\
! ~Shift<Key>Prior: scroll-back(1,page) \n\
! ~Shift<Key>Next: scroll-forw(1,page) \n\
! Shift<Key>Prior: scroll-back(1) \n\
! Shift<Key>Next: scroll-forw(1) \n\
! <Key>Delete: string(0x1b) string("[2~")
! \n\
! <Key>BackSpace: string(0x7f)
! 2013-02-2013-02-25
! ! <M-c>: load bash-completion (if not already)
! URxvt*VT100*Translations: #override\
! Meta<KeyPress>c:\
! string("\eOH# \eOF\n+compl\n\eOA\eOA\eOH\e[3~\e[3~\eOF")\
! string(0x7)\n
! do not scroll automatically on output:
! XTerm*scrollTtyOutput: false
URxvt*cutchars: "\\`\"'&()*,;<=>?@[]^{|}"
! URxvt*secondaryScreen: false
! URxvt*loginShell: true
URxvt*eightBitInput: false
! *eightBitOutput: 1
! URxvt*decTerminalID: 220
! URxvt*utf8: 1
! URxvt*locale: UTF-8
! XTerm*customization: -color
URxvt*SaveLines: 4096
URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
! 2013-05-23 if this does not work try
! xset +fp /usr/share/fonts/local/
! xset fp rehash
! URxvt*font: -*-termsynu-edium-*-*-*-12-*-*-*-*-*-iso10646-1
! URxvt*boldFont: -*-termsynu-bold-*-*-*-12-*-*-*-*-*-iso10646-1
!
!-misc-termsynu-medium-r-normal--12-87-100-100-c-70-iso10646-1
! XTerm*font: -misc-fixed-medium-r-normal--13-120-75-75-c-80-iso10646-1
URxvt*scrollBar: false
! XTerm*font:-nil-profont-medium-r-normal--11-110-72-72-c-60-iso8859-1
! URxvt*boldFont:-nil-profont-medium-r-normal--11-110-72-72-c-60-iso8859-1
URxvt*background: #050505
! URxvt*background: #041204
!URxvt.depth: 32
!URxvt*background: rgba:0500/0500/0500/cccc
! URxvt*background: #080810
URxvt*foreground: #d0d7d0
! URxvt*background: black
! URxvt*foreground: white
! URxvt*background: rgb:00/00/40
! URxvt*foreground: rgb:a0/a0/d0
! XTerm*cursorColor: rgb:00/00/60
URxvt*cursorColor: #f042b0
URxvt*cursorColor2: #f0b000
URxvt*cursorBlink: off
! URxvt*cursorUnderline: true
! URxvt*highlightColor: #232323
! URxvt*highlightTextColor: #b0ffb0
URxvt*.pointerBlank: true
URxvt*.pointerBlankDelay: 987654321
URxvt*.pointerColor: #f042b0
URxvt*.pointerColor2: #050505
! URxvt*fading: 50
! URxvt*fadeColor: #0f0f0f
! XTerm*colorMode: on
! URxvt*dynamicColors: on
! URxvt*boldColors: off
URxvt*jumpScroll: true
! allow synthetic events for fvwm, so pass window specific keys
! XTerm*allowSendEvents: true
URxvt*allowSendEvents: false
! better double/tripple clicking in xterms
! Format: csv, [low-]high:value
!
! extend character class 48 due they are used in urls
! (see: man xterm; /CHARACTER CLASSES)
! ! % -./ @ & = ?
URxvt*charClass: 33:48,37:48,45-47:48,64:48,38:48,61:48,63:48
URxvt*cutNewline: False
URxvt*cutToBeginningOfLine: False
! BLACK for indigo background
URxvt*color0: #232342
! TODO: man xterm; /ACTIONS
! *VT100*colorULMode: on
! XTerm*underLine: on
!
! URxvt*color0: black
! URxvt*color1: red3
! URxvt*color2: green3
! URxvt*color3: yellow3
! URxvt*color4: blue2
! URxvt*color5: magenta3
! URxvt*color6: cyan3
! URxvt*color7: gray90
! URxvt*color8: burlywood1
! URxvt*color9: sienna1
! URxvt*color10: PaleVioletRed1
! URxvt*color11: LightSkyBlue
! URxvt*color12: white
! URxvt*color13: white
! URxvt*color14: white
! URxvt*color33: #f0b0f0
! URxvt*color0: #000000
! URxvt*color1: #c00000
! URxvt*color2: #80c070
URxvt*color3: #c07000
! URxvt*color4: #0000c0
URxvt*color4: #4040c0
! URxvt*color5: #c000c0
! URxvt*color6: #008080
URxvt*color7: #c0c0c0
URxvt*color8: #707070
URxvt*color9: #ff6060
URxvt*color10: #70ff70
URxvt*color11: #ffff70
URxvt*color12: #7070ff
URxvt*color13: #ff50ff
URxvt*color14: #70ffff
URxvt*color15: #ffffff
! XTerm*color91: #000070
! XTerm*color92: #000080
! XTerm*color93: #000090
! XTerm*color94: #0000a0
! XTerm*color95: #0000b0
! XTerm*color96: #0000c0
! XTerm*color97: #0000d0
! XTerm*color98: #0000e0
! XTerm*color99: #0000f0
! !! vim-create-colorscheme {{{
! !! Question cterm=none
! XTerm*color20: #f0b000
! !! }}}
!
!
! #include ".xrdb/look-zenburn.xrdb"
! #include ".xrdb/xterm.xrdb"
! URxvt.perl-ext: matcher
! URxvt.urlLauncher: cr
! URxvt.underlineColor: blue
! URxvt.matcher.button: 1
! URxvt.perl-ext: default,matcher
! URxvt.urlLauncher: cr
! URxvt.matcher.pattern.1: \\bwww\\.[\\w-]+\\.[\\w./?&@#-]*[\\w/-]
! URxvt.underlineColor: blue
! 2014-05-12 von lass
!URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select
!URxvt.url-select.launcher: /home/tv/bin/ff -new-tab
!URxvt.url-select.underline: true
!URxvt.keysym.M-u: perl:url-select:select_next
!URxvt.keysym.M-Escape: perl:keyboard-select:activate
!URxvt.keysym.M-s: perl:keyboard-select:search
! 2013-02-25 I neve use this
URxvt*iso14755: False
URxvt*urgentOnBell: True
URxvt*visualBell: True
! ref https://github.com/muennich/urxvt-perls
URxvt*perl-ext: default,url-select
URxvt*keysym.M-u: perl:url-select:select_next
URxvt*url-select.launcher: ${pkgs.ff}/bin/ff -new-tab
URxvt*url-select.underline: true
URxvt*colorUL: #4682B4
URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl
root-urxvt*background: #230000
root-urxvt*foreground: #e0c0c0
root-urxvt*BorderColor: #400000
root-urxvt*color0: #800000
''

View file

@ -0,0 +1,154 @@
{ config, lib, pkgs, ... }@args:
with lib;
let
# TODO krebs.build.user
user = config.users.users.tv;
out = {
services.xserver.display = 11;
services.xserver.tty = 11;
services.xserver.synaptics = {
enable = true;
twoFingerScroll = true;
accelFactor = "0.035";
};
fonts.fonts = [
pkgs.xlibs.fontschumachermisc
];
systemd.services.urxvtd = {
wantedBy = [ "multi-user.target" ];
reloadIfChanged = true;
serviceConfig = {
ExecReload = need-reload "urxvtd.service";
ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
Restart = "always";
RestartSec = "2s";
StartLimitBurst = 0;
User = user.name;
};
};
environment.systemPackages = [
pkgs.slock
];
security.setuidPrograms = [
"slock"
];
systemd.services.display-manager = mkForce {};
services.xserver.enable = true;
systemd.services.xmonad = {
wantedBy = [ "multi-user.target" ];
requires = [ "xserver.service" ];
environment = xmonad-environment;
serviceConfig = {
ExecStart = "${xmonad-start}/bin/xmonad";
ExecStop = "${xmonad-stop}/bin/xmonad-stop";
User = user.name;
WorkingDirectory = user.home;
};
};
systemd.services.xserver = {
after = [
"systemd-udev-settle.service"
"local-fs.target"
"acpid.service"
];
reloadIfChanged = true;
environment = xserver-environment;
serviceConfig = {
ExecReload = need-reload "xserver.service";
ExecStart = "${xserver}/bin/xserver";
};
};
};
xmonad-pkg = pkgs.haskellPackages.callPackage xmonad-src {};
xmonad-src = pkgs.writeNixFromCabal "xmonad.nix" ./xmonad;
xmonad-environment = {
DISPLAY = ":${toString config.services.xserver.display}";
XMONAD_STATE = "/tmp/xmonad.state";
# XXX JSON is close enough :)
XMONAD_WORKSPACES0_FILE = pkgs.writeText "xmonad.workspaces0" (toJSON [
"Dashboard" # we start here
"23"
"cr"
"ff"
"hack"
"im"
"mail"
"stockholm"
"za" "zj" "zs"
]);
};
xmonad-start = pkgs.writeScriptBin "xmonad" ''
#! ${pkgs.bash}/bin/bash
set -efu
export PATH; PATH=${makeSearchPath "bin" [
pkgs.rxvt_unicode
]}:/var/setuid-wrappers
settle() {(
# Use PATH for a clean journal
command=''${1##*/}
PATH=''${1%/*}; export PATH
shift
until "$command" "$@"; do
${pkgs.coreutils}/bin/sleep 1
done
)&}
settle ${pkgs.xorg.xhost}/bin/xhost +LOCAL:
settle ${pkgs.xorg.xrdb}/bin/xrdb -merge ${import ./Xresources.nix args}
settle ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c'
if test -e "$XMONAD_STATE"; then
IFS=''$'\n'
exec ${xmonad-pkg}/bin/xmonad --resume $(< "$XMONAD_STATE")
else
exec ${xmonad-pkg}/bin/xmonad
fi
'';
xmonad-stop = pkgs.writeScriptBin "xmonad-stop" ''
#! /bin/sh
exec ${xmonad-pkg}/bin/xmonad --shutdown
'';
xserver-environment = {
XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
LD_LIBRARY_PATH = concatStringsSep ":" (
[ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
++ concatLists (catAttrs "libPath" config.services.xserver.drivers));
};
xserver = pkgs.writeScriptBin "xserver" ''
#! /bin/sh
set -efu
exec ${pkgs.xorg.xorgserver}/bin/X \
:${toString config.services.xserver.display} \
vt${toString config.services.xserver.tty} \
-config ${import ./xserver.conf.nix args} \
-logfile /var/log/X.${toString config.services.xserver.display}.log \
-nolisten tcp \
-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb \
'';
need-reload = s: let
pkg = pkgs.writeScriptBin "need-reload" ''
#! /bin/sh
echo "$*"
'';
in "${pkg}/bin/need-reload ${s}";
in out

1
tv/2configs/xserver/xmonad/.gitignore vendored Normal file
View file

@ -0,0 +1 @@
/shell.nix

View file

@ -0,0 +1,261 @@
{-# LANGUAGE DeriveDataTypeable #-} -- for XS
{-# LANGUAGE LambdaCase #-}
{-# LANGUAGE ScopedTypeVariables #-}
module Main where
import Control.Exception
import Text.Read (readEither)
import XMonad
import System.Environment (getArgs, getEnv)
import XMonad.Prompt (defaultXPConfig)
import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace
, removeEmptyWorkspace)
import XMonad.Actions.GridSelect
import XMonad.Actions.CycleWS (toggleWS)
--import XMonad.Actions.CopyWindow ( copy )
import XMonad.Layout.NoBorders ( smartBorders )
import qualified XMonad.StackSet as W
import Data.Map (Map)
import qualified Data.Map as Map
-- TODO import XMonad.Layout.WorkspaceDir
import XMonad.Hooks.UrgencyHook (SpawnUrgencyHook(..), withUrgencyHook)
-- import XMonad.Layout.Tabbed
--import XMonad.Layout.MouseResizableTile
import XMonad.Layout.Reflect (reflectVert)
import XMonad.Layout.FixedColumn (FixedColumn(..))
import XMonad.Hooks.Place (placeHook, smart)
import XMonad.Hooks.FloatNext (floatNextHook)
import XMonad.Actions.PerWorkspaceKeys (chooseAction)
import XMonad.Layout.PerWorkspace (onWorkspace)
--import XMonad.Layout.BinarySpacePartition
--import XMonad.Actions.Submap
import Util.Pager
import Util.Rhombus
import Util.Debunk
import Util.Shutdown
myTerm :: String
myTerm = "urxvtc"
myRootTerm :: String
myRootTerm = "urxvtc -name root-urxvt -e su -"
myFont :: String
myFont = "-schumacher-*-*-*-*-*-*-*-*-*-*-*-iso10646-*"
main :: IO ()
main = getArgs >>= \case
["--shutdown"] -> sendShutdownEvent
_ -> mainNoArgs
mainNoArgs :: IO ()
mainNoArgs = do
workspaces0 <- getWorkspaces0
xmonad
-- $ withUrgencyHookC dzenUrgencyHook { args = ["-bg", "magenta", "-fg", "magenta", "-h", "2"], duration = 500000 }
-- urgencyConfig { remindWhen = Every 1 }
-- $ withUrgencyHook borderUrgencyHook "magenta"
-- $ withUrgencyHookC BorderUrgencyHook { urgencyBorderColor = "magenta" } urgencyConfig { suppressWhen = Never }
$ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ")
$ defaultConfig
{ terminal = myTerm
, modMask = mod4Mask
, keys = myKeys
, workspaces = workspaces0
, layoutHook = smartBorders $ myLayout
-- , handleEventHook = myHandleEventHooks <+> handleTimerEvent
--, handleEventHook = handleTimerEvent
, manageHook = placeHook (smart (1,0)) <+> floatNextHook
, startupHook = spawn "echo emit XMonadStartup"
, normalBorderColor = "#1c1c1c"
, focusedBorderColor = "#f000b0"
, handleEventHook = handleShutdownEvent
}
where
myLayout =
(onWorkspace "im" $ reflectVert $ Mirror $ Tall 1 (3/100) (12/13))
(FixedColumn 1 20 80 10 ||| Full)
getWorkspaces0 :: IO [String]
getWorkspaces0 =
try (getEnv "XMONAD_WORKSPACES0_FILE") >>= \case
Left e -> warn (displaySomeException e)
Right p -> try (readFile p) >>= \case
Left e -> warn (displaySomeException e)
Right x -> case readEither x of
Left e -> warn e
Right y -> return y
where
warn msg = putStrLn ("getWorkspaces0: " ++ msg) >> return []
displaySomeException :: SomeException -> String
displaySomeException = displayException
spawnTermAt :: String -> X ()
--spawnTermAt _ = floatNext True >> spawn myTerm
--spawnTermAt "ff" = floatNext True >> spawn myTerm
spawnTermAt _ = spawn myTerm
myKeys :: XConfig Layout -> Map (KeyMask, KeySym) (X ())
myKeys conf = Map.fromList $
[ ((_4 , xK_Escape ), spawn "/var/setuid-wrappers/slock")
, ((_4S , xK_c ), kill)
, ((_4 , xK_x ), chooseAction spawnTermAt)
, ((_4C , xK_x ), spawn myRootTerm)
--, ((_4M , xK_x ), spawn "xterm")
--, ((_4M , xK_x ), mySpawn "xterm")
--, ((_4 , xK_F1 ), withFocused jojo)
--, ((_4 , xK_F1 ), printAllGeometries)
, ((0 , xK_Menu ), gets windowset >>= allWorkspaceNames >>= pager pagerConfig (windows . W.view) )
, ((_S , xK_Menu ), gets windowset >>= allWorkspaceNames >>= pager pagerConfig (windows . W.shift) )
, ((_C , xK_Menu ), toggleWS)
, ((_4 , xK_Menu ), rhombus horseConfig (liftIO . printToErrors) ["Correct", "Horse", "Battery", "Staple", "Stuhl", "Tisch"] )
-- %! Rotate through the available layout algorithms
, ((_4 , xK_space ), sendMessage NextLayout)
, ((_4S , xK_space ), setLayout $ XMonad.layoutHook conf) -- reset layout
---- BinarySpacePartition
--, ((_4 , xK_l), sendMessage $ ExpandTowards R)
--, ((_4 , xK_h), sendMessage $ ExpandTowards L)
--, ((_4 , xK_j), sendMessage $ ExpandTowards D)
--, ((_4 , xK_k), sendMessage $ ExpandTowards U)
--, ((_4S , xK_l), sendMessage $ ShrinkFrom R)
--, ((_4S , xK_h), sendMessage $ ShrinkFrom L)
--, ((_4S , xK_j), sendMessage $ ShrinkFrom D)
--, ((_4S , xK_k), sendMessage $ ShrinkFrom U)
--, ((_4 , xK_n), sendMessage Rotate)
--, ((_4S , xK_n), sendMessage Swap)
---- mouseResizableTile
--, ((_4 , xK_u), sendMessage ShrinkSlave)
--, ((_4 , xK_i), sendMessage ExpandSlave)
-- move focus up or down the window stack
--, ((_4 , xK_m ), windows W.focusMaster)
, ((_4 , xK_j ), windows W.focusDown)
, ((_4 , xK_k ), windows W.focusUp)
-- modifying the window order
, ((_4S , xK_m ), windows W.swapMaster)
, ((_4S , xK_j ), windows W.swapDown)
, ((_4S , xK_k ), windows W.swapUp)
-- resizing the master/slave ratio
, ((_4 , xK_h ), sendMessage Shrink) -- %! Shrink the master area
, ((_4 , xK_l ), sendMessage Expand) -- %! Expand the master area
-- floating layer support
, ((_4 , xK_t ), withFocused $ windows . W.sink) -- make tiling
-- increase or decrease number of windows in the master area
, ((_4 , xK_comma ), sendMessage $ IncMasterN 1)
, ((_4 , xK_period ), sendMessage $ IncMasterN (-1))
, ((_4 , xK_a ), addWorkspacePrompt defaultXPConfig)
, ((_4 , xK_r ), renameWorkspace defaultXPConfig)
, ((_4 , xK_Delete ), removeEmptyWorkspace)
, ((_4 , xK_Return ), toggleWS)
--, (0 , xK_Menu ) & \k -> (k, gridselectWorkspace wsGSConfig { gs_navigate = makeGSNav k } W.view)
--, (_4 , xK_v ) & \k -> (k, gridselectWorkspace wsGSConfig { gs_navigate = makeGSNav k } W.view)
--, (_4S , xK_v ) & \k -> (k, gridselectWorkspace wsGSConfig { gs_navigate = makeGSNav k } W.shift)
--, (_4 , xK_b ) & \k -> (k, goToSelected wGSConfig { gs_navigate = makeGSNav k })
]
where
_4 = mod4Mask
_C = controlMask
_S = shiftMask
_M = mod1Mask
_4C = _4 .|. _C
_4S = _4 .|. _S
_4M = _4 .|. _M
_4CM = _4 .|. _C .|. _M
_4SM = _4 .|. _S .|. _M
pagerConfig :: PagerConfig
pagerConfig = defaultPagerConfig
{ pc_font = myFont
, pc_cellwidth = 64
--, pc_cellheight = 36 -- TODO automatically keep screen aspect
--, pc_borderwidth = 1
--, pc_matchcolor = "#f0b000"
, pc_matchmethod = MatchPrefix
--, pc_colors = pagerWorkspaceColors
, pc_windowColors = windowColors
}
where
windowColors _ _ _ True _ = ("#ef4242","#ff2323")
windowColors wsf m c u wf = do
let def = defaultWindowColors wsf m c u wf
if m == False && wf == True
then ("#402020", snd def)
else def
horseConfig :: RhombusConfig
horseConfig = defaultRhombusConfig
{ rc_font = myFont
, rc_cellwidth = 64
--, rc_cellheight = 36 -- TODO automatically keep screen aspect
--, rc_borderwidth = 1
--, rc_matchcolor = "#f0b000"
, rc_matchmethod = MatchPrefix
--, rc_colors = pagerWorkspaceColors
--, rc_paint = myPaint
}
wGSConfig :: GSConfig Window
wGSConfig = defaultGSConfig
{ gs_cellheight = 20
, gs_cellwidth = 192
, gs_cellpadding = 5
, gs_font = myFont
, gs_navigate = navNSearch
}
-- wsGSConfig = defaultGSConfig
-- { gs_cellheight = 20
-- , gs_cellwidth = 64
-- , gs_cellpadding = 5
-- , gs_font = myFont
-- , gs_navigate = navNSearch
-- }
-- custom navNSearch
--makeGSNav :: (KeyMask, KeySym) -> TwoD a (Maybe a)
--makeGSNav esc = nav
-- where
-- nav = makeXEventhandler $ shadowWithKeymap keyMap navNSearchDefaultHandler
-- keyMap = Map.fromList
-- [ (esc , cancel)
-- , ((0,xK_Escape) , cancel)
-- , ((0,xK_Return) , select)
-- , ((0,xK_Left) , move (-1, 0) >> nav)
-- , ((0,xK_Right) , move ( 1, 0) >> nav)
-- , ((0,xK_Down) , move ( 0, 1) >> nav)
-- , ((0,xK_Up) , move ( 0,-1) >> nav)
-- , ((0,xK_BackSpace) , transformSearchString (\s -> if (s == "") then "" else init s) >> nav)
-- ]
-- -- The navigation handler ignores unknown key symbols, therefore we const
-- navNSearchDefaultHandler (_,s,_) = do
-- transformSearchString (++ s)
-- nav
(&) :: a -> (a -> c) -> c
(&) = flip ($)
allWorkspaceNames :: W.StackSet i l a sid sd -> X [i]
allWorkspaceNames ws =
return $ map W.tag (W.hidden ws) ++ [W.tag $ W.workspace $ W.current ws]

View file

@ -0,0 +1,16 @@
module Util.Debunk
( printToErrors
) where
import XMonad
import System.FilePath ( (</>) )
import Control.Exception ( bracket )
import System.IO ( hPrint, stderr, openFile, hClose, IOMode( AppendMode ) )
printToErrors x = do
dir <- getXMonadDir
let base = dir </> "xmonad"
err = base ++ ".errors"
bracket (openFile err AppendMode) hClose $ \h -> hPrint h x

View file

@ -0,0 +1,123 @@
{-# LANGUAGE CPP #-}
module Util.Font
( printStringCentered
, printStringXMF'
) where
import XMonad
import XMonad.Util.Font
printStringCentered :: (Functor m, MonadIO m)
=> Display -> Drawable -> XMonadFont
-> GC -> Rectangle -> String
-> m ()
printStringCentered d p xmf gc r s = do
let x = rect_x r
y = rect_y r
w = rect_width r
h = rect_height r
text_w <- textWidthXMF d xmf s
(text_ascent, _) <- textExtentsXMF xmf s
let text_x = x + round ((fi w - fi text_w) / 2)
text_y = y + round ((fi h + fi text_h) / 2)
text_h = text_ascent
printStringXMF' d p xmf gc "" "" text_x text_y s
-- from xmonad-contrib's XMonad.Util.Font, (c) 2007 Andrea Rossato and Spencer Janssen
printStringXMF' :: (Functor m, MonadIO m) => Display -> Drawable -> XMonadFont -> GC -> String -> String
-> Position -> Position -> String -> m ()
printStringXMF' d p (Core fs) gc fc bc x y s = io $ do
setFont d gc $ fontFromFontStruct fs
--tv [fc',bc'] <- mapM (stringToPixel d) [fc,bc]
--tv setForeground d gc fc'
--tv setBackground d gc bc'
drawImageString d p gc x y s
printStringXMF' d p (Utf8 fs) gc fc bc x y s = io $ do
--tv [fc',bc'] <- mapM (stringToPixel d) [fc,bc]
--tv setForeground d gc fc'
--tv setBackground d gc bc'
io $ wcDrawImageString d p fs gc x y s
#ifdef XFT
printStringXMF' dpy drw fs@(Xft font) gc fc bc x y s = do
let screen = defaultScreenOfDisplay dpy
colormap = defaultColormapOfScreen screen
visual = defaultVisualOfScreen screen
--tv bcolor <- stringToPixel dpy bc
(a,d) <- textExtentsXMF fs s
gi <- io $ xftTextExtents dpy font s
--tv io $ setForeground dpy gc bcolor
io $ fillRectangle dpy drw gc (x - fi (xglyphinfo_x gi))
(y - fi a)
(fi $ xglyphinfo_xOff gi)
(fi $ a + d)
io $ withXftDraw dpy drw visual colormap $
\draw -> withXftColorName dpy visual colormap fc $
\color -> xftDrawString draw color font x y s
#endif
-- --my_printStringXMF :: (Functor m, MonadIO m) => Display -> Drawable -> XMonadFont -> GC -> String -> String
-- -- -> Position -> Position -> String -> m ()
-- my_printStringXMF (Core fs) d p gc x y s = do
-- setFont d gc $ fontFromFontStruct fs
-- -- [fc',bc'] <- mapM (stringToPixel d) [fc,bc]
-- -- setForeground d gc fc'
-- -- setBackground d gc bc'
-- drawImageString d p gc x y s
-- my_printStringXMF (Utf8 fs) d p gc x y s = do
-- -- [fc',bc'] <- mapM (stringToPixel d) [fc,bc]
-- -- setForeground d gc fc'
-- -- setBackground d gc bc'
-- wcDrawImageString d p fs gc x y s
-- #ifdef XFT
-- my_printStringXMF dpy drw fs@(Xft font) gc fc bc x y s = do
-- let screen = defaultScreenOfDisplay dpy
-- colormap = defaultColormapOfScreen screen
-- visual = defaultVisualOfScreen screen
-- bcolor <- stringToPixel dpy bc
-- (a,d) <- textExtentsXMF fs s
-- gi <- io $ xftTextExtents dpy font s
-- io $ setForeground dpy gc bcolor
-- io $ fillRectangle dpy drw gc (x - fromIntegral (xglyphinfo_x gi))
-- (y - fromIntegral a)
-- (fromIntegral $ xglyphinfo_xOff gi)
-- (fromIntegral $ a + d)
-- io $ withXftDraw dpy drw visual colormap $
-- \draw -> withXftColorName dpy visual colormap fc $
-- \color -> xftDrawString draw color font x y s
-- #endif
-- --textWidthXMF :: MonadIO m => Display -> XMonadFont -> String -> m Int
-- my_textWidthXMF _ (Utf8 fs) s = return $ fromIntegral $ wcTextEscapement fs s
-- my_textWidthXMF _ (Core fs) s = return $ fromIntegral $ textWidth fs s
-- #ifdef XFT
-- my_TextWidthXMF dpy (Xft xftdraw) s = liftIO $ do
-- gi <- xftTextExtents dpy xftdraw s
-- return $ xglyphinfo_xOff gi
-- #endif
--
-- my_textExtentsXMF :: MonadIO m => XMonadFont -> String -> m (Int32,Int32)
-- my_textExtentsXMF (Utf8 fs) s = do
-- let (_,rl) = wcTextExtents fs s
-- ascent = fromIntegral $ - (rect_y rl)
-- descent = fromIntegral $ rect_height rl + (fromIntegral $ rect_y rl)
-- return (ascent, descent)
-- my_textExtentsXMF (Core fs) s = do
-- let (_,a,d,_) = textExtents fs s
-- return (a,d)
-- #ifdef XFT
-- my_textExtentsXMF (Xft xftfont) _ = io $ do
-- ascent <- fromIntegral `fmap` xftfont_ascent xftfont
-- descent <- fromIntegral `fmap` xftfont_descent xftfont
-- return (ascent, descent)
-- #endif

View file

@ -0,0 +1,172 @@
module Util.Pager
( defaultPagerConfig
, defaultWindowColors
, defaultWorkspaceColors
, MatchMethod(..)
, pager
, PagerConfig(..)
) where
import Data.List ( find )
import Data.Maybe ( catMaybes )
import Graphics.X11
import Util.Rhombus
import XMonad
import qualified XMonad.StackSet as W
import XMonad.Hooks.UrgencyHook
import XMonad.Util.Font ( fi, stringToPixel )
data PagerConfig = PagerConfig
{ pc_font :: String
, pc_cellwidth :: Dimension
, pc_margin :: Dimension
, pc_matchmethod :: MatchMethod
, pc_wrap :: Bool
, pc_workspaceColors :: Bool -> Bool -> Bool -> (String, String, String)
, pc_windowColors :: Bool -> Bool -> Bool -> Bool -> Bool -> (String, String)
}
defaultPagerConfig :: PagerConfig
defaultPagerConfig = PagerConfig "xft:Sans-8" 100 0 MatchInfix True defaultWorkspaceColors defaultWindowColors
pager :: PagerConfig -> (String -> X ()) -> [String] -> X ()
pager pc = rhombus defaultRhombusConfig
{ rc_font = pc_font pc
, rc_cellwidth = pc_cellwidth pc
, rc_margin = pc_margin pc
, rc_matchmethod = pc_matchmethod pc
, rc_wrap = pc_wrap pc
, rc_colors = pc_workspaceColors pc
, rc_paint = pagerPaint pc
}
defaultWorkspaceColors :: Bool -- workspace has focus
-> Bool -- workspace name matches incremental search
-> Bool -- workspace is the current one
-> (String, String, String) -- workspace border, background color, and foreground color
defaultWorkspaceColors False False False = ("#101010","#050505","#202020")
defaultWorkspaceColors False False True = ("#101010","#050505","#202020")
defaultWorkspaceColors False True False = ("#404040","#202020","#b0b0b0")
defaultWorkspaceColors False True True = ("#101010","#050505","#505050")
defaultWorkspaceColors True _ False = ("#808020","#404010","#f0f0b0")
defaultWorkspaceColors True _ True = ("#404010","#202005","#909050")
defaultWindowColors :: Bool -- window's workspace has focus
-> Bool -- window's workspace name matches incremental search
-> Bool -- window's workspace the current one
-> Bool -- window is urgent
-> Bool -- window has focus
-> (String, String) -- window border and background color
defaultWindowColors wsf m c u True = ("#802020", snd $ defaultWindowColors wsf m c u False)
defaultWindowColors False False False False _ = ("#111111","#060606")
defaultWindowColors False False False True _ = ("#802020","#401010")
defaultWindowColors False False True False _ = ("#101010","#050505")
defaultWindowColors False False True True _ = ("#401010","#200505")
defaultWindowColors False True False False _ = ("#202080","#101040")
defaultWindowColors False True False True _ = ("#802080","#401040")
defaultWindowColors False True True False _ = ("#101040","#100520")
defaultWindowColors False True True True _ = ("#401040","#200520")
defaultWindowColors True False False False _ = ("#208020","#104010")
defaultWindowColors True False False True _ = ("#808020","#404010")
defaultWindowColors True False True False _ = ("#104010","#052005")
defaultWindowColors True False True True _ = ("#404010","#202005")
defaultWindowColors True True False False _ = ("#208080","#104040")
defaultWindowColors True True False True _ = ("#808080","#404040")
defaultWindowColors True True True False _ = ("#104040","#102020")
defaultWindowColors True True True True _ = ("#404040","#202020")
pagerPaint ::
PagerConfig
-> RhombusConfig
-> Display
-> Drawable
-> GC
-> WorkspaceId
-> Rectangle
-> Bool
-> Bool
-> Bool
-> X ()
pagerPaint pc rc d p gc t r focus match current = do
ss <- gets windowset
let x = rect_x r
y = rect_y r
urgents <- readUrgents
let foci = map W.focus $ catMaybes $ map W.stack $ W.workspaces ss
let color = pc_windowColors pc focus match current -- :: Bool -> (String, String)
(_, _, _fg_color) = pc_workspaceColors pc focus match current
fg_color <- stringToPixel d _fg_color
let r = screenRect $ W.screenDetail $ W.current ss
let a = fi (rect_width r) / fi (rect_height r)
let scale = fi (rc_cellwidth rc) / fi (rect_width r)
-- TODO whenNothing print error
whenJust (findWorkspace t ss) $ \ ws -> do
whenJust (W.stack ws) $ \ s ->
withDisplay $ \ d -> io $ do
let color' w = color (w `elem` urgents) (w `elem` foci)
-- TODO painting of floating windows is broken
mapM_ (drawMiniWindow d p gc x y color' scale) (W.down s)
drawMiniWindow d p gc x y color' scale (W.focus s)
mapM_ (drawMiniWindow d p gc x y color' scale) (W.up s)
drawMiniWindow
:: RealFrac a
=> Display
-> Drawable
-> GC
-> Position
-> Position
-> (Window -> (String, String))
-> a
-> Window
-> IO ()
drawMiniWindow d p gc ox oy color s win = do
let scale x = round $ fi x * s
wa <- getWindowAttributes d win
let x = ox + (scale $ wa_x wa)
y = oy + (scale $ wa_y wa)
w = (scale $ wa_width wa)
h = (scale $ wa_height wa)
let (fg, bg) = color win
fg' <- stringToPixel d fg
bg' <- stringToPixel d bg
setForeground d gc bg'
fillRectangle d p gc (x + 1) (y + 1) (w - 2) (h - 2)
setForeground d gc fg'
drawLines d p gc
[ Point x y
, Point (fi w - 1) 0
, Point 0 (fi h - 2)
, Point (- fi w + 1) 0
, Point 0 (- fi h + 2)
]
coordModePrevious
-- TODO externalize findWorkspace
findWorkspace :: (Eq i) => i -> W.StackSet i l a sid sd -> Maybe (W.Workspace i l a)
findWorkspace t ss = find ((==)t . W.tag) (W.workspaces ss)

View file

@ -0,0 +1,370 @@
module Util.Rhombus
( defaultRhombusConfig
, MatchMethod(..)
, rhombus
, RhombusConfig(..)
, RhombusState(..)
) where
import Control.Monad ( forM_, zipWithM_ )
import Data.Char
import Data.List
import Data.Ord
import Data.Map ( fromList )
import Data.Maybe ( isJust, fromJust )
import XMonad
import XMonad.StackSet hiding ( filter )
import XMonad.Util.Font
import XMonad.Util.Image ( drawIcon )
import XMonad.Util.XUtils
import Util.Debunk
import Util.Submap
import Util.XUtils
import Util.Font
data MatchMethod = MatchInfix | MatchPrefix
data RhombusConfig = RhombusConfig
{ rc_font :: String
, rc_cellwidth :: Dimension
, rc_margin :: Dimension
, rc_matchmethod :: MatchMethod
, rc_wrap :: Bool
, rc_colors :: Bool -> Bool -> Bool -> (String, String, String)
, rc_paint :: RhombusConfig -> Display -> Pixmap -> GC -> String -> Rectangle -> Bool -> Bool -> Bool -> X ()
}
-- TODO currently xft is broken
defaultRhombusConfig = RhombusConfig "xft:Sans-8" 100 0 MatchInfix True stupidColors noPaint
where
stupidColors _ _ _ = ("red", "magenta", "yellow")
noPaint _ _ _ _ _ _ _ _ _ = return ()
data RhombusState = RhombusState
{ rs_window :: Window
, rs_search :: String
, rs_font :: XMonadFont
, rs_focus :: (Position, Position)
, rs_strings :: [String]
}
reachableCoords :: RhombusState -> [(Position, Position)]
reachableCoords RhombusState{rs_strings=xs} = take (length xs) wave
matchingReachableCoords :: RhombusConfig -> RhombusState -> [(Position, Position)]
matchingReachableCoords rc rs =
snd $ unzip
$ filter (isXOf (rc_matchmethod rc) (rs_search rs) . fst)
$ zip (rs_strings rs) (reachableCoords rs)
match :: MatchMethod -> String -> [String] -> Maybe String
match m s ws = do
let cands = filter (isXOf m s) ws
if length cands == 1
then Just $ head cands
else Nothing
rhombus :: RhombusConfig -> (String -> X ()) -> [String] -> X ()
rhombus rc viewFunc as = withGrabbedKeyboard $ do
rs <- newRhombus rc as
--redraw rc rs
showWindow (rs_window rs)
rhombusMode viewFunc rc rs
rhombusMode :: (String -> X ()) -> RhombusConfig -> RhombusState -> X ()
rhombusMode viewFunc rc rs =
case match (rc_matchmethod rc) (rs_search rs) (init $ rs_strings rs) of
Nothing -> redraw rc rs >> submapString def keys
Just i -> removeRhombus rs >> viewFunc i
where
def (ch:[]) | isPrint ch =
incSearchPushChar ch rs >>= rhombusMode viewFunc rc
def _ =
failbeep >> rhombusMode viewFunc rc rs
keys = fromList $
[ ((0 , xK_BackSpace ), incSearchPopChar rs >>= rhombusMode viewFunc rc)
, ((0 , xK_Escape ), removeRhombus rs)
, ((0 , xK_Menu ), removeRhombus rs)
, ((0 , xK_Left ), goto rc (-1, 0) rs >>= rhombusMode viewFunc rc)
, ((0 , xK_Right ), goto rc ( 1, 0) rs >>= rhombusMode viewFunc rc)
, ((0 , xK_Up ), goto rc ( 0,-1) rs >>= rhombusMode viewFunc rc)
, ((0 , xK_Down ), goto rc ( 0, 1) rs >>= rhombusMode viewFunc rc)
, ((0 , xK_Tab ), gotoNextMatch rc rs >>= rhombusMode viewFunc rc)
, ((_S , xK_Tab ), gotoPrevMatch rc rs >>= rhombusMode viewFunc rc)
, ((0 , xK_Return ), removeRhombus rs >> return (selectFocused rs) >>= viewFunc)
]
_S = shiftMask
-- TODO make failbeep configurable
failbeep = spawn "beep -l 100 -f 500"
goto :: RhombusConfig -> (Position, Position) -> RhombusState -> X RhombusState
goto RhombusConfig{rc_wrap=True} xy rs = maybe (failbeep >> return rs) return $ wrapFocus xy rs
goto RhombusConfig{rc_wrap=False} xy rs = maybe (failbeep >> return rs) return $ moveFocus xy rs
moveFocus :: (Position, Position) -> RhombusState -> Maybe RhombusState
moveFocus (dx, dy) rs@RhombusState{rs_focus=(x,y)} = do
let focus' = (x + dx, y + dy)
if elem focus' (reachableCoords rs)
then Just rs { rs_focus = focus' }
else Nothing
wrapFocus :: (Position, Position) -> RhombusState -> Maybe RhombusState
wrapFocus (0, dy) rs@RhombusState{rs_focus=focus} = do
let column = sortBy (comparing snd) $ filter ((==) (fst focus) . fst) (reachableCoords rs)
i <- elemIndex focus column
return rs { rs_focus = column `modIndex` (i + fromIntegral dy) }
wrapFocus (dx, 0) rs@RhombusState{rs_focus=focus} = do
let column = sortBy (comparing fst) $ filter ((==) (snd focus) . snd) (reachableCoords rs)
i <- elemIndex focus column
return rs { rs_focus = column `modIndex` (i + fromIntegral dx) }
wrapFocus _ _ = Nothing
gotoPrevMatch :: RhombusConfig -> RhombusState -> X RhombusState
gotoPrevMatch rc rs@RhombusState{rs_focus=focus} = do
case reverse (matchingReachableCoords rc rs) of
[] -> failbeep >> return rs
xs -> return rs
{ rs_focus = maybe (head xs)
(modIndex xs . (+1))
(focus `elemIndex` xs)
}
gotoNextMatch :: RhombusConfig -> RhombusState -> X RhombusState
gotoNextMatch rc rs@RhombusState{rs_focus=focus} = do
case matchingReachableCoords rc rs of
[] -> failbeep >> return rs
xs -> return rs
{ rs_focus = maybe (head xs)
(modIndex xs . (+1))
(focus `elemIndex` xs)
}
selectFocused :: RhombusState -> String
selectFocused rs =
-- TODO the rhombus must never "focus" something inexistent
fromJust $ lookup (rs_focus rs) $ zip wave (rs_strings rs)
incSearchPushChar :: Char -> RhombusState -> X RhombusState
incSearchPushChar c rs = return rs { rs_search = rs_search rs ++ [c] }
incSearchPopChar :: RhombusState -> X RhombusState
-- only rubout if we have at least one char
incSearchPopChar rs@RhombusState{rs_search=xs@(_:_)} =
return rs { rs_search = init xs }
incSearchPopChar rs = return rs
redraw :: RhombusConfig -> RhombusState -> X ()
redraw rc rs = do
ss <- gets windowset
let Screen _ _ (SD (Rectangle _ _ s_width s_height)) = current ss
-- TODO this let is duplicated in newRhombus
let scale x = x * cell_w `div` s_width -- TODO use bw
cell_w = rc_cellwidth rc
cell_h = scale s_height
-- txy is the top-left corner of the first (center) cell
-- XXX div and (-) are not distributive
-- we could round $ (s_* - cell_*) / 2, though...
tx = fi $ s_width `div` 2 - cell_w `div` 2
ty = fi $ s_height `div` 2 - cell_h `div` 2
margin = rc_margin rc
-- dxy are the outer cell dimensions (i.e. including the border)
dx = fi $ cell_w + 2 + margin
dy = fi $ cell_h + 2 + margin
paint = rc_paint rc
xmf = rs_font rs
tags = rs_strings rs
--currentTag = last tags
withDisplay $ \ d -> do
-- XXX we cannot use withPixmapAndGC because rc_paint is an X monad
p <- io $ createPixmap d (rs_window rs) s_width s_height (defaultDepthOfScreen $ defaultScreenOfDisplay d)
g <- io $ createGC d p
-- TODO fixme
color_black <- stringToPixel d "black"
forZipWithM_ tags (reachableCoords rs) $ \ tag oxy@(ox, oy) -> do
let focus = oxy == rs_focus rs
match = isXOf (rc_matchmethod rc) (rs_search rs) tag
current = tag == last tags
(_b_color, _bg_color, _fg_color) = rc_colors rc focus match current
--cell_x = (ox * dx) + x - fi (cell_w `div` 2)
--cell_y = (oy * dy) + y - fi (cell_h `div` 2)
cell_x = (ox * dx) + tx + 1
cell_y = (oy * dy) + ty + 1
b_color <- stringToPixel d _b_color
bg_color <- stringToPixel d _bg_color
fg_color <- stringToPixel d _fg_color
-- draw background
io $ setForeground d g bg_color
io $ fillRectangle d p g cell_x cell_y cell_w cell_h
-- draw border
io $ setForeground d g b_color
io $ drawLines d p g
[ Point (cell_x - 1) (cell_y - 1)
, Point (fi cell_w + 1) 0
, Point 0 (fi cell_h + 1)
, Point (-(fi cell_w + 1)) 0
, Point 0 (-(fi cell_h + 1))
]
coordModePrevious
-- custom draw
paint rc d p g tag (Rectangle cell_x cell_y cell_w cell_h) focus match current
-- paint text
-- TODO custom paint text?
-- TODO withCopyArea
io $ withPixmapAndGC d p s_width s_height (defaultDepthOfScreen $ defaultScreenOfDisplay d) $ \ f_pm f_gc -> do
withPixmapAndGC d f_pm s_width s_height 1 $ \ clip_mask clip_gc -> do
setForeground d clip_gc 0
setBackground d clip_gc 0
fillRectangle d clip_mask clip_gc 0 0 s_width s_height
setForeground d clip_gc 1
let r = Rectangle cell_x cell_y cell_w cell_h
printStringCentered d clip_mask xmf clip_gc r tag
setForeground d f_gc fg_color
setBackground d f_gc color_black -- TODO
printStringCentered d f_pm xmf f_gc r tag
setClipMask d f_gc clip_mask
copyArea d f_pm p f_gc 0 0 s_width s_height 0 0
io $ copyArea d p (rs_window rs) g 0 0 s_width s_height 0 0
io $ freePixmap d p
io $ freeGC d g
newRhombus :: RhombusConfig -> [String] -> X RhombusState
newRhombus rc tags = do
ss <- gets windowset
let Screen _ _ (SD (Rectangle _ _ s_width s_height)) = current ss
(_, def_win_bg, _) = rc_colors rc False True False
-- TODO this let is duplicated in redraw
let scale x = x * cell_w `div` s_width -- TODO use bw
cell_w = rc_cellwidth rc
cell_h = scale s_height
-- TODO don't delete this let but use it instead of s_{width,height}
-- (xcoords, ycoords) = unzip $ take (length tags) wave -- this is reachableCoords
-- win_width = (maximum xcoords - minimum xcoords) * dx
-- win_height = (maximum ycoords - minimum ycoords) * dy
-- txy is the top-left corner of the first (center) cell
-- XXX div and (-) are not distributive
-- we could round $ (s_* - cell_*) / 2, though...
tx = fi $ s_width `div` 2 - cell_w `div` 2
ty = fi $ s_height `div` 2 - cell_h `div` 2
margin = rc_margin rc
-- dxy are the outer cell dimensions (i.e. including the border)
dx = fi $ cell_w + 2 + margin
dy = fi $ cell_h + 2 + margin
fn <- initXMF (rc_font rc)
win <- createNewWindow (Rectangle 0 0 s_width s_height) Nothing def_win_bg True
withDisplay $ \ d ->
io $ shapeWindow d win $ \ p g ->
forZipWithM_ tags wave $ \ _ (ox, oy) ->
fillRectangle d p g (tx + ox * dx) (ty + oy * dy) (fi cell_w + 2) (fi cell_h + 2)
return $ RhombusState win "" fn (0,0) tags
removeRhombus :: RhombusState -> X ()
removeRhombus (RhombusState w _ fn _ _) = do
deleteWindow w
releaseXMF fn
wave :: [(Position, Position)]
wave = zip (0:(concat $ map (\i -> [0..i]++[i-1,i-2..1] ++ [0,-1..(-i)]++[-i,-i+1..(-1)]) [1..])) (concat $ map (\i -> [0..i]++[i-1,i-2..1] ++ [0,-1..(-i)]++[-i+1,-i+2..(-1)]) [1..])
where
wave1 = 0:(concat $ map (\i -> [0..i]++[i-1,i-2..1] ++ [0,-1..(-i)]++[-i,-i+1..(-1)]) [1..])
wave2 = concat $ map (\i -> [0..i]++[i-1,i-2..1] ++ [0,-1..(-i)]++[-i+1,-i+2..(-1)]) [1..]
commonPrefix (x:xs) (y:ys) | x == y = x:commonPrefix xs ys
commonPrefix _ _ = []
isXOf :: MatchMethod -> String -> String -> Bool
isXOf MatchInfix = isInfixOf
isXOf MatchPrefix = isPrefixOf
findXIndex :: (Eq a) => MatchMethod -> [a] -> [a] -> Maybe Int
findXIndex MatchInfix = findInfixIndex
findXIndex MatchPrefix = findPrefixIndex
findInfixIndex :: (Eq a) => [a] -> [a] -> Maybe Int
findInfixIndex needle haystack
= (\x -> if null x then Nothing else Just (fst $ head x))
. dropWhile (\(_,x) -> not $ isPrefixOf needle x)
$ zip [0..] (tails haystack)
findPrefixIndex :: (Eq a) => [a] -> [a] -> Maybe Int
findPrefixIndex needle haystack =
if isPrefixOf needle haystack
then Just 0
else Nothing
modIndex :: Integral i => [a] -> i -> a
modIndex xs i = xs `genericIndex` (i `mod` genericLength xs)
forZipWithM_ a b f = zipWithM_ f a b
withGrabbedKeyboard f = do
XConf { theRoot = root, display = d } <- ask
catchX (io (grabKeyboard d root False grabModeAsync grabModeAsync currentTime) >> f)
(return ())
io $ ungrabKeyboard d currentTime

View file

@ -0,0 +1,53 @@
{-# LANGUAGE LambdaCase #-}
module Util.Shutdown
( sendShutdownEvent
, handleShutdownEvent
, shutdown
)
where
import Control.Monad
import Data.Monoid
import Data.Maybe (catMaybes)
import qualified Data.Map as Map
import System.Environment (getEnv)
import System.Exit (exitSuccess)
import XMonad
import qualified XMonad.StackSet as W
sendShutdownEvent :: IO ()
sendShutdownEvent = do
dpy <- openDisplay ""
rw <- rootWindow dpy $ defaultScreen dpy
a <- internAtom dpy "XMONAD_SHUTDOWN" False
allocaXEvent $ \e -> do
setEventType e clientMessage
setClientMessageEvent e rw a 32 0 currentTime
sendEvent dpy rw False structureNotifyMask e
sync dpy False
handleShutdownEvent :: Event -> X All
handleShutdownEvent = \case
ClientMessageEvent { ev_message_type = mt } -> do
c <- (mt ==) <$> getAtom "XMONAD_SHUTDOWN"
when c shutdown
return (All c)
_ ->
return (All True)
shutdown :: X ()
shutdown = do
broadcastMessage ReleaseResources
io . flush =<< asks display
let wsData = show . W.mapLayout show . windowset
maybeShow (t, Right (PersistentExtension ext)) = Just (t, show ext)
maybeShow (t, Left str) = Just (t, str)
maybeShow _ = Nothing
extState =
return . show . catMaybes . map maybeShow . Map.toList . extensibleState
s <- gets (\s -> (wsData s : extState s))
_ <- io $ do
path <- getEnv "XMONAD_STATE"
writeFile path (concatMap (++"\n") s)
exitSuccess
return ()

View file

@ -0,0 +1,31 @@
-- This module is based on Jason Creighton's XMonad.Actions.Submap
module Util.Submap
( submapString
) where
import Data.Bits
import XMonad hiding (keys)
import qualified Data.Map as M
import Control.Monad.Fix (fix)
-- | Like 'XMonad.Actions.Submap.submapDefault', but provides the looked up string to the default action.
submapString :: (String -> X ()) -> M.Map (KeyMask, KeySym) (X ()) -> X ()
submapString def keys = do
XConf { theRoot = root, display = d } <- ask
(m, s, str) <- io $ allocaXEvent $ \p -> fix $ \nextkey -> do
maskEvent d keyPressMask p
KeyEvent { ev_keycode = code, ev_state = m } <- getEvent p
keysym <- keycodeToKeysym d code 0
if isModifierKey keysym
then nextkey
else do
(mbKeysym, str) <- lookupString (asKeyEvent p)
return (m, keysym, str)
-- Remove num lock mask and Xkb group state bits
m' <- cleanMask $ m .&. ((1 `shiftL` 12) - 1)
maybe (def str) id (M.lookup (m', s) keys)

View file

@ -0,0 +1,47 @@
module Util.XUtils
( shapeWindow
, withGC
, withPixmap
, withPixmapAndGC
) where
import Control.Exception ( bracket )
import Foreign.C.Types ( CInt )
import Graphics.X11.Xlib
import Graphics.X11.Xlib.Extras
import Graphics.X11.Xshape
shapeWindow :: Display -> Window -> (Pixmap -> GC -> IO ()) -> IO ()
shapeWindow d w f = do
wa <- getWindowAttributes d w
let width = fromIntegral $ wa_width wa
height = fromIntegral $ wa_height wa
withPixmapAndGC d w width height 1 $ \ p g -> do
setForeground d g 0
fillRectangle d p g 0 0 width height
setForeground d g 1
f p g
xshapeCombineMask d w shapeBounding 0 0 p shapeSet
withGC :: Display -> Drawable -> (GC -> IO ()) -> IO ()
withGC d p =
bracket (createGC d p) (freeGC d)
withPixmap :: Display -> Drawable -> Dimension -> Dimension -> CInt -> (Pixmap -> IO ()) -> IO ()
withPixmap d p w h depth =
bracket (createPixmap d p w h depth) (freePixmap d)
withPixmapAndGC :: Display -> Drawable -> Dimension -> Dimension -> CInt -> (Pixmap -> GC -> IO ()) -> IO ()
withPixmapAndGC d w width height depth f =
withPixmap d w width height depth $ \ p ->
withGC d p $ \ g -> f p g

View file

@ -0,0 +1,18 @@
Author: tv
Build-Type: Simple
Cabal-Version: >= 1.2
License: MIT
Name: xmonad-tv
Version: 0
Executable xmonad
Build-Depends:
base,
containers,
filepath,
X11,
X11-xshape,
xmonad,
xmonad-contrib
GHC-Options: -Wall -O3 -threaded -rtsopts
Main-Is: Main.hs

View file

@ -0,0 +1,40 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.xserver;
in
pkgs.stdenv.mkDerivation {
name = "xserver.conf";
xfs = optionalString (cfg.useXFS != false)
''FontPath "${toString cfg.useXFS}"'';
inherit (cfg) config;
buildCommand =
''
echo 'Section "Files"' >> $out
echo $xfs >> $out
for i in ${toString config.fonts.fonts}; do
if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then
for j in $(find $i -name fonts.dir); do
echo " FontPath \"$(dirname $j)\"" >> $out
done
fi
done
for i in $(find ${toString cfg.modules} -type d); do
if test $(echo $i/*.so* | wc -w) -ne 0; then
echo " ModulePath \"$i\"" >> $out
fi
done
echo 'EndSection' >> $out
echo "$config" >> $out
'';
}

View file

@ -5,7 +5,7 @@
# TODO consul-bootstrap HOST that actually does is
# TODO tools to inspect state of a cluster in outage state
with import ../4lib { inherit lib pkgs; };
with lib;
let
cfg = config.tv.consul;

View file

@ -1,20 +1,14 @@
{ lib, pkgs, ... }:
let
krebs = import ../../krebs/4lib { inherit lib; };
in
with krebs;
krebs // rec {
lib // rec {
git = import ./git.nix {
lib = krebs;
inherit pkgs;
inherit lib pkgs;
};
# "7.4.335" -> "74"
majmin = with lib; x : concatStrings (take 2 (splitString "." x));
shell-escape = krebs.shell.escape;
# TODO deprecate shell-escape for lass
shell-escape = lib.shell.escape;
}

View file

@ -1,9 +1,6 @@
{ pkgs, ... }:
let
inherit (pkgs) callPackage;
in
{
viljetic-pages = callPackage ./viljetic-pages {};
ff = pkgs.callPackage ./ff {};
viljetic-pages = pkgs.callPackage ./viljetic-pages {};
}

8
tv/5pkgs/ff/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ pkgs, ... }:
pkgs.writeScriptBin "ff" ''
#! ${pkgs.bash}/bin/bash
exec sudo -u ff -i <<EOF
exec ${pkgs.firefoxWrapper}/bin/firefox $(printf " %q" "$@")
EOF
''