Merge remote-tracking branch 'lass/20.03' into 20.03

This commit is contained in:
makefu 2020-04-21 21:52:12 +02:00
commit aaacb5f31c
No known key found for this signature in database
GPG key ID: 36F7711F3FC0F225
83 changed files with 1298 additions and 2066 deletions

3
.gitmodules vendored
View file

@ -7,6 +7,9 @@
[submodule "lass/5pkgs/autowifi"]
path = lass/5pkgs/autowifi
url = https://github.com/Lassulus/autowifi
[submodule "jeschli/2configs/elisp"]
path = jeschli/2configs/elisp
url = https://github.com/Jeschli/misc-elisp-scripts.git
[submodule "submodules/brockman"]
path = submodules/brockman
url = https://github.com/kmein/brockman.git

View file

@ -7,6 +7,8 @@
<stockholm/jeschli/2configs/emacs.nix>
<stockholm/jeschli/2configs/firefox.nix>
<stockholm/jeschli/2configs/rust.nix>
<stockholm/jeschli/2configs/haskell.nix>
<stockholm/jeschli/2configs/steam.nix>
<stockholm/jeschli/2configs/python.nix>
./desktop.nix
./i3-configuration.nix
@ -36,10 +38,19 @@
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
wget vim git
rofi
ag
alacritty
google-chrome
chromium
copyq
direnv
go
git
gitAndTools.hub
sbcl
rofi
vim
wget
];
users.users.ombi = {
@ -48,19 +59,28 @@
};
users.users.jeschli = {
isNormalUser = true;
isNormalUser = true;
extraGroups = [ "audio" ];
};
# services.xserver.synaptics.enable = true;
services.xserver.libinput.enable = true;
services.xserver.libinput.disableWhileTyping = true;
hardware.pulseaudio.enable = true;
#Enable ssh daemon
services.openssh.enable = true;
#Enable clight
services.clight.enable = true;
services.geoclue2.enable = true;
location.provider = "geoclue2";
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM1xtX/SF2IzfAIzrXvH4HsW05eTBX8U8MYlEPadq0DS/nHC45hW2PSEUOVsH0UhBRAB+yClVLyN+JAYsuOoQacQqAVq9R7HAoFITdYTMJCxVs4urSRv0pWwTopRIh1rlI+Q0QfdMoeVtO2ZKG3KoRM+APDy2dsX8LTtWjXmh/ZCtpGl1O8TZtz2ZyXyv9OVDPnQiFwPU3Jqs2Z036c+kwxWlxYc55FRuqwRtQ48c/ilPMu+ZvQ22j1Ch8lNuliyAg1b8pZdOkMJF3R8b46IQ8FEqkr3L1YQygYw2M50B629FPgHgeGPMz3mVd+5lzP+okbhPJjMrUqZAUwbMGwGzZ ombi@nixos"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFXgtbgeivxlMKkoEJ4ANhtR+LRMSPrsmL4U5grFUME jeschli@nixos"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG7C3bgoL9VeVl8pgu8sp3PCOs6TXk4R9y7JKJAHGsfm root@baeckerei"
];
# This value determines the NixOS release with which your system is to be

View file

@ -7,8 +7,8 @@
enable = true;
xkbOptions = "caps:super";
exportConfiguration = true;
displayManager.slim.enable = true;
displayManager.lightdm.enable = true;
};
# Configure fonts

View file

@ -5,88 +5,93 @@ with pkgs;
let
i3_config_file = pkgs.writeText "config" ''
set $mod Mod4
font pango:monospace 8
#font pango:DejaVu Sans Mono 8
# Before i3 v4.8, we used to recommend this one as the default:
# font -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1
# The font above is very space-efficient, that is, it looks good, sharp and
# clear in small sizes. However, its unicode glyph coverage is limited, the old
# X core fonts rendering does not support right-to-left and this being a bitmap
# font, it doesnt scale on retina/hidpi displays.
# Use Mouse+$mod to drag floating windows to their wanted position
floating_modifier $mod
# start a terminal
bindsym $mod+Return exec i3-sensible-terminal
bindsym $mod+Return exec alacritty
# kill focused window
bindsym $mod+Shift+q kill
# start dmenu (a program launcher)
# bindsym $mod+d exec dmenu_run
# start dmenu (a program launcher)
bindsym $mod+d exec ${pkgs.rofi}/bin/rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run
bindsym $mod+x exec ${pkgs.rofi}/bin/rofi -modi window -show window -auto-select
bindsym $mod+F1 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput disable
bindsym $mod+F2 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput enable
# There also is the (new) i3-dmenu-desktop which only displays applications
# shipping a .desktop file. It is a wrapper around dmenu, so you need that
# installed.
# bindsym $mod+d exec --no-startup-id i3-dmenu-desktop
# change focus
bindsym $mod+j focus left
bindsym $mod+k focus down
bindsym $mod+l focus up
bindsym $mod+semicolon focus right
# alternatively, you can use the cursor keys:
bindsym $mod+Left focus left
bindsym $mod+Down focus down
bindsym $mod+Up focus up
bindsym $mod+Right focus right
# move focused window
bindsym $mod+Shift+j move left
bindsym $mod+Shift+k move down
bindsym $mod+Shift+l move up
bindsym $mod+Shift+colon move right
# alternatively, you can use the cursor keys:
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right
# split in horizontal orientation
bindsym $mod+h split h
# split in vertical orientation
bindsym $mod+v split v
# enter fullscreen mode for the focused container
bindsym $mod+f fullscreen toggle
# change container layout (stacked, tabbed, toggle split)
bindsym $mod+s layout stacking
bindsym $mod+w layout tabbed
bindsym $mod+e layout toggle split
# toggle tiling / floating
bindsym $mod+Shift+space floating toggle
# change focus between tiling / floating windows
bindsym $mod+space focus mode_toggle
# focus the parent container
bindsym $mod+a focus parent
# focus the child container
#bindsym $mod+d focus child
# Define names for default workspaces for which we configure key bindings later on.
# We use variables to avoid repeating the names in multiple places.
set $ws1 "1"
@ -99,7 +104,7 @@ let
set $ws8 "8"
set $ws9 "9"
set $ws10 "10"
# switch to workspace
bindsym $mod+1 workspace $ws1
bindsym $mod+2 workspace $ws2
@ -111,7 +116,7 @@ let
bindsym $mod+8 workspace $ws8
bindsym $mod+9 workspace $ws9
bindsym $mod+0 workspace $ws10
# move focused container to workspace
bindsym $mod+Shift+1 move container to workspace $ws1
bindsym $mod+Shift+2 move container to workspace $ws2
@ -123,18 +128,18 @@ let
bindsym $mod+Shift+8 move container to workspace $ws8
bindsym $mod+Shift+9 move container to workspace $ws9
bindsym $mod+Shift+0 move container to workspace $ws10
# reload the configuration file
bindsym $mod+Shift+c reload
# restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
bindsym $mod+Shift+r restart
# exit i3 (logs you out of your X session)
bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'"
# resize window (you can also use the mouse for that)
mode "resize" {
# These bindings trigger as soon as you enter the resize mode
# Pressing left will shrink the windows width.
# Pressing right will grow the windows width.
# Pressing up will shrink the windows height.
@ -143,27 +148,27 @@ let
bindsym k resize grow height 10 px or 10 ppt
bindsym l resize shrink height 10 px or 10 ppt
bindsym semicolon resize grow width 10 px or 10 ppt
# same bindings, but for the arrow keys
bindsym Left resize shrink width 10 px or 10 ppt
bindsym Down resize grow height 10 px or 10 ppt
bindsym Up resize shrink height 10 px or 10 ppt
bindsym Right resize grow width 10 px or 10 ppt
# back to normal: Enter or Escape or $mod+r
bindsym Return mode "default"
bindsym Escape mode "default"
bindsym $mod+r mode "default"
}
bindsym $mod+r mode "resize"
# Start i3bar to display a workspace bar (plus the system information i3status
# finds out, if available)
bar {
status_command i3status
}
'';
'';
in {

@ -0,0 +1 @@
Subproject commit ae1a03ddee80d73ac166af75cdb1d93d24fa44b9

View file

@ -114,29 +114,29 @@ let
("NEXT" ("WAITING") ("CANCELLED") ("HOLD"))
("DONE" ("WAITING") ("CANCELLED") ("HOLD")))))
(setq org-directory "~/projects/notes_private")
(setq org-default-notes-file "~/projects/notes_private/refile.org")
(setq org-directory "~/projects/notes_privat")
(setq org-default-notes-file "~/projects/notes_privat/refile.org")
;; I use C-c c to start capture mode
(global-set-key (kbd "C-c c") 'org-capture)
;; Capture templates for: TODO tasks, Notes, appointments, phone calls, meetings, and org-protocol
(setq org-capture-templates
(quote (("t" "todo" entry (file "~/git/org/refile.org")
(quote (("t" "todo" entry (file org-default-notes-file)
"* TODO %?\n%U\n%a\n" :clock-in t :clock-resume t)
("r" "respond" entry (file "~/git/org/refile.org")
("r" "respond" entry (file org-default-notes-file)
"* NEXT Respond to %:from on %:subject\nSCHEDULED: %t\n%U\n%a\n" :clock-in t :clock-resume t :immediate-finish t)
("n" "note" entry (file "~/git/org/refile.org")
("n" "note" entry (file org-default-notes-file)
"* %? :NOTE:\n%U\n%a\n" :clock-in t :clock-resume t)
("j" "Journal" entry (file+datetree "~/git/org/diary.org")
"* %?\n%U\n" :clock-in t :clock-resume t)
("w" "org-protocol" entry (file "~/git/org/refile.org")
("w" "org-protocol" entry (file org-default-notes-file)
"* TODO Review %c\n%U\n" :immediate-finish t)
("m" "Meeting" entry (file "~/git/org/refile.org")
("m" "Meeting" entry (file org-default-notes-file)
"* MEETING with %? :MEETING:\n%U" :clock-in t :clock-resume t)
("p" "Phone call" entry (file "~/git/org/refile.org")
("p" "Phone call" entry (file org-default-notes-file)
"* PHONE %? :PHONE:\n%U" :clock-in t :clock-resume t)
("h" "Habit" entry (file "~/git/org/refile.org")
("h" "Habit" entry (file org-default-notes-file)
"* NEXT %?\n%U\n%a\nSCHEDULED: %(format-time-string \"%<<%Y-%m-%d %a .+1d/3d>>\")\n:PROPERTIES:\n:STYLE: habit\n:REPEAT_TO_STATE: NEXT\n:END:\n"))))
;; Remove empty LOGBOOK drawers on clock out
@ -144,7 +144,7 @@ let
(interactive)
(save-excursion
(beginning-of-line 0)
(org-remove-empty-drawer-at "LOGBOOK" (point))))
(org-remove-empty-drawer-at (point))))
(add-hook 'org-clock-out-hook 'bh/remove-empty-drawer-on-clock-out 'append)

View file

@ -4,240 +4,81 @@ let
pkgsWithOverlay = import <nixpkgs-unstable> {
overlays = [
(import (builtins.fetchTarball {
url = https://github.com/nix-community/emacs-overlay/archive/master.tar.gz;
url = https://github.com/nix-community/emacs-overlay/archive/403c14c23be188b58c0b1bc197b428041d8a0cea.tar.gz;
}))
];
};
orgAgendaView = import ./emacs-org-agenda.nix;
# The emacs packages that I use
# I differ between
# - stable (Packages that I use for some time - happy with it)
# - unstable (Packages that I use for some time - but may drop)
# - testing (Packages that I try out - the new stuff)
emacsPkgs = epkgs:
(with epkgs.melpaPackages ;
packageRepos = ''
(require 'package) ;; You might already have this line
(let* ((no-ssl (and (memq system-type '(windows-nt ms-dos))
(not (gnutls-available-p))))
(url (concat (if no-ssl "http" "https") "://melpa.org/packages/")))
(add-to-list 'package-archives (cons "melpa" url) t)
(add-to-list 'package-archives
'("org" . "http://orgmode.org/elpa/") t)
)
(when (< emacs-major-version 24)
;; For important compatibility libraries like cl-lib
(add-to-list 'package-archives '("gnu" . "http://elpa.gnu.org/packages/")))
(package-initialize)
'';
## windows-purpose (testing)
[ window-purpose ] ++
evilMode = ''
;; Evil Mode
(require 'evil)
(evil-mode 1)
;; (require 'evil-org)
;; (add-hook 'org-mode-hook 'evil-org-mode)
;; (evil-org-set-key-theme '(navigation insert textobjects additional calendar))
;; (require 'evil-org-agenda)
;; (evil-org-agenda-set-keys)
'';
## helm (stable)
# emacs completion engine
[ helm helm-ag ] ++
goMode = ''
(setq godoc-and-godef-command "go doc") ;godoc has no cli support any more, thats go doc now
(add-to-list 'exec-path "~/go/bin")
(add-hook 'go-mode-hook
(lambda ()
(setq-default)
(setq tab-width 2)
(setq standard-indent 2)
(setq indent-tabs-mode nil)))
'';
## deft (testing)
# text search for a directory
[ deft ] ++
ido = ''
(require 'ido)
(ido-mode t)
'';
## lsp mode (unstable)
# Language Server Protocol mode
# Used for rust
[ company-lsp dap-mode helm-lsp lsp-mode lsp-treemacs lsp-ui ] ++
helm = ''
(helm-mode 1)
(global-set-key (kbd "M-x") #'helm-M-x)
(global-set-key (kbd "C-x r b") #'helm-filtered-bookmarks)
(global-set-key (kbd "C-x C-f") #'helm-find-files)
'';
## emacs convenience (stable)
# Mixed and general purpose
[ ag company direnv evil google-this spacemacs-theme ] ++
magit = ''
(global-set-key (kbd "C-x g") 'magit-status) ; "Most Magit commands are commonly invoked from the status buffer"
'';
## common lisp (testing)
[ slime ] ++
windowCosmetics = ''
(menu-bar-mode -1)
(tool-bar-mode -1) ; Disable the button bar atop screen
(scroll-bar-mode -1) ; Disable scroll bar
(toggle-scroll-bar -1)
(setq inhibit-startup-screen t) ; Disable startup screen with graphics
(setq-default indent-tabs-mode nil) ; Use spaces instead of tabs
(setq default-tab-width 2) ; Two spaces is a tab
(setq tab-width 2) ; Four spaces is a tab
(setq visible-bell nil) ; Disable annoying visual bell graphic
(setq ring-bell-function 'ignore) ; Disable super annoying audio bell
'';
## magit (stable)
[ magit ] ++
orgMode = ''
(add-to-list 'auto-mode-alist '("\\.\\(org\\|org_archive\\|txt\\)$" . org-mode))
(global-set-key "\C-cl" 'org-store-link)
(global-set-key "\C-ca" 'org-agenda)
(global-set-key "\C-cb" 'org-iswitchb)
(global-set-key "\C-c L" 'org-insert-link-global)
(global-set-key "\C-c o" 'org-open-at-point-global)
(setq org-link-frame-setup '((file . find-file))) ; open link in same frame.
(if (boundp 'org-user-agenda-files)
(setq org-agenda-files org-user-agenda-files)
(setq org-agenda-files (quote ("~/projects/notes_privat")))
)
'';
## bunch of programming languages (unstable)
[ go-mode haskell-mode nix-mode ] ++
theme = ''
(load-theme 'monokai-alt t)
(load-theme 'whiteboard t)
(disable-theme 'monokai-alt)
(disable-theme 'whiteboard)
## rust (unstable)
[ racer rust-mode ] ++
(defun mh/load-whiteboard-theme ()
"load whiteboard theme"
(interactive)
(message "whiteboard loaded")
(disable-theme 'monokai-alt)
(enable-theme 'whiteboard)
)
(defun mh/load-monokai-theme ()
"load monokai theme"
(interactive)
(message "monokai loaded")
(disable-theme 'whiteboard)
(enable-theme 'monokai-alt)
)
(global-set-key "\C-ctw" 'mh/load-whiteboard-theme)
(global-set-key "\C-ctm" 'mh/load-monokai-theme)
'';
# Configuration for rust development
# inspired by
# https://github.com/bbatsov/prelude/blob/master/modules/prelude-rust.el
#
# This requires rls and racer to be installed on the system
rustDevelopment = ''
(add-hook 'rust-mode-hook #'racer-mode)
(add-hook 'rust-mode-hook (lambda()
(local-set-key (kbd "C-c C-d") 'racer-describe)
(local-set-key (kbd "C-c .") 'racer-find-definition)
(local-set-key (kbd "C-c ,") 'pop-tag-mark))
)
(add-hook 'racer-mode-hook #'eldoc-mode)
(add-hook 'racer-mode-hook #'company-mode)
(require 'rust-mode)
(define-key rust-mode-map (kbd "TAB") #'company-indent-or-complete-common)
(setq company-tooltip-align-annotations t)
'';
recentFiles = ''
(recentf-mode 1)
(setq recentf-max-menu-items 25)
(global-set-key "\C-x\ \C-r" 'recentf-open-files)
'';
myFunctionKeys = ''
(fset 'kill-actual-buffer
[?\C-x ?k return])
(defun mh/open-term-and-rename (name)
"open a new bash and rename it"
(interactive "sName of new terminal: ")
(term "/run/current-system/sw/bin/bash")
(rename-buffer name)
)
(global-set-key (kbd "M-<f8>") 'kill-actual-buffer)
(global-set-key (kbd "<f5>") 'mh/open-term-and-rename)
(global-set-key (kbd "<f6>") 'other-window)
(global-set-key (kbd "<f7>") 'split-window-right)
(global-set-key (kbd "<f8>") 'delete-other-windows)
'';
lspMode = ''
(require 'lsp-mode)
(add-hook 'rust-mode-hook #'lsp)
'';
dotEmacs = pkgs.writeText "dot-emacs" ''
${packageRepos}
${evilMode}
${goMode}
${helm}
${magit}
${orgMode}
${rustDevelopment}
${theme}
${windowCosmetics}
${orgAgendaView}
${myFunctionKeys}
${lspMode}
'';
#emacsWithCustomPackages
emacsPkgs= epkgs: [
# testing lsp mode
epkgs.melpaPackages.lsp-ui
epkgs.melpaPackages.company-lsp
epkgs.melpaPackages.lsp-treemacs
epkgs.melpaPackages.helm-lsp
epkgs.melpaPackages.dap-mode
epkgs.melpaPackages.lsp-mode
## python (stable)
# Python IDE for emacs
[ elpy ]) ++
## org-mode
# Org-Mode has several extensions
# and can be seen as an application of its own.
(with epkgs.melpaPackages ;
# testing
epkgs.melpaPackages.web-mode
epkgs.melpaPackages.js2-mode
epkgs.melpaPackages.xref-js2
[ org-super-agenda org-bullets org-ql ] ++
# unstable
[ smex org-mime orgit ]
) ++
epkgs.melpaPackages.academic-phrases
# stable
(with epkgs.orgPackages ;
[ org-plus-contrib ]) ++
epkgs.melpaPackages.gitlab
epkgs.melpaPackages.helm
epkgs.melpaPackages.weechat
# stable
(with epkgs.elpaPackages ;
[ bbdb which-key ]);
# emacs convenience
epkgs.melpaPackages.ag
epkgs.melpaPackages.company
epkgs.melpaPackages.direnv
epkgs.melpaPackages.evil
epkgs.melpaPackages.google-this
epkgs.melpaPackages.monokai-alt-theme
epkgs.melpaPackages.zenburn-theme
# development
epkgs.melpaPackages.magit
epkgs.melpaPackages.nix-mode
epkgs.melpaPackages.go-mode
epkgs.melpaPackages.haskell-mode
# rust
epkgs.melpaPackages.rust-mode
# epkgs.melpaPackages.flycheck-rust
epkgs.melpaPackages.racer
# python
epkgs.melpaPackages.elpy
# org-mode
epkgs.elpaPackages.bbdb
epkgs.orgPackages.org-plus-contrib
epkgs.melpaPackages.smex
epkgs.melpaPackages.org-mime
epkgs.melpaPackages.orgit
epkgs.elpaPackages.which-key
];
# ## EXWM related (unstable)
# epkgs.exwm
# epkgs.melpaPackages.desktop-environment
# epkgs.melpaPackages.helm-exwm
# ];
emacsWithOverlay = pkgsWithOverlay.emacsWithPackagesFromUsePackage {
config = builtins.readFile dotEmacs; # builtins.readFile ./emacs.el;
config = builtins.readFile ./elisp/init.el;
# Package is optional, defaults to pkgs.emacs
package = pkgsWithOverlay.emacsGit;
# Optionally provide extra packages not in the configuration file
@ -245,18 +86,34 @@ let
};
myEmacs = pkgs.writeDashBin "my-emacs" ''
exec ${emacsWithOverlay}/bin/emacs -q -l ${dotEmacs} "$@"
exec ${emacsWithOverlay}/bin/emacs -q "$@"
'';
myEmacsWithDaemon = pkgs.writeDashBin "my-emacs-daemon" ''
exec ${emacsWithOverlay}/bin/emacs -q -l ${dotEmacs} --daemon
exec ${emacsWithOverlay}/bin/emacs -q --daemon -l ${./elisp/init.el}
'';
myEmacsClient = pkgs.writeDashBin "meclient" ''
exec ${emacsWithOverlay}/bin/emacsclient --create-frame
exec ${emacsWithOverlay}/bin/emacsclient --create-frame "$@"
'';
in {
environment.systemPackages = [
myEmacs myEmacsWithDaemon myEmacsClient
myEmacs myEmacsWithDaemon myEmacsClient emacsWithOverlay
];
## EXWM Config
# services.xserver = {
# enable = true;
# xkbOptions = "caps:super";
# exportConfiguration = true;
#
# displayManager.slim.enable = true;
# windowManager.default = "exwm";
#
# # Set up the login session
# windowManager.session = [{
# name = "exwm";
# start = "${emacsWithOverlay}/bin/emacs -q -l " + builtins.toString ./elisp/init.el;
# }];
# };
}

View file

@ -0,0 +1,19 @@
{ config, pkgs, ... }:
let
all-hies = import (fetchTarball "https://github.com/infinisil/all-hies/tarball/master") {};
in
{
environment.systemPackages = with pkgs; [
cabal2nix
gcc
ghc
haskellPackages.cabal-install
haskellPackages.ghcid
haskellPackages.hindent
haskellPackages.hlint
haskellPackages.hoogle
haskellPackages.stack
haskellPackages.stylish-haskell
(all-hies.selection { selector = p: {inherit (p) ghc864; }; })
];
}

View file

@ -26,14 +26,12 @@
"http://cgit.hotdog.r/krops"
"http://cgit.ni.r/krops"
"http://cgit.prism.r/krops"
"https://git.ingolf-wagner.de/krebs/krops.git"
"https://github.com/krebs/krops.git"
];
nix_writers.urls = [
"http://cgit.hotdog.r/nix-writers"
"http://cgit.ni.r/nix-writers"
"http://cgit.prism.r/nix-writers"
"https://git.ingolf-wagner.de/krebs/nix-writers.git"
];
stockholm.urls = [
"http://cgit.enklave.r/stockholm"

View file

@ -52,7 +52,7 @@ let
"${url}",
workdir='${name}-${elemAt(splitString "." url) 1}', branches=True,
project='${name}',
pollinterval=10
pollinterval=100
)
)
'') repo.urls)

View file

@ -50,7 +50,6 @@ let
./secret.nix
./setuid.nix
./shadow.nix
./syncthing.nix
./tinc.nix
./tinc_graphs.nix
./urlwatch.nix
@ -103,7 +102,6 @@ let
{ krebs = import ./krebs { inherit config; }; }
{ krebs = import ./lass { inherit config; }; }
{ krebs = import ./makefu { inherit config; }; }
{ krebs = import ./nin { inherit config; }; }
{ krebs = import ./external/palo.nix { inherit config; }; }
{ krebs = import ./external/mic92.nix { inherit config; }; }
{ krebs = import ./tv { inherit config; }; }

View file

@ -373,6 +373,30 @@ in {
syncthing.id = "22NLFY5-QMRM3BH-76QIBYI-OPMKVGM-DU4FNZI-3KN2POF-V4WIC6M-2SFFUAC";
nets = {};
};
catalonia = {
owner = config.krebs.users.xkey;
nets = {
retiolum = {
ip4.addr = "10.243.13.12";
aliases = [ "catalonia.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAug+nej8/spuRHdzcfBYAuzUVoiq4YufmJqXSshvgf4aqjeVEt91Y
gT6iBN8IKnMjYk3bAS7MxmgiyVE17MQlaQi0RSYY47M8I9TvCYtWX/FcXuP9e6CA
VcalDUNpy2qNB+yEE8gMa8vDA3smKk/iK47jTtpWoPtvejLK/SCi8RdlYjKlOErE
Yl9mCniGD1WEYgdrjf6Nl7av6uuGYNibivIMkB2JyGwGGmzvP+oBFi2Cwarw8K2e
FK2VGrAfkgiP5rTPACHseoeCsJtRLozgzYzmS5M9XhP5ZoPkbtR/pL5btCwoCTlZ
HotmLVg4DezbPjNOBB9gtJF4UuzQjSPNY6K1VvvLOhDwXdyln82LuNcm9l+cy9y3
mGeSvqOouBugDqie6OpkF0KrRwlGQVwzwtnDohGd/5f7TbiPf1QjC+JP/m4mxZl3
zE0BCOct9b4hUc/CFto71CPlytSbTsMhfJAn8JxttGvsWIAj+dQ0iuLXfLDflWt6
sImmnOo28YInvFx6pKoxTwcV1AVrPWn5TSePhZM50dmzs0exltOISFECDhpPabU3
ZymRCze8fH9Z3SHxfxTlTZV7IaW2kpyyBe1KsWpM46gLPk5icX+Xc6mdGwbdGBpf
vDZ+BoHCjq9FfQrAu1+E83yCYyu+3fWrLSgYyrqjg0gPcCcnb1g6hqECAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
};
users = {
ciko = {
@ -421,6 +445,7 @@ in {
mail = "xq@shackspace.de";
pubkey = ssh-for "xq";
};
xkey = {};
miaoski = {
};
filly = {

View file

@ -144,24 +144,24 @@ in {
};
};
};
idontcare = {
herbert = {
owner = config.krebs.users.Mic92;
nets = rec {
retiolum = {
addrs = [
config.krebs.hosts.idontcare.nets.retiolum.ip4.addr
config.krebs.hosts.idontcare.nets.retiolum.ip6.addr
config.krebs.hosts.herbert.nets.retiolum.ip4.addr
config.krebs.hosts.herbert.nets.retiolum.ip6.addr
];
ip4.addr = "10.243.29.177";
aliases = [ "idontcare.r" ];
aliases = [ "herbert.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O
qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A
OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An
lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb
O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw
jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB
MIIBCgKCAQEA7ZINr8YxVwHtcOR+ySpc9UjnJWsFXlOyu3CnrJ8IrY+mPA25UmNZ
stXd8QbJuxpad9HyPs294uW8UmXttEZzIwAlikVHasM5IQHVltudTTFvv7s3YFWd
/lgpHbo8zOA2mafx+Sr02Fy/lHjk6BTf8IOzdJIpUHZL/P+FUl9baBwGLmtbEvPh
fbvtf5QryBjJ9nRnb+wsPVpeFE/LncIMK/bYQsyE01T5QDu/muAaeYPbgm6FqaQH
OJ4oEHsarWBvU1qzgz/IRz0BHHeTrbbP3AG/glTwL02Z1mtTXSjME7cfk7ZRM5Cj
jXAqnqu2m1B08Kii+zYp4BPZDmPLT5gq+QIDAQAB
-----END RSA PUBLIC KEY-----
'';
};

View file

@ -19,6 +19,10 @@ let
type = types.str;
default = "irc.freenode.org";
};
message = mkOption {
type = types.str;
default = "SSH Hidden Service at ";
};
};
imp = let
@ -50,7 +54,7 @@ let
${pkgs.irc-announce}/bin/irc-announce \
${cfg.server} 6667 ${config.krebs.build.host.name}-ssh \
\${cfg.channel} \
"SSH Hidden Service at $(cat ${hiddenServiceDir}/hostname)"
"${cfg.message}$(cat ${hiddenServiceDir}/hostname)"
'';
PrivateTmp = "true";
User = "tor";

View file

@ -1,111 +0,0 @@
{ config, ... }:
with import <stockholm/lib>;
{
hosts = mapAttrs (_: recursiveUpdate {
owner = config.krebs.users.nin;
ci = true;
}) {
hiawatha = {
cores = 2;
nets = {
retiolum = {
ip4.addr = "10.243.132.96";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:2342";
aliases = [
"hiawatha.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAucIe5yLzKJ8F982XRpZT6CvyXuPrtnNTmw/E/T6Oyq88m/OVHh6o
Viho1XAlJZZwqNniItD0AQB98uFB3+3yA7FepnwwC+PEceIfBG4bTDNyYD3ZCsAB
iWpmRar9SQ7LFnoZ6X2lYaJkUD9afmvXqJJLR5MClnRQo5OSqXaFdp7ryWinHP7E
UkPSNByu4LbQ9CnBEW8mmCVZSBLb8ezxg3HpJSigmUcJgiDBJ6aj22BsZ5L+j1Sr
lvUuaCr8WOS41AYsD5dbTYk7EG42tU5utrOS6z5yHmhbA5r8Ro2OFi/R3Td68BIJ
yw/m8sfItBCvjJSMEpKHEDfGMBCfQKltCwIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFizK5kauDlnjm/IzyzLi+W4hLKqjSWMkfuxzLwg6egx";
};
axon= {
cores = 2;
nets = {
retiolum = {
ip4.addr = "10.243.134.66";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1379";
aliases = [
"axon.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEA89h5SLDQL/ENM//3SMzNkVnW4dBdg1GOXs/SdRCTcgygJC0TzsAo
glfQhfS+OhFSC/mXAjP8DnN7Ys6zXzMfJgH7TgVRJ8tCo5ETehICA19hMjMFINLj
KZhhthPuX7u2Jr4uDMQ0eLJnKVHF4PmHnkA+JGcOqO7VSkgcqPvqPMnJFcMkGWvH
L3KAz1KGPHZWrAB2NBDrD/bOZj4L39nS4nJIYVOraP7ze1GTTC7s/0CnZj3qwS5j
VdUYgAR+bdxlWm1B1PPOjkslP6UOklQQK4SjK3ceLYb2yM7BVICeznjWCbkbMACY
PUSvdxyiD7nZcLvuM3cJ1M45zUK+tAHHDB5FFUUAZ+YY/Xml4+JOINekpQdGQqkN
X4VsdRGKpjqi+OXNP4ktDcVkl8uALmNR6TFfAEwQJdjgcMxgJGW9PkqvPl3Mqgoh
m89lHPpO0Cpf40o6lZRG42gH1OR7Iy1M234uA08a3eFf+IQutHaOBt/Oi0YeiaQp
OtJHmWtpsQRz24/m+uroSUtKZ63sESli28G1jP73Qv7CiB8KvSX0Z4zKJOV/CyaT
LLguAyeWdNLtVg4bGRd7VExoWA+Rd9YKHCiE5duhETZk0Hb9WZmgPdM7A0RBb+1H
/F9BPKSZFl2e42VEsy8yNmBqO8lL7DVbAjLhtikTpPLcyjNeqN99a8jFX4c5nhIK
MVsSLKsmNGQq+dylXMbErsGu3P/OuCZ4mRkC32Kp4qwJ+JMrJc8+ZbhKl6Fhwu0w
7DwwoUaRoMqtr2AwR+X67eJsYiOVo5EkqBo6DrWIM6mO2GrWHg5LTBIShn08q/Nm
ofPK2TmLdfqBycUR0kRCCPVi82f9aElmg3pzzPJnLAn9JLL43q6l+sefvtr9sTs3
1co6m8k5mO8zTb8BCmX2nFMkCopuHeF1nQ33y6woq0D8WsXHfHtbPwN9eYRVrbBF
29YBp5E+Q1pQB+0rJ4A5N1I3VUKhDGKc72pbQc8cYoAbDXA+RKYbsFOra5z585dt
4HQXpwj3a/JGJYRT6FVbJp4p8PjwAtN9VkpXNl4//3lXQdDD6aQ6ssXaKxVAp2Xj
FjPjx6J6ok4mRvofKNAREt4eZUdDub34bff6G0zI7Vls9t4ul0uHsJ6+ic3CG+Yl
buLfOkDp4hVCAlMPQ2NJfWKSggoVao7OTBPTMB3NiM56YOPptfZgu2ttDRTyuQ7p
hrOwutxoy/abH3hA8bWj1+C23vDtQ2gj0r16SWxpPdb3sselquzKp9NIvtyRVfnG
yYZTWRHg9mahMC2P0/wWAQVjKb0LnTib4lSe21uqFkWzp+3/Uu+hiwP5xGez/NIi
ahyL7t0D9r9y+i1RPjYWypgyR568fiGheQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF4ubHA2pQzV4tQq9D1zRTD1xOSR6xZM3z6te+5A1ekc";
};
onondaga = {
cores = 1;
nets = {
retiolum = {
ip4.addr = "10.243.132.55";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1357";
aliases = [
"onondaga.r"
"cgit.onondaga.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAqj6NPhRVsr8abz9FFx9+ld3amfxN7SRNccbksUOqkufGS0vaupFR
OWsgj4Qmt3lQ82YVt5yjx0FZHkAsenCEKM3kYoIb4nipT0e1MWkQ7plVveMfGkiu
htaJ1aCbI2Adxfmk4YbyAr8k3G+Zl9t7gTikBRh7cf5PMiu2JhGUZHzx9urR0ieH
xyashZFjl4TtIy4q6QTiyST9kfzteh8k7CJ72zfYkdHl9dPlr5Nk22zH9xPkyzmO
kCNeknuDqKeTT9erNtRLk6pjEcyutt0y2/Uq6iZ38z5qq9k4JzcMuQ3YPpNy8bxn
hVuk2qBu6kBTUW3iLchoh0d4cfFLWLx1SQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGmQk7AXsYLzjUrOjsuhZ3+gT7FjhPtjwxv5XnuU8GJO";
};
};
users = {
nin = {
mail = "nin@axon.r";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl4jHl2dya9Tecot7AcHuk57FiPN0lo8eDa03WmTOCCU7gEJLgpi/zwLxY/K4eXsDgOt8LJwddicgruX2WgIYD3LnwtuN40/U9QqqdBIv/5sYZTcShAK2jyPj0vQJlVUpL7DLxxRH+t4lWeRw/1qaAAVt9jEVbzT5RH233E6+SbXxfnQDhDwOXwD1qfM10BOGh63iYz8/loXG1meb+pkv3HTf5/D7x+/y1XvWRPKuJ2Ml33p2pE3cTd+Tie1O8CREr45I9JOIOKUDQk1klFL5NNXnaQ9h1FRCsnQuoGztoBq8ed6XXL/b8mQ0lqJMxHIoCuDN/HBZYJ0z+1nh8X6XH nin@axon";
};
nin_h = {
mail = "nin@hiawatha.r";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDicZLUPEVNX7SgqYWcjPo0UESRizEfIvVVbiwa1aApA8x25u/5R3sevcgbIpLHYKDMl5tebny9inr6G2zqB6oq/pocQjHxrPnuLzqjvqeSpbjQjlNWJ9GaHT5koTXZHdkEXGL0vfv1SRDNWUiK0rNymr3GXab4DyrnRnuNl/G1UtLf4Zka94YUD0SSPdS9y6knnRrUWKjGMFBZEbNSgHqMGATPQP9VDwKHIO2OWGfiBAJ4nj/MWj+BxHDleCMY9zbym8yY7p/0PLaUe9eIyLC8MftJ5suuMmASlj+UGWgnqUxWxsMHax9y7CTAc23r1NNCXN5LC6/facGt0rEQrdrTizBgOA1FSHAPCl5f0DBEgWBrRuygEcAueuGWvI8/uvtvQQZLhosDbXEfs/3vm2xoYBe7wH4NZHm+d2LqgIcPXehH9hVQsl6pczngTCJt0Q/6tIMffjhDHeYf6xbe/n3AqFT0PylUSvOw/H5iHws3R6rxtgnOio7yTJ4sq0NMzXCtBY6LYPGnkwf0oKsgB8KavZVnxzF8B1TD4nNi0a7ma7bd1LMzI/oGE6i8kDMROgisIECOcoe8YYJZXIne/wimhhRKZAsd+VrKUo4SzNIavCruCodGAVh2vfrqRJD+HD/aWH7Vr1fCEexquaxeKpRtKGIPW9LRCcEsTilqpZdAiw== nin@hiawatha";
};
};
}

View file

@ -45,6 +45,10 @@ with import <stockholm/lib>;
default = self.config.port == "6697";
type = types.bool;
};
API.listen = mkOption {
default = null;
type = types.nullOr types.str;
};
};
}));
};
@ -65,9 +69,11 @@ with import <stockholm/lib>;
ExecStart = let
configFile = pkgs.writeJSON configFileName configValue;
configFileName = "${cfg.systemd-service-name}.config.json";
configValue = recursiveUpdate {
logTime = false;
} (removeAttrs cfg ["_module"]);
configValue = stripAttr (
recursiveUpdate {
logTime = false;
} (removeAttrs cfg ["_module"])
);
in "${pkgs.reaktor2}/bin/reaktor ${configFile}";
Restart = "always";
RestartSec = "30";

View file

@ -17,21 +17,6 @@ let
default = "/var/realwallpaper/";
};
nightmap = mkOption {
type = types.str;
default = "http://eoimages.gsfc.nasa.gov/images/imagerecords/55000/55167/earth_lights_lrg.jpg";
};
daymap = mkOption {
type = types.str;
default = "https://www.nnvl.noaa.gov/images/globaldata/SnowIceCover_Daily.png";
};
cloudmap = mkOption {
type = types.str;
default = "http://home.megapass.co.kr/~holywatr/cloud_data/clouds_2048.jpg";
};
marker = mkOption {
type = types.str;
default = "http://graph.r/marker.json";
@ -60,6 +45,7 @@ let
path = with pkgs; [
xplanet
imagemagick
inkscape
curl
file
jq
@ -67,9 +53,6 @@ let
environment = {
working_dir = cfg.workingDir;
nightmap_url = cfg.nightmap;
daymap_url = cfg.daymap;
cloudmap_url = cfg.cloudmap;
marker_url = cfg.marker;
};

View file

@ -1,206 +0,0 @@
{ config, pkgs, ... }: with import <stockholm/lib>;
let
kcfg = config.krebs.syncthing;
scfg = config.services.syncthing;
devices = mapAttrsToList (name: peer: {
name = name;
deviceID = peer.id;
addresses = peer.addresses;
}) kcfg.peers;
folders = mapAttrsToList ( _: folder: {
inherit (folder) path id type;
devices = map (peer: { deviceId = kcfg.peers.${peer}.id; }) folder.peers;
rescanIntervalS = folder.rescanInterval;
fsWatcherEnabled = folder.watch;
fsWatcherDelayS = folder.watchDelay;
ignoreDelete = folder.ignoreDelete;
ignorePerms = folder.ignorePerms;
}) kcfg.folders;
getApiKey = pkgs.writeDash "getAPIKey" ''
${pkgs.libxml2}/bin/xmllint \
--xpath 'string(configuration/gui/apikey)'\
${scfg.configDir}/config.xml
'';
updateConfig = pkgs.writeDash "merge-syncthing-config" ''
set -efu
# XXX this assumes the GUI address to be "IPv4 address and port"
host=${shell.escape (elemAt (splitString ":" scfg.guiAddress) 0)}
port=${shell.escape (elemAt (splitString ":" scfg.guiAddress) 1)}
# wait for service to restart
${pkgs.untilport}/bin/untilport "$host" "$port"
API_KEY=$(${getApiKey})
_curl() {
${pkgs.curl}/bin/curl \
-Ss \
-H "X-API-Key: $API_KEY" \
"http://$host:$port/rest""$@"
}
old_config=$(_curl /system/config)
new_config=${shell.escape (toJSON {
inherit devices folders;
})}
new_config=$(${pkgs.jq}/bin/jq -en \
--argjson old_config "$old_config" \
--argjson new_config "$new_config" \
'
$old_config * $new_config
${optionalString (!kcfg.overridePeers) ''
* { devices: $old_config.devices }
''}
${optionalString (!kcfg.overrideFolders) ''
* { folders: $old_config.folders }
''}
'
)
echo $new_config | _curl /system/config -d @-
_curl /system/restart -X POST
'';
in
{
options.krebs.syncthing = {
enable = mkEnableOption "syncthing-init";
cert = mkOption {
type = types.nullOr types.absolute-pathname;
default = null;
};
key = mkOption {
type = types.nullOr types.absolute-pathname;
default = null;
};
overridePeers = mkOption {
type = types.bool;
default = true;
description = ''
Whether to delete the peers which are not configured via the peers option
'';
};
peers = mkOption {
default = {};
type = types.attrsOf (types.submodule ({
options = {
# TODO make into addr + port submodule
addresses = mkOption {
type = types.listOf types.str;
default = [];
};
#TODO check
id = mkOption {
type = types.str;
};
};
}));
};
overrideFolders = mkOption {
type = types.bool;
default = true;
description = ''
Whether to delete the folders which are not configured via the peers option
'';
};
folders = mkOption {
default = {};
type = types.attrsOf (types.submodule ({ config, ... }: {
options = {
path = mkOption {
type = types.absolute-pathname;
default = config._module.args.name;
};
id = mkOption {
type = types.str;
default = config._module.args.name;
};
peers = mkOption {
type = types.listOf types.str;
default = [];
};
rescanInterval = mkOption {
type = types.int;
default = 3600;
};
type = mkOption {
type = types.enum [ "sendreceive" "sendonly" "receiveonly" ];
default = "sendreceive";
};
watch = mkOption {
type = types.bool;
default = true;
};
watchDelay = mkOption {
type = types.int;
default = 10;
};
ignoreDelete = mkOption {
type = types.bool;
default = false;
};
ignorePerms = mkOption {
type = types.bool;
default = true;
};
};
}));
};
};
config = mkIf kcfg.enable {
systemd.services.syncthing = mkIf (kcfg.cert != null || kcfg.key != null) {
serviceConfig.PermissionsStartOnly = mkDefault true;
preStart = ''
${optionalString (kcfg.cert != null) ''
cp ${toString kcfg.cert} ${scfg.configDir}/cert.pem
chown ${scfg.user}:${scfg.group} ${scfg.configDir}/cert.pem
chmod 400 ${scfg.configDir}/cert.pem
''}
${optionalString (kcfg.key != null) ''
cp ${toString kcfg.key} ${scfg.configDir}/key.pem
chown ${scfg.user}:${scfg.group} ${scfg.configDir}/key.pem
chmod 400 ${scfg.configDir}/key.pem
''}
'';
};
systemd.services.syncthing-init = {
after = [ "syncthing.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = scfg.user;
RemainAfterExit = true;
Type = "oneshot";
ExecStart = updateConfig;
};
};
};
}

View file

@ -1,17 +1,18 @@
{ mkDerivation, aeson, async, attoparsec, base, blessings
, bytestring, containers, data-default, fetchgit, filepath
, hashable, lens, lens-aeson, network, network-simple
, network-simple-tls, pcre-light, process, random, stdenv
, string-conversions, stringsearch, text, time, transformers
, unagi-chan, unix, unordered-containers, vector
, network-simple-tls, network-uri, pcre-light, process, random
, servant-server, stdenv, string-conversions, stringsearch, text
, time, transformers, unagi-chan, unix, unordered-containers
, vector, wai, warp
}:
mkDerivation {
pname = "reaktor2";
version = "0.2.2";
version = "0.3.0";
src = fetchgit {
url = "https://cgit.krebsco.de/reaktor2";
sha256 = "1kyr5i5zdzvc7fcyac1i1yvi88kcxafrgp8p79c1b9l4g9sjnv78";
rev = "9f4e2644188f985d7cd806c13e2c0dee1688b9f0";
sha256 = "02hqpq8wcfd6rvi8qk10zy3f3lrzzqnjwqal4cbvksjn3vahz36h";
rev = "a6893c00f78a8acd0a4bfe7da87ab6889eabcf21";
fetchSubmodules = true;
};
isLibrary = false;
@ -19,9 +20,9 @@ mkDerivation {
executableHaskellDepends = [
aeson async attoparsec base blessings bytestring containers
data-default filepath hashable lens lens-aeson network
network-simple network-simple-tls pcre-light process random
string-conversions stringsearch text time transformers unagi-chan
unix unordered-containers vector
network-simple network-simple-tls network-uri pcre-light process
random servant-server string-conversions stringsearch text time
transformers unagi-chan unix unordered-containers vector wai warp
];
license = stdenv.lib.licenses.mit;
}

View file

@ -1,34 +1,43 @@
# This file has been generated by node2nix 1.5.3. Do not edit!
# This file has been generated by node2nix 1.7.0. Do not edit!
{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}:
let
sources = {
"double-ended-queue-2.1.0-0" = {
name = "double-ended-queue";
packageName = "double-ended-queue";
version = "2.1.0-0";
"denque-1.4.1" = {
name = "denque";
packageName = "denque";
version = "1.4.1";
src = fetchurl {
url = "https://registry.npmjs.org/double-ended-queue/-/double-ended-queue-2.1.0-0.tgz";
sha1 = "103d3527fd31528f40188130c841efdd78264e5c";
url = "https://registry.npmjs.org/denque/-/denque-1.4.1.tgz";
sha512 = "OfzPuSZKGcgr96rf1oODnfjqBFmr1DVoc/TrItj3Ohe0Ah1C5WX5Baquw/9U9KovnQ88EqmJbD66rKYUQYN1tQ==";
};
};
"redis-commands-1.3.5" = {
"redis-commands-1.5.0" = {
name = "redis-commands";
packageName = "redis-commands";
version = "1.3.5";
version = "1.5.0";
src = fetchurl {
url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.3.5.tgz";
sha512 = "2q8pai3gf0dczb03jjig3mpaz4j2kvw8icpgf8hp4fryr3d6c0mjkvxxdmlyhainybx4zhgqsw9ghc9p986alzdzd2n2p4cxvr8b0by";
url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.5.0.tgz";
sha512 = "6KxamqpZ468MeQC3bkWmCB1fp56XL64D4Kf0zJSwDZbVLLm7KFkoIcHrgRvQ+sk8dnhySs7+yBg94yIkAK7aJg==";
};
};
"redis-parser-2.6.0" = {
"redis-errors-1.2.0" = {
name = "redis-errors";
packageName = "redis-errors";
version = "1.2.0";
src = fetchurl {
url = "https://registry.npmjs.org/redis-errors/-/redis-errors-1.2.0.tgz";
sha1 = "eb62d2adb15e4eaf4610c04afe1529384250abad";
};
};
"redis-parser-3.0.0" = {
name = "redis-parser";
packageName = "redis-parser";
version = "2.6.0";
version = "3.0.0";
src = fetchurl {
url = "https://registry.npmjs.org/redis-parser/-/redis-parser-2.6.0.tgz";
sha1 = "52ed09dacac108f1a631c07e9b69941e7a19504b";
url = "https://registry.npmjs.org/redis-parser/-/redis-parser-3.0.0.tgz";
sha1 = "b66d828cdcafe6b4b8a428a7def4c6bcac31c8b4";
};
};
};
@ -37,40 +46,43 @@ in
formidable = nodeEnv.buildNodePackage {
name = "formidable";
packageName = "formidable";
version = "1.2.1";
version = "1.2.2";
src = fetchurl {
url = "https://registry.npmjs.org/formidable/-/formidable-1.2.1.tgz";
sha512 = "1x0n2rfaiasdjbw1mm7s29z84f68c7iji7lb1gkxvpknvv6q7bwns7z55ijcf4vkh4kvis12rbgaaih49jf9lj53s30mllb1d35bkqn";
url = "https://registry.npmjs.org/formidable/-/formidable-1.2.2.tgz";
sha512 = "V8gLm+41I/8kguQ4/o1D3RIHRmhYFG4pnNyonvua+40rqcEmT4+V71yaZ3B457xbbgCsCfjSPi65u/W6vK1U5Q==";
};
buildInputs = globalBuildInputs;
meta = {
description = "A node.js module for parsing form data, especially file uploads.";
homepage = https://github.com/felixge/node-formidable;
homepage = https://github.com/node-formidable/formidable;
license = "MIT";
};
production = true;
bypassCache = true;
reconstructLock = true;
};
redis = nodeEnv.buildNodePackage {
name = "redis";
packageName = "redis";
version = "2.8.0";
version = "3.0.2";
src = fetchurl {
url = "https://registry.npmjs.org/redis/-/redis-2.8.0.tgz";
sha512 = "3a3044ax6qdvss83xgjfx10h5q91ls0mwgs3wpsnxcdsiipq3cnmqzsh6glyq0r7vsmpw49jp84c2jnfrhi2bgycrkd9hhhf6ia8lrk";
url = "https://registry.npmjs.org/redis/-/redis-3.0.2.tgz";
sha512 = "PNhLCrjU6vKVuMOyFu7oSP296mwBkcE6lrAjruBYG5LgdSqtRBoVQIylrMyVZD/lkF24RSNNatzvYag6HRBHjQ==";
};
dependencies = [
sources."double-ended-queue-2.1.0-0"
sources."redis-commands-1.3.5"
sources."redis-parser-2.6.0"
sources."denque-1.4.1"
sources."redis-commands-1.5.0"
sources."redis-errors-1.2.0"
sources."redis-parser-3.0.0"
];
buildInputs = globalBuildInputs;
meta = {
description = "Redis client library";
homepage = https://github.com/NodeRedis/node_redis;
description = "A high performance Redis client.";
homepage = https://github.com/NodeRedis/node-redis;
license = "MIT";
};
production = true;
bypassCache = true;
reconstructLock = true;
};
}

View file

@ -1,2 +1,4 @@
node2nix -8 -i pkgs.json -c combine.nix
#!/usr/bin/env nix-shell
#! nix-shell -i bash -p nodePackages_10_x.node2nix
node2nix -10 -i pkgs.json -c combine.nix
rm node-env.nix combine.nix

View file

@ -0,0 +1,19 @@
{ stdenv, fetchzip, makeWrapper, jre }:
stdenv.mkDerivation {
name = "grib2json";
src = fetchzip {
url = "https://github.com/krebs/grib2json-bin/archive/31efe677b40fe491c988d50f96b59b1b7e2d46f7.zip";
sha256 = "1h3yxg270bvac7kaqsbsv4f8nln1i03rfz4cm8cp7llhjj3s6a6b";
};
installPhase = ''
mkdir -p $out/bin
cp -r lib $out/
cat > $out/bin/grib2json << EOF
#!/bin/sh
set -x
${jre}/bin/java -jar $out/lib/grib2json-0.8.0-SNAPSHOT.jar "\$@"
EOF
chmod +x $out/bin/grib2json
'';
}

View file

@ -25,10 +25,10 @@ pkgs.writeDashBin "irc-announce" ''
# This is used to see what we send to the irc server. (debug output)
echo2() { echo "$*"; echo "$*" >&2; }
cat2() {
while read -r line; do
echo "$line"
echo "$line" >&2
done
awk '{
print $0
print $0 > "/dev/stderr"
}'
}
# privmsg_cat transforms stdin to a privmsg

View file

@ -0,0 +1,43 @@
{ writers, coreutils, grib2json, curl, jq, findutils, imagemagick }:
writers.writeDashBin "nomads-cloud" ''
prefix=$(mktemp -d)
grib_path=$prefix.grib
json_path=$prefix.json
pgm_path=$prefix.pgm
png_path="$1"
mkdir -p "$prefix"
date=$(${coreutils}/bin/date +%Y%m%d)
for hour in 18 12 06 00; do
url="https://nomads.ncep.noaa.gov/cgi-bin/filter_gfs_0p25_1hr.pl?file=gfs.t''${hour}z.pgrb2.0p25.anl&lev_entire_atmosphere_%5C%28considered_as_a_single_layer%5C%29=on&var_CWAT=on&leftlon=-180&rightlon=180&toplat=90&bottomlat=-90&dir=%2Fgfs.$date%2F$hour"
${curl}/bin/curl -fsS "$url" > "$grib_path"
if [ "$?" -eq 0 ]; then
break
fi
done
${grib2json}/bin/grib2json --data "$grib_path" > "$json_path"
width=$(${jq}/bin/jq '.[0].header.nx' < "$json_path")
height=$(${jq}/bin/jq '.[0].header.ny' < "$json_path")
# The maximum gray value. Must be bigger than 0 and less than 65536.
maxval=1000
# pgm - Netpbm grayscale image format
# http://netpbm.sourceforge.net/doc/pgm.html
{
echo P2
echo "$width $height"
echo "$maxval"
cat "$json_path" |
${jq}/bin/jq --argjson maxval "$maxval" -c '
((.[0].data[]) * $maxval | round)
' |
${findutils}/bin/xargs -n "$width"
} > "$pgm_path"
${imagemagick}/bin/convert -roll +50% "$pgm_path" "$png_path"
rm -r "$prefix"
''

View file

@ -1,5 +1,5 @@
{ pkgs, ... }:
pkgs.writeDashBin "generate-wallpaper" ''
pkgs.writers.writeDashBin "generate-wallpaper" ''
set -euf
# usage: getimg FILENAME URL
@ -17,24 +17,28 @@ pkgs.writeDashBin "generate-wallpaper" ''
fi
}
# usage: image_size FILENAME
image_size() {
identify "$1" | awk '{print$3}'
# check if file exists and fetch only if missing
fetch_once() {
name=$1
url=$2
test -e "$name" || fetch "$name" "$url"
}
# usage: make_mask DST SRC MASK
make_layer() {
if needs_rebuild "$@"; then
echo "make $1 (apply mask)" >&2
convert "$2" "$3" -alpha off -compose copy_opacity -composite "$1"
fetch_older_min() {
min=$1
name=$2
url=$3
if ! test "$(find $name -mmin -$min)"; then
fetch "$name" "$url"
fi
}
# usage: flatten DST HILAYER LOLAYER
flatten() {
if needs_rebuild "$@"; then
echo "make $1 (flatten)" >&2
composite "$2" "$3" "$1"
fetch_older_days() {
days=$1
name=$2
url=$3
if ! test "$(find $name -mtime -$days)"; then
fetch "$name" "$url"
fi
}
@ -48,9 +52,11 @@ pkgs.writeDashBin "generate-wallpaper" ''
else
result=1
for b; do
if test "$b" -nt "$a"; then
#echo " $b is newer than $a" >&2
result=0
if check_type "$b" image; then
if test "$b" -nt "$a"; then
#echo " $b is newer than $a" >&2
result=0
fi
fi
done
fi
@ -60,34 +66,67 @@ pkgs.writeDashBin "generate-wallpaper" ''
return $result
}
get_neo_url() {
url=$1
curl -Ss "$url" | grep '3600 x 1800' | sed 's/.*href="\([^"]*\)".*/\1/'
}
main() {
cd "$working_dir"
# fetch source images in parallel
fetch nightmap-raw.jpg \
"$nightmap_url" &
fetch daymap-raw.png \
"$daymap_url" &
fetch clouds-raw.jpg \
"$cloudmap_url" &
fetch marker.json \
"$marker_url" &
fetch_once nightmap-raw.jpg \
'https://eoimages.gsfc.nasa.gov/images/imagerecords/144000/144898/BlackMarble_2016_3km.jpg' &
fetch_once daymap-raw.tif \
'https://eoimages.gsfc.nasa.gov/images/imagerecords/57000/57752/land_shallow_topo_8192.tif' &
fetch_once mercury-raw.svg \
'https://upload.wikimedia.org/wikipedia/commons/2/2e/Mercury_symbol.svg' &
fetch_once venus-raw.svg \
'https://upload.wikimedia.org/wikipedia/commons/6/66/Venus_symbol.svg' &
fetch_once mars-raw.svg \
'https://upload.wikimedia.org/wikipedia/commons/b/b7/Mars_symbol.svg' &
fetch_once jupiter-raw.svg \
'https://upload.wikimedia.org/wikipedia/commons/2/26/Jupiter_symbol.svg' &
fetch_once saturn-raw.svg \
'https://upload.wikimedia.org/wikipedia/commons/7/74/Saturn_symbol.svg' &
fetch_once uranus-raw.svg \
'https://upload.wikimedia.org/wikipedia/commons/f/f1/Uranus_symbol.svg' &
fetch_once neptune-raw.svg \
'https://upload.wikimedia.org/wikipedia/commons/4/47/Neptune_symbol.svg' &
fetch_once krebs-raw.svg \
'https://raw.githubusercontent.com/krebs/painload/master/cholerab/bling/krebs_aquarium.svg' &
fetch_older_min 720 ice-raw.jpg $(get_neo_url \
'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=NISE_D') &
fetch_older_days 3 snow-raw.jpg $(get_neo_url \
'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MOD10C1_E_SNOW') &
fetch_older_days 7 chlora-raw.jpg $(get_neo_url \
'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MY1DMM_CHLORA') &
fetch_older_days 3 fire-raw.jpg $(get_neo_url \
'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MOD14A1_E_FIRE') &
# regular fetches
fetch marker.json "$marker_url" &
fetch sun-raw.jpg 'https://sdo.gsfc.nasa.gov/assets/img/latest/latest_512_0171.jpg' &
wait
check_type nightmap-raw.jpg image
check_type daymap-raw.png image
check_type clouds-raw.jpg image
# fetch clouds if they are older than 3h
if ! test "$(find clouds-raw.png -mmin -180)"; then
${pkgs.nomads-cloud}/bin/nomads-cloud clouds-raw.png
fi
in_size=2048x1024
xplanet_out_size=1466x1200
out_geometry=1366x768+100+160
nightsnow_color='#0c1a49' # nightmap
in_size=3600x1800
xplanet_out_size=3200x2500
out_geometry=3200x1800+0+350
for raw in \
nightmap-raw.jpg \
daymap-raw.png \
clouds-raw.jpg \
daymap-raw.tif \
chlora-raw.jpg \
clouds-raw.png \
;
do
normal=''${raw%-raw.*}.png
@ -97,49 +136,79 @@ pkgs.writeDashBin "generate-wallpaper" ''
fi
done
# create nightmap-fullsnow
if needs_rebuild nightmap-fullsnow.png; then
convert -size $in_size xc:$nightsnow_color nightmap-fullsnow.png
# remove snow from ice map
if needs_rebuild ice.png ice-raw.jpg; then
convert ice-raw.jpg -fuzz 20% -fill black -opaque white -colorspace gray -blur 0x6 -scale "$in_size" ice.png
fi
# extract daymap-snowmask from daymap-final
if needs_rebuild daymap-snowmask.png daymap.png; then
convert daymap.png -threshold 95% daymap-snowmask.png
if needs_rebuild snow.png snow-raw.jpg; then
convert snow-raw.jpg -fuzz 20% -fill '#DEDEDE' -opaque white -scale "$in_size" snow.png
fi
# extract nightmap-lightmask from nightmap
if needs_rebuild nightmap-lightmask.png nightmap.png; then
convert nightmap.png -threshold 25% nightmap-lightmask.png
# make fire more red
if needs_rebuild fire.png fire-raw.jpg; then
convert fire-raw.jpg -fuzz 20% -fill '#ef840c' -opaque white -scale "$in_size" fire.png
fi
# create layers
make_layer nightmap-snowlayer.png nightmap-fullsnow.png daymap-snowmask.png
make_layer nightmap-lightlayer.png nightmap.png nightmap-lightmask.png
# cut out sun with alpha transparency
if needs_rebuild sun.png sun-raw.jpg; then
convert sun-raw.jpg \
\( +clone -colorspace HSB -fill white -draw "circle 256,256 256,54" -separate -delete 0,1 \) \
-compose copyopacity -composite -crop 512x472+0+20 -scale "100x100" sun.png
fi
# apply layers
flatten nightmap-lightsnowlayer.png \
nightmap-lightlayer.png \
nightmap-snowlayer.png
if needs_rebuild krebs.png krebs-raw.svg; then
inkscape -z -e krebs.png -w 16 -h 16 krebs-raw.svg
fi
flatten nightmap-final.png \
nightmap-lightsnowlayer.png \
nightmap.png
# -- Planets --
for planet in mercury venus mars jupiter saturn uranus neptune; do
if needs_rebuild "$planet".png "$planet"-raw.svg; then
sed -i 's/#000/#FE8019/g' "$planet"-raw.svg
inkscape -z -e "$planet".png -w 40 -h 40 "$planet"-raw.svg
fi
done
# -- Daymap --
# merge with water chlora layer
if needs_rebuild daymap-final.png daymap.png fire.png snow.png ice.png chlora.png; then
convert daymap.png fire.png -compose lighten -composite daymap-1.png
convert daymap-1.png ice.png -compose lighten -composite daymap-2.png
convert daymap-2.png snow.png -compose lighten -composite daymap-3.png
convert daymap-3.png chlora.png -compose lighten -composite daymap-final.png
fi
# -- Nightmap --
if needs_rebuild nightmap-final.png nightmap.png fire.png snow.png ice.png chlora.png; then
convert nightmap.png fire.png -compose lighten -composite nightmap-1.png
convert nightmap-1.png \( -fill black -colorize 70% ice.png \) -compose lighten -composite nightmap-2.png
convert nightmap-2.png \( -fill black -colorize 70% snow.png \) -compose lighten -composite nightmap-3.png
convert nightmap-3.png \( -fill black -colorize 70% chlora.png \) -compose lighten -composite nightmap-final.png
fi
# create marker file from json
if [ -s marker.json ]; then
jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude)"' marker.json > marker_file
jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude) image=krebs.png"' marker.json > marker_file
echo 'position=sun image=sun.png' >> marker_file
echo 'position=moon image=moon.png' >> marker_file
echo 'position=mercury image=mercury.png' >> marker_file
echo 'position=venus image=venus.png' >> marker_file
echo 'position=mars image=mars.png' >> marker_file
echo 'position=jupiter image=jupiter.png' >> marker_file
echo 'position=saturn image=saturn.png' >> marker_file
echo 'position=uranus image=uranus.png' >> marker_file
echo 'position=neptune image=neptune.png' >> marker_file
fi
# make all unmodified files as final
for normal in \
daymap.png \
clouds.png \
;
do
final=''${normal%.png}-final.png
needs_rebuild $final &&
ln $normal $final
done
# generate moon
xplanet -body moon --num_times 1 -origin earth \
--transpng moon.png --geometry 50x50 \
-config ${pkgs.writeText "moon.config" ''
[moon]
shade=10
''}
# rebuild every time to update shadow
xplanet --num_times 1 --geometry $xplanet_out_size \
@ -149,8 +218,9 @@ pkgs.writeDashBin "generate-wallpaper" ''
"Earth"
map=daymap-final.png
night_map=nightmap-final.png
cloud_map=clouds-final.png
cloud_threshold=10
cloud_map=clouds.png
cloud_threshold=1
cloud_gamma=10
shade=15
''}
@ -161,8 +231,9 @@ pkgs.writeDashBin "generate-wallpaper" ''
"Earth"
map=daymap-final.png
night_map=nightmap-final.png
cloud_map=clouds-final.png
cloud_threshold=10
cloud_map=clouds.png
cloud_threshold=1
cloud_gamma=10
marker_file=marker_file
shade=15
''}
@ -178,6 +249,8 @@ pkgs.writeDashBin "generate-wallpaper" ''
convert xplanet-krebs-output.png -crop $out_geometry \
realwallpaper-krebs-tmp.png
mv realwallpaper-krebs-tmp.png realwallpaper-krebs.png
mkdir -p archive
convert realwallpaper-krebs.png archive/"$(date -Is)".jpg
fi
}

View file

@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "55beed9922c2f6b030af61ca7e33bd47850c68f2",
"date": "2020-02-26T03:53:16-05:00",
"sha256": "0jxkb3bl7axa6vmfsfdfx4mxv6wx0pc8iiwgrw2qh8wxhlhbylks",
"rev": "b61999e4ad60c351b4da63ae3ff43aae3c0bbdfb",
"date": "2020-04-16T08:43:36-04:00",
"sha256": "0cggpdks4qscyirqwfprgdl91mlhjlw24wkg0riapk5f2g2llbpq",
"fetchSubmodules": false
}

View file

@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "b7bbc6d37878ed00b6467b574b02e840279f7d3d",
"date": "2020-02-26T11:51:29+01:00",
"sha256": "02q10jgi6m0vak3amb50ifw1pj82i17hs0npdkig7lsp8w3is7jq",
"rev": "5272327b81ed355bbed5659b8d303cf2979b6953",
"date": "2020-04-20T11:58:47-04:00",
"sha256": "0182ys095dfx02vl2a20j1hz92dx3mfgz2a6fhn31bqlp1wa8hlq",
"fetchSubmodules": false
}

View file

@ -3,7 +3,7 @@ dir=$(dirname $0)
oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \
--url https://github.com/NixOS/nixpkgs-channels \
--rev refs/heads/nixos-19.09' \
--rev refs/heads/nixos-20.03' \
> $dir/nixpkgs.json
newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev"

View file

@ -33,4 +33,6 @@
services.logind.lidSwitch = "ignore";
services.logind.lidSwitchDocked = "ignore";
boot.tmpOnTmpfs = true;
}

View file

@ -46,6 +46,15 @@
'';
services.thinkfan.enable = true;
services.thinkfan.levels = ''
(0, 0, 55)
(1, 48, 60)
(2, 50, 61)
(3, 52, 63)
(6, 60, 65)
(7, 80, 85)
(127, 90, 32767)
'';
services.logind.lidSwitch = "ignore";
services.logind.lidSwitchDocked = "ignore";

View file

@ -49,17 +49,17 @@ with import <stockholm/lib>;
];
}
{
krebs.syncthing = {
peers.schasch.addresses = [ "schasch.r:22000" ];
services.syncthing.declarative = {
devices.schasch.addresses = [ "schasch.r:22000" ];
folders = {
the_playlist = {
path = "/home/lass/tmp/the_playlist";
peers = [ "mors" "phone" "prism" "xerxes" ];
devices = [ "mors" "phone" "prism" "xerxes" ];
};
free_music = {
id = "mu9mn-zgvsw";
path = "/home/lass/tmp/free_music";
peers = [ "mors" "schasch" ];
devices = [ "mors" "schasch" ];
};
};
};

View file

@ -263,8 +263,6 @@ with import <stockholm/lib>;
}
{
users.users.download.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
config.krebs.users.palo.pubkey
];
}
{
@ -338,30 +336,36 @@ with import <stockholm/lib>;
localAddress = "10.233.2.14";
};
services.nginx.virtualHosts."lassul.us".locations."^~ /flix/".extraConfig = ''
if ($scheme != "https") {
rewrite ^ https://$host$request_uri permanent;
}
auth_basic "Restricted Content";
auth_basic_user_file ${pkgs.writeText "flix-user-pass" ''
krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0
''};
proxy_pass http://10.233.2.14:80/;
proxy_set_header Accept-Encoding "";
sub_filter "https://lassul.us/" "https://lassul.us/flix/";
sub_filter_once off;
'';
services.nginx.virtualHosts."lassul.us".locations."^~ /transmission".extraConfig = ''
if ($scheme != "https") {
rewrite ^ https://$host$request_uri permanent;
}
auth_basic "Restricted Content";
auth_basic_user_file ${pkgs.writeText "transmission-user-pass" ''
krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0
''};
proxy_pass_header X-Transmission-Session-Id;
proxy_pass http://10.233.2.14:9091;
'';
services.nginx.virtualHosts."lassul.us" = {
locations."^~ /flix/".extraConfig = ''
if ($scheme != "https") {
rewrite ^ https://$host$request_uri permanent;
}
auth_basic "Restricted Content";
auth_basic_user_file ${pkgs.writeText "flix-user-pass" ''
krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0
''};
proxy_pass http://10.233.2.14:80/;
proxy_set_header Accept-Encoding "";
sub_filter "https://lassul.us/" "https://lassul.us/flix/";
sub_filter_once off;
'';
locations."^~ /chatty/".extraConfig = ''
rewrite ^ https://$host/flix/$request_uri permanent;
'';
#locations."^~ /transmission".return = "301 https://$host/transmission/web/";
locations."^~ /transmission/".extraConfig = ''
if ($scheme != "https") {
rewrite ^ https://$host$request_uri permanent;
}
auth_basic "Restricted Content";
auth_basic_user_file ${pkgs.writeText "transmission-user-pass" ''
krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0
''};
proxy_pass_header X-Transmission-Session-Id;
proxy_pass http://10.233.2.14:9091;
'';
};
users.groups.download = {};
users.users = {
@ -376,6 +380,9 @@ with import <stockholm/lib>;
lass.pubkey
lass-android.pubkey
makefu.pubkey
palo.pubkey
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
"AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki11:15 <Profpatsch> AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki"
];
};
};

View file

@ -19,7 +19,9 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/ssh-cryptsetup.nix>
<stockholm/lass/2configs/nfs-dl.nix>
<stockholm/lass/2configs/gg23.nix>
<stockholm/lass/2configs/hass>
<stockholm/lass/2configs/br.nix>
<stockholm/lass/2configs/fetchWallpaper.nix>
];
krebs.build.host = config.krebs.hosts.shodan;

View file

@ -12,6 +12,7 @@ with import <stockholm/lib>;
i18n.defaultLocale ="de_DE.UTF-8";
time.timeZone = "Europe/Berlin";
services.xserver.enable = true;
services.xserver.libinput.enable = false;
users.users.locke = {
uid = genid "locke";
home = "/home/locke";

View file

@ -41,11 +41,11 @@
displayManager.lightdm.autoLogin.user = "lass";
};
krebs.syncthing = {
services.syncthing.declarative = {
folders = {
the_playlist = {
path = "/home/lass/tmp/the_playlist";
peers = [ "mors" "phone" "prism" "xerxes" ];
devices = [ "mors" "phone" "prism" "xerxes" ];
};
};
};

View file

@ -54,12 +54,107 @@ with import <stockholm/lib>;
root = "/var/download/finished";
extraConfig = ''
fancyindex on;
dav_methods PUT DELETE MKCOL COPY MOVE;
fancyindex_footer "/fancy.html";
include ${pkgs.nginx}/conf/mime.types;
include ${pkgs.writeText "extrMime" ''
types {
video/webm mkv;
}
''};
create_full_put_path on;
dav_access all:r;
'';
};
locations."/chatty" = {
proxyPass = "http://localhost:3000";
extraConfig = ''
rewrite /chatty/(.*) /$1 break;
proxy_set_header Host $host;
'';
};
locations."= /fancy.html".extraConfig = ''
alias ${pkgs.writeText "nginx_footer" ''
<div id="mydiv">
<!-- Include a header DIV with the same name as the draggable DIV, followed by "header" -->
<div id="mydivheader">Click here to move</div>
<iframe src="/chatty/index.html"></iframe>
</div>
<style>
#mydiv {
position: absolute;
z-index: 9;
background-color: #f1f1f1;
border: 1px solid #d3d3d3;
text-align: center;
}
#mydivheader {
padding: 10px;
cursor: move;
z-index: 10;
background-color: #2196F3;
color: #fff;
}
</style>
<script>
// Make the DIV element draggable:
dragElement(document.getElementById("mydiv"));
function dragElement(elmnt) {
var pos1 = 0, pos2 = 0, pos3 = 0, pos4 = 0;
if (document.getElementById(elmnt.id + "header")) {
// if present, the header is where you move the DIV from:
document.getElementById(elmnt.id + "header").onmousedown = dragMouseDown;
} else {
// otherwise, move the DIV from anywhere inside the DIV:
elmnt.onmousedown = dragMouseDown;
}
function dragMouseDown(e) {
e = e || window.event;
e.preventDefault();
// get the mouse cursor position at startup:
pos3 = e.clientX;
pos4 = e.clientY;
document.onmouseup = closeDragElement;
// call a function whenever the cursor moves:
document.onmousemove = elementDrag;
}
function elementDrag(e) {
e = e || window.event;
e.preventDefault();
// calculate the new cursor position:
pos1 = pos3 - e.clientX;
pos2 = pos4 - e.clientY;
pos3 = e.clientX;
pos4 = e.clientY;
// set the element's new position:
elmnt.style.top = (elmnt.offsetTop - pos2) + "px";
elmnt.style.left = (elmnt.offsetLeft - pos1) + "px";
}
function closeDragElement() {
// stop moving when mouse button is released:
document.onmouseup = null;
document.onmousemove = null;
}
}
</script>
''};
'';
};
};
systemd.services.bruellwuerfel = {
wantedBy = [ "multi-user.target" ];
environment = {
IRC_CHANNEL = "#flix";
IRC_NICK = "bruelli";
IRC_SERVER = "irc.r";
IRC_HISTORY_FILE = "/tmp/bruelli.history";
};
serviceConfig = {
ExecStart = "${pkgs.bruellwuerfel}/bin/bruellwuerfel";
};
};

View file

@ -71,12 +71,14 @@ in {
gitAndTools.qgit
git-preview
gnome3.dconf
iodine
lm_sensors
ncdu
nix-index
nix-review
nmap
pavucontrol
ponymix
powertop
rxvt_unicode-with-plugins
sxiv

View file

@ -19,6 +19,7 @@ with (import <stockholm/lib>);
];
services.tor.enable = true;
services.tor.client.enable = true;
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p udp --dport 60000:61000"; target = "ACCEPT";}

View file

@ -102,9 +102,19 @@
"microsoft@lassul.us"
"stickers@lassul.us"
"nextbike@lassul.us"
"mytello@lassul.us"
"camp@lassul.us"
"urlwatch@lassul.us"
"lidl@lassul.us"
"geizhals@lassul.us"
"auschein@lassul.us"
"tleech@lassul.us"
"durstexpress@lassul.us"
];
in {
environment.systemPackages = [ pkgs.review-mail-queue ];
krebs.exim-smarthost = {
enable = true;
dkim = [

View file

@ -20,12 +20,13 @@ with import <stockholm/lib>;
}
'';
machines = [
{ ethernetAddress = "c8:3d:d4:2c:40:ae"; hostName = "tv"; ipAddress = "10.42.0.3"; }
{ ethernetAddress = "a8:a6:48:65:ce:4c"; hostName = "tv"; ipAddress = "10.42.0.3"; }
{ ethernetAddress = "3c:2a:f4:22:28:37"; hostName = "drucker"; ipAddress = "10.42.0.4"; }
{ ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-bett"; ipAddress = "10.42.0.10"; }
{ ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-tv"; ipAddress = "10.42.0.10"; }
{ ethernetAddress = "80:7d:3a:68:04:f0"; hostName = "s20-drucker"; ipAddress = "10.42.0.11"; }
{ ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-kueche"; ipAddress = "10.42.0.12"; }
{ ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-wasch"; ipAddress = "10.42.0.12"; }
{ ethernetAddress = "80:7d:3a:67:bb:69"; hostName = "s20-stereo"; ipAddress = "10.42.0.13"; }
{ ethernetAddress = "ec:b5:fa:07:78:16"; hostName = "hue-bridge"; ipAddress = "10.42.0.21"; }
{ ethernetAddress = "80:8d:b7:c5:80:dc"; hostName = "arubaAP"; ipAddress = "10.42.0.99"; }
];
};
@ -45,9 +46,6 @@ with import <stockholm/lib>;
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass
{ predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass
{ predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i int0 -p udp --dport 53"; target = "ACCEPT"; } # dns
];
krebs.iptables.tables.filter.FORWARD.rules = [
@ -62,72 +60,5 @@ with import <stockholm/lib>;
krebs.iptables.tables.nat.POSTROUTING.rules = [
{ v6 = false; predicate = "-s 10.42.0.0/24 ! -d 10.42.0.0/24"; target = "MASQUERADE"; }
];
services.home-assistant = let
tasmota_s20 = name: topic: {
platform = "mqtt";
inherit name;
state_topic = "stat/${topic}/POWER";
command_topic = "cmnd/${topic}/POWER";
payload_on = "ON";
payload_off = "OFF";
};
in {
enable = true;
package = pkgs.home-assistant.override {
#extraComponents = [
# (pkgs.fetchgit {
# url = "https://github.com/marcschumacher/dwd_pollen";
# rev = "0.1";
# sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymllz2p";
# })
#];
};
config = {
homeassistant = {
name = "Home"; time_zone = "Europe/Berlin";
latitude = "48.7687";
longitude = "9.2478";
elevation = 247;
};
sun.elevation = 66;
discovery = {};
frontend = { };
mqtt = {
broker = "localhost";
port = 1883;
client_id = "home-assistant";
username = "gg23";
password = "gg23-mqtt";
keepalive = 60;
protocol = 3.1;
};
sensor = [
];
switch = [
(tasmota_s20 "Drucker Strom" "drucker")
(tasmota_s20 "Bett Licht" "bett")
(tasmota_s20 "Kueche Licht" "kueche")
];
device_tracker = [
{
platform = "luci";
}
];
};
};
services.mosquitto = {
enable = true;
host = "0.0.0.0";
allowAnonymous = false;
checkPasswords = true;
users.gg23 = {
password = "gg23-mqtt";
acl = [ "topic readwrite #" ];
};
};
environment.systemPackages = [ pkgs.mosquitto ];
}

View file

@ -20,7 +20,7 @@ with import <stockholm/lib>;
}
];
krebs.syncthing.folders."/var/lib/sync-containers".peers = [ "icarus" "skynet" "littleT" "shodan" ];
services.syncthing.declarative.folders."/var/lib/sync-containers".devices = [ "icarus" "skynet" "littleT" "shodan" ];
krebs.permown."/var/lib/sync-containers" = {
owner = "root";
group = "syncthing";

View file

@ -0,0 +1,86 @@
{ config, lib, pkgs, ... }:
{
imports = [
./zigbee.nix
./rooms/bett.nix
];
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass
{ predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass
];
services.home-assistant = {
enable = true;
package = pkgs.home-assistant.override {
# extraComponents = [ "hue" ];
};
configWritable = true;
};
lass.hass.config = let
tasmota_s20 = name: topic: {
platform = "mqtt";
inherit name;
state_topic = "stat/${topic}/POWER";
command_topic = "cmnd/${topic}/POWER";
payload_on = "ON";
payload_off = "OFF";
};
in {
homeassistant = {
name = "Home";
time_zone = "Europe/Berlin";
latitude = "48.7687";
longitude = "9.2478";
elevation = 247;
};
config = {};
sun.elevation = 66;
discovery = {};
frontend = {};
mqtt = {
broker = "localhost";
port = 1883;
client_id = "home-assistant";
username = "gg23";
password = "gg23-mqtt";
keepalive = 60;
protocol = 3.1;
discovery = true;
birth_message = {
topic = "/hass/status";
payload = "online";
};
will_message = {
topic = "/hass/status";
payload = "offline";
};
};
sensor = [
];
switch = [
(tasmota_s20 "TV" "tv")
(tasmota_s20 "Drucker Strom" "drucker")
(tasmota_s20 "Waschmaschine" "wasch")
(tasmota_s20 "Stereo Anlage" "stereo")
];
mobile_app = {};
};
services.mosquitto = {
enable = true;
host = "0.0.0.0";
allowAnonymous = false;
checkPasswords = true;
users.gg23 = {
password = "gg23-mqtt";
acl = [ "topic readwrite #" ];
};
};
environment.systemPackages = [ pkgs.mosquitto ];
}

View file

@ -0,0 +1,83 @@
{
lights = {
bett = "light.0x0017880106ed3bd8_light";
essen = "light.0x0017880108327622_light";
arbeit = "light.0x0017880106ee2865_light";
nass = "light.0x00178801082e9f2f_light";
};
sensors = {
bett = "0x00178801086ac38c";
};
lightswitch = switch: light: {
automation = [
{
trigger = {
platform = "mqtt";
topic = "zigbee/${switch}";
};
condition = {
condition = "or";
conditions = [
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'on-press' }}";
}
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'up-press' }}";
}
{
condition = "and";
conditions = [
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'down-press' }}";
}
{
condition = "template";
value_template = "{{ trigger.payload_json.brightness > 30 }}";
}
];
}
];
};
action = [
{
service = "light.turn_on";
data_template = {
entity_id = light;
brightness = "{{ trigger.payload_json.brightness }}";
};
}
];
}
{
trigger = {
platform = "mqtt";
topic = "zigbee/${switch}";
};
condition = {
condition = "or";
conditions = [
{
condition = "template";
value_template = "{{ trigger.payload_json.action == 'off-press' }}";
}
{
condition = "template";
value_template = "{{ trigger.payload_json.brightness < 30 }}";
}
];
};
action = {
service = "light.turn_off";
data_template = {
entity_id = light;
};
};
}
];
};
}

View file

@ -0,0 +1,27 @@
{ lib, ... }:
with import ../lib.nix;
{
lass.hass.config = lib.lists.fold lib.recursiveUpdate {} [
{
#automation = [{
# trigger = {
# platform = "mqtt";
# topic = "zigbee/0x00178801086ac38c/action";
# payload = "on-press";
# };
# action = {
# service = "light.turn_on";
# data = {
# brightness = 150;
# rgb_color = [ 255 0 0 ];
# entity_id = [
# "light.0x0017880108327622_light"
# ];
# };
# };
#}];
}
(lightswitch sensors.bett lights.bett)
];
}

View file

@ -0,0 +1,152 @@
{config, pkgs, lib, ...}: let
zigbee2mqtt_cfg = pkgs.writeText "zigbee2mqtt.json" (builtins.toJSON {
homeassistant = true;
permit_join = true;
mqtt = {
discovery = true;
base_topic = "zigbee";
server = "mqtt://10.42.0.1";
user = "gg23";
password = "gg23-mqtt";
};
serial.port = "/dev/cc2531";
});
in {
# symlink the zigbee controller
services.udev.extraRules = ''
SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dailout"
'';
system.activationScripts.installZigbee = ''
install -d /var/lib/zigbee2mqtt
install ${zigbee2mqtt_cfg} /var/lib/zigbee2mqtt/configuration.yaml
'';
# hack to restart docker container on config change
systemd.services.docker-zigbee2mqtt.environment.cfg = zigbee2mqtt_cfg;
docker-containers.zigbee2mqtt = {
image = "koenkk/zigbee2mqtt";
extraDockerOptions = [
"--device=/dev/cc2531:/dev/cc2531"
];
volumes = ["/var/lib/zigbee2mqtt:/app/data"];
};
lass.hass.config = {
sensor = [
# Sensor for monitoring the bridge state
{
platform = "mqtt";
name = "Zigbee2mqtt Bridge state";
state_topic = "/zigbee/bridge/state";
icon = "mdi:router-wireless";
}
# Sensor for Showing the Zigbee2mqtt Version
{
platform = "mqtt";
name = "Zigbee2mqtt Version";
state_topic = "/zigbee/bridge/config";
value_template = "{{ value_json.version }}";
icon = "mdi:zigbee";
}
# Sensor for Showing the Coordinator Version
{
platform = "mqtt";
name = "Coordinator Version";
state_topic = "/zigbee/bridge/config";
value_template = "{{ value_json.coordinator }}";
icon = "mdi:chip";
}
];
switch = [
{
platform = "mqtt";
name = "Zigbee2mqtt Main join";
state_topic = "/zigbee/bridge/config/permit_join";
command_topic = "/zigbee/bridge/config/permit_join";
payload_on = "true";
payload_off = "false";
}
];
automation = [
{
alias = "Zigbee2mqtt Log Level";
initial_state = "on";
trigger = {
platform = "state";
entity_id = "input_select.zigbee2mqtt_log_level";
};
action = [
{
service = "mqtt.publish";
data = {
payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}";
topic = "/zigbee/bridge/config/log_level";
};
}
];
}
# Automation to start timer when enable join is turned on
{
id = "zigbee_join_enabled";
alias = "Zigbee Join Enabled";
hide_entity = "true";
trigger = {
platform = "state";
entity_id = "switch.zigbee2mqtt_main_join";
to = "on";
};
action = {
service = "timer.start";
entity_id = "timer.zigbee_permit_join";
};
}
# Automation to stop timer when switch turned off and turn off switch when timer finished
{
id = "zigbee_join_disabled";
alias = "Zigbee Join Disabled";
hide_entity = "true";
trigger = [
{
platform = "event";
event_type = "timer.finished";
event_data.entity_id = "timer.zigbee_permit_join";
}
{
platform = "state";
entity_id = "switch.zigbee2mqtt_main_join";
to = "off";
}
];
action = [
{ service = "timer.cancel";
data.entity_id = "timer.zigbee_permit_join";
}
{ service = "switch.turn_off";
entity_id = "switch.zigbee2mqtt_main_join";
}
];
}
];
input_select.zigbee2mqtt_log_level = {
name = "Zigbee2mqtt Log Level";
options = [
"debug"
"info"
"warn"
"error"
];
initial = "info";
icon = "mdi:format-list-bulleted";
};
timer.zigbee_permit_join = {
name = "Zigbee Time remaining";
duration = 120;
};
};
}

View file

@ -12,14 +12,17 @@ let
video_filename = sys.argv[1]
vid = scan_video(video_filename)
sub = download_best_subtitles([vid], {Language('eng')})[vid][0]
try:
sub = download_best_subtitles([vid], {Language('eng')})[vid][0]
filename = '/tmp/' + vid.title + '.srt'
filename = '/tmp/' + vid.title + '.srt'
with open(filename, 'wb+') as file:
file.write(sub.content)
with open(filename, 'wb+') as file:
file.write(sub.content)
print(filename)
print(filename)
except: # noqa
print("/dev/null")
'';
autosub = pkgs.writeText "autosub.lua" ''
@ -70,7 +73,6 @@ let
download()
end
mp.register_event('file-loaded', control_download)
mp.add_key_binding('S', "download_subs", download)
'';
@ -79,7 +81,6 @@ let
paths = [
(pkgs.writeDashBin "mpv" ''
exec ${pkgs.mpv}/bin/mpv --no-config --script=${autosub} "$@"
# exec ${pkgs.mpv}/bin/mpv --no-config "$@"
'')
pkgs.mpv
];

View file

@ -26,7 +26,11 @@
users.users.mainUser = {
extraGroups = [ "networkmanager" ];
packages = with pkgs; [
gnome3.gnome_keyring gnome3.dconf
gnome3.gnome_keyring
gnome3.dconf
];
};
environment.systemPackages = [
pkgs.nm-dmenu
];
}

View file

@ -9,20 +9,76 @@ let
admin-password = import <secrets/icecast-admin-pw>;
source-password = import <secrets/icecast-source-pw>;
music_dir = "/home/radio/music";
add_random = pkgs.writeDashBin "add_random" ''
${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.mpc_cli}/bin/mpc ls the_playlist/music | grep '\.ogg$' | shuf -n1)"
${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" | grep -v '/other/' | grep '\.ogg$' | shuf -n1 | sed 's,${music_dir}/,,')"
'';
skip_track = pkgs.writeDashBin "skip_track" ''
skip_track = pkgs.writeBashBin "skip_track" ''
set -eu
${add_random}/bin/add_random
echo skipping: "$(${print_current}/bin/print_current)"
music_dir=${escapeShellArg music_dir}
current_track=$(${pkgs.mpc_cli}/bin/mpc current -f %file%)
track_infos=$(${print_current}/bin/print_current)
skip_count=$(${pkgs.attr}/bin/getfattr -n user.skip_count --only-values "$music_dir"/"$current_track" || echo 0)
if [[ "$current_track" =~ ^the_playlist/music/.* ]] && [ "$skip_count" -le 2 ]; then
skip_count=$((skip_count+1))
${pkgs.attr}/bin/setfattr -n user.skip_count -v "$skip_count" "$music_dir"/"$current_track"
echo skipping: "$track_infos" skip_count: "$skip_count"
else
mkdir -p "$music_dir"/.graveyard/
mv "$music_dir"/"$current_track" "$music_dir"/.graveyard/
echo killing: "$track_infos"
fi
${pkgs.mpc_cli}/bin/mpc -q next
'';
good_track = pkgs.writeBashBin "good_track" ''
set -eu
music_dir=${escapeShellArg music_dir}
current_track=$(${pkgs.mpc_cli}/bin/mpc current -f %file%)
track_infos=$(${print_current}/bin/print_current)
if [[ "$current_track" =~ ^the_playlist/music/.* ]]; then
${pkgs.attr}/bin/setfattr -n user.skip_count -v 0 "$music_dir"/"$current_track"
else
mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/music/ || :
fi
echo good: "$track_infos"
'';
track_youtube_link = pkgs.writeDash "track_youtube_link" ''
${pkgs.mpc_cli}/bin/mpc current -f %file% \
| ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@https://www.youtube.com/watch?v=\1@'
'';
print_current = pkgs.writeDashBin "print_current" ''
echo "$(${pkgs.mpc_cli}/bin/mpc current -f %file%) \
$(${pkgs.mpc_cli}/bin/mpc current -f %file% \
| ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@http://www.youtube.com/watch?v=\1@')"
$(${track_youtube_link})"
'';
print_current_json = pkgs.writeDashBin "print_current_json" ''
${pkgs.jq}/bin/jq -n -c \
--arg name "$(${pkgs.mpc_cli}/bin/mpc current)" \
--arg filename "$(${pkgs.mpc_cli}/bin/mpc current -f %file%)" \
--arg youtube "$(${track_youtube_link})" '{
name: $name,
filename: $filename,
youtube: $youtube
}'
'';
write_to_irc = pkgs.writeDash "write_to_irc" ''
${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \
-H content-type:application/json \
-d "$(${pkgs.jq}/bin/jq -n \
--arg text "$1" '{
command:"PRIVMSG",
params:["#the_playlist",$text]
}'
)"
'';
in {
@ -48,8 +104,10 @@ in {
krebs.per-user.${name}.packages = with pkgs; [
add_random
good_track
skip_track
print_current
print_current_json
ncmpcpp
mpc_cli
];
@ -57,7 +115,7 @@ in {
services.mpd = {
enable = true;
group = "radio";
musicDirectory = "/home/radio/music";
musicDirectory = "${music_dir}";
extraConfig = ''
log_level "default"
auto_update "yes"
@ -115,6 +173,7 @@ in {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 8000"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; }
];
};
};
@ -164,6 +223,7 @@ in {
done | while read track; do
echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
${write_to_irc} "playing: $track"
done
'';
in {
@ -175,14 +235,20 @@ in {
serviceConfig = {
ExecStart = recentlyPlayed;
User = "radio";
};
};
# allow reaktor2 to modify files
systemd.services."reaktor2-the_playlist".serviceConfig.DynamicUser = mkForce false;
krebs.reaktor2.the_playlist = {
hostname = "irc.freenode.org";
port = "6697";
useTLS = true;
nick = "the_playlist";
username = "radio";
API.listen = "unix:/home/radio/reaktor.sock";
plugins = [
{
plugin = "register";
@ -199,12 +265,19 @@ in {
workdir = config.krebs.reaktor2.the_playlist.stateDir;
hooks.PRIVMSG = [
{
#activate = "match";
pattern = "^\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$";
activate = "match";
pattern = "^(?:.*\\s)?\\s*the_playlist:\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$";
command = 1;
arguments = [2];
commands = {
skip.filename = "${skip_track}/bin/skip_track";
next.filename = "${skip_track}/bin/skip_track";
bad.filename = "${skip_track}/bin/skip_track";
good.filename = "${good_track}/bin/good_track";
nice.filename = "${good_track}/bin/good_track";
like.filename = "${good_track}/bin/good_track";
current.filename = "${print_current}/bin/print_current";
suggest.filename = pkgs.writeDash "suggest" ''
echo "$@" >> playlist_suggest
@ -217,6 +290,42 @@ in {
];
};
krebs.htgen.radio = {
port = 8001;
user = {
name = "radio";
};
script = ''
case "$Method $Request_URI" in
"GET /current")
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
${print_current_json}/bin/print_current_json
exit
;;
"POST /skip")
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
msg=$(${skip_track}/bin/skip_track)
${write_to_irc} "$msg"
echo "$msg"
exit
;;
"POST /good")
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
msg=$(${good_track}/bin/good_track)
${write_to_irc} "$msg"
echo "$msg"
exit
;;
esac
'';
};
services.nginx = {
enable = true;
virtualHosts."radio.lassul.us" = {
@ -258,9 +367,9 @@ in {
alias ${html};
'';
};
krebs.syncthing.folders."the_playlist" = {
services.syncthing.declarative.folders."the_playlist" = {
path = "/home/radio/music/the_playlist";
peers = [ "mors" "phone" "prism" "xerxes" ];
devices = [ "mors" "phone" "prism" "xerxes" ];
};
krebs.permown."/home/radio/music/the_playlist" = {
owner = "radio";

View file

@ -1,7 +1,7 @@
{
krebs.syncthing.folders.decsync = {
services.syncthing.declarative.folders.decsync = {
path = "/home/lass/decsync";
peers = [ "mors" "blue" "green" "phone" ];
devices = [ "mors" "blue" "green" "phone" ];
};
krebs.permown."/home/lass/decsync" = {
owner = "lass";

View file

@ -1,5 +1,5 @@
{
krebs.syncthing.folders."/home/lass/.weechat".peers = [ "blue" "green" "mors" ];
services.syncthing.declarative.folders."/home/lass/.weechat".devices = [ "blue" "green" "mors" ];
krebs.permown."/home/lass/.weechat" = {
owner = "lass";
group = "syncthing";

View file

@ -7,18 +7,20 @@ in {
enable = true;
group = "syncthing";
configDir = "/var/lib/syncthing";
declarative = {
key = toString <secrets/syncthing.key>;
cert = toString <secrets/syncthing.cert>;
devices = mk_peers all_peers;
folders."/home/lass/sync" = {
devices = attrNames (filterAttrs (n: v: n != "phone") own_peers);
# ignorePerms = false;
};
};
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 22000"; target = "ACCEPT";}
{ predicate = "-p udp --dport 21027"; target = "ACCEPT";}
];
krebs.syncthing = {
enable = true;
cert = toString <secrets/syncthing.cert>;
key = toString <secrets/syncthing.key>;
peers = mk_peers all_peers;
folders."/home/lass/sync".peers = attrNames (filterAttrs (n: v: n != "phone") own_peers);
};
system.activationScripts.syncthing-home = ''
${pkgs.coreutils}/bin/chmod a+x /home/lass

View file

@ -270,14 +270,14 @@ in {
};
boot.kernel.sysctl."fs.inotify.max_user_watches" = "1048576";
krebs.syncthing.folders = {
services.syncthing.declarative.folders = {
domsen-backups = {
path = "/backups/domsen";
peers = [ "domsen-backup" ];
devices = [ "domsen-backup" ];
};
domsen-backup-srv-http = {
path = "/srv/http";
peers = [ "domsen-backup" ];
devices = [ "domsen-backup" ];
};
};

View file

@ -13,6 +13,8 @@ in {
];
security.acme = {
email = "acme@lassul.us";
acceptTerms = true;
certs."lassul.us" = {
allowKeysForGroup = true;
group = "lasscert";
@ -72,11 +74,6 @@ in {
security.acme.certs."cgit.lassul.us" = {
email = "lassulus@lassul.us";
webroot = "/var/lib/acme/acme-challenge";
plugins = [
"account_key.json"
"fullchain.pem"
"key.pem"
];
group = "nginx";
user = "nginx";
};

View file

@ -4,6 +4,7 @@ _:
./dnsmasq.nix
./ejabberd
./folderPerms.nix
./hass.nix
./hosts.nix
./mysql-backup.nix
./news.nix

34
lass/3modules/hass.nix Normal file
View file

@ -0,0 +1,34 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
cfg = config.lass.hass;
in {
options.lass.hass = {
config = mkOption {
default = {};
type = with lib.types; let
valueType = nullOr (oneOf [
bool
int
float
str
(attrsOf valueType)
(listOf valueType)
]) // {
description = "Yaml value";
emptyValue.value = {};
};
in valueType;
};
};
config =
assert versionOlder version "20.09";
mkIf (cfg.config != {})
{
services.home-assistant.config = cfg.config;
};
}

View file

@ -0,0 +1,26 @@
{ yarn2nix-moretea, fetchFromGitHub, nodePackages, nodejs }: let
#src = ~/src/bruellwuerfel;
src = fetchFromGitHub {
owner = "krebs";
repo = "bruellwuerfel";
rev = "57e20e630f732ce4e15b495ec5f9bf72a121b959";
sha256 = "08zwwl24sq21r497a03lqpy2x10az8frrsh6d38xm92snd1yf85b";
};
in yarn2nix-moretea.mkYarnModules rec {
pname = "bruellwuerfel";
version = "1.0";
name = "${pname}-${version}";
packageJSON = "${src}/package.json";
yarnLock = "${src}/yarn.lock";
postBuild = ''
cp -r ${src}/{src,tsconfig.json} $out/
cd $out
${nodePackages.typescript}/bin/tsc || :
mkdir -p $out/bin
echo '#!/bin/sh' > $out/bin/bruellwuerfel
echo "export NODE_PATH=$out/dist" >> $out/bin/bruellwuerfel
echo "${nodejs}/bin/node $out/dist/index.js" >> $out/bin/bruellwuerfel
chmod +x $out/bin/bruellwuerfel
'';
}

View file

@ -1,16 +1,10 @@
{ config, pkgs, ... }:
pkgs.writeHaskellPackage "xmonad-lass" {
executables.xmonad = {
extra-depends = [
"containers"
"extra"
"unix"
"X11"
"xmonad"
"xmonad-contrib"
"xmonad-stockholm"
];
text = /* haskell */ ''
pkgs.writers.writeHaskellBin "xmonad" {
libraries = with pkgs.haskellPackages; [
extra
xmonad-stockholm
];
} /* haskell */ ''
{-# LANGUAGE LambdaCase #-}
@ -62,7 +56,7 @@ instance UrgencyHook LibNotifyUrgencyHook where
safeSpawn "${pkgs.libnotify}/bin/notify-send" [show name, "workspace " ++ idx]
myTerm :: FilePath
myTerm = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtc"
myTerm = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtc"
myFont :: String
myFont = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"
@ -150,10 +144,7 @@ myKeyMap =
, ("M4-<F2>", windows copyToAll)
, ("M4-<F4>", spawn "${pkgs.writeDash "nm-dmenu" ''
export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
''}")
, ("M4-<F4>", spawn "${pkgs.nm-dmenu}/bin/nm-dmenu")
, ("M4-<Insert>", spawn "${pkgs.writeDash "paste" ''
${pkgs.coreutils}/bin/sleep 0.1
${pkgs.xclip}/bin/xclip -o | ${pkgs.xdotool}/bin/xdotool type -f -
@ -223,6 +214,4 @@ gridConfig = def
allWorkspaceNames :: W.StackSet i l a sid sd -> X [i]
allWorkspaceNames ws =
return $ map W.tag (W.hidden ws ++ (map W.workspace $ W.visible ws)) ++ [W.tag $ W.workspace $ W.current ws]
'';
};
}
''

View file

@ -18,6 +18,9 @@
ζ | zeta
(°° | table flip
() | why woot
(___) | gloom I see you
| sad
(\/) (°,,,,°) (\/) | krebs
'';
in

View file

@ -32,14 +32,24 @@ pkgs.writeDashBin "fzfmenu" ''
done
INPUT=$(${pkgs.coreutils}/bin/cat)
OUTPUT="$(${pkgs.coreutils}/bin/mktemp)"
${pkgs.rxvt_unicode}/bin/urxvt \
-name fzfmenu -title fzfmenu \
-e ${pkgs.dash}/bin/dash -c \
"echo \"$INPUT\" | ${pkgs.fzf}/bin/fzf \
--history=/dev/null \
--print-query \
--prompt=\"$PROMPT\" \
> \"$OUTPUT\"" 2>/dev/null
if [ -z ''${TERM+x} ]; then #check if we can print fzf in the shell
${pkgs.rxvt_unicode}/bin/urxvt \
-name fzfmenu -title fzfmenu \
-e ${pkgs.dash}/bin/dash -c \
"echo \"$INPUT\" | ${pkgs.fzf}/bin/fzf \
--history=/dev/null \
--print-query \
--prompt=\"$PROMPT\" \
--reverse \
> \"$OUTPUT\"" 2>/dev/null
else
echo "$INPUT" | ${pkgs.fzf}/bin/fzf \
--history=/dev/null \
--print-query \
--prompt="$PROMPT" \
--reverse \
> "$OUTPUT"
fi
${pkgs.coreutils}/bin/tail -1 "$OUTPUT"
${pkgs.coreutils}/bin/rm "$OUTPUT"
''

View file

@ -0,0 +1,6 @@
{ pkgs, ... }:
pkgs.writeDashBin "nm-dmenu" ''
export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
''

View file

@ -0,0 +1,39 @@
{ pkgs }: let
review = pkgs.writers.writeBash "review-mail" ''
mail="$1"
${pkgs.exim}/bin/exim -Mvc "$mail" | grep -E 'Subject:|To:'
${pkgs.exim}/bin/exim -Mvl "$mail"
while :; do
read -p 'delete?' key
case "$key" in
v*)
${pkgs.exim}/bin/exim -Mvc "$mail"
;;
d*)
${pkgs.exim}/bin/exim -Mrm "$mail"
break
;;
r*)
${pkgs.exim}/bin/exim -Mt "$mail"
break
;;
n*)
break
;;
esac
done
echo '-------------------'
echo '-------------------'
echo '-------------------'
echo '-------------------'
echo '-------------------'
'';
in pkgs.writers.writeBashBin "review-mail" ''
for mail in $(${pkgs.exim}/bin/exim -bp \
| ${pkgs.gnugrep}/bin/grep frozen \
| ${pkgs.gawk}/bin/awk '{print $3}'); do
${review} "$mail"
done
''

View file

@ -49,6 +49,8 @@ let
indent = replaceChars ["\n"] ["\n "];
stripAttr = converge (filterAttrsRecursive (n: v: v != {} && v != null));
mapNixDir = f: x: {
list = foldl' mergeAttrs {} (map (mapNixDir1 f) x);
path = mapNixDir1 f x;

View file

@ -1 +0,0 @@
{}

View file

@ -1,132 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
with lib;
{
imports = [
<stockholm/nin>
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
#../2configs/copyq.nix
<stockholm/nin/2configs/ableton.nix>
<stockholm/nin/2configs/games.nix>
<stockholm/nin/2configs/git.nix>
<stockholm/nin/2configs/retiolum.nix>
<stockholm/nin/2configs/termite.nix>
];
krebs.build.host = config.krebs.hosts.axon;
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/pool/root";
fsType = "ext4";
};
fileSystems."/tmp" =
{ device = "tmpfs";
fsType = "tmpfs";
};
fileSystems."/boot" =
{ device = "/dev/sda1";
fsType = "ext2";
};
boot.initrd.luks.devices.crypted.device = "/dev/sda2";
boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
swapDevices = [ ];
nix.maxJobs = lib.mkDefault 4;
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/sda";
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Enable CUPS to print documents.
# services.printing.enable = true;
# nin config
time.timeZone = "Europe/Berlin";
services.xserver = {
enable = true;
displayManager.lightdm.enable = true;
};
networking.networkmanager.enable = true;
#networking.wireless.enable = true;
hardware.pulseaudio = {
enable = true;
systemWide = true;
};
hardware.bluetooth.enable = true;
hardware.opengl.driSupport32Bit = true;
#nixpkgs.config.steam.java = true;
environment.systemPackages = with pkgs; [
atom
chromium
firefox
git
htop
keepassx
lmms
networkmanagerapplet
openvpn
python
ruby
steam
taskwarrior
thunderbird
vim
virtmanager
];
nixpkgs.config = {
allowUnfree = true;
};
#services.logind.extraConfig = "HandleLidSwitch=ignore";
services.xserver.synaptics = {
enable = true;
};
services.xserver.displayManager.sessionCommands = ''
${pkgs.xorg.xhost}/bin/xhost + local:
'';
services.xserver.desktopManager.xfce = let
xbindConfig = pkgs.writeText "xbindkeysrc" ''
"${pkgs.pass}/bin/passmenu --type"
Control + p
'';
in {
enable = true;
extraSessionCommands = ''
${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig}
'';
};
# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "17.03";
}

View file

@ -1,126 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
with lib;
{
imports = [
<stockholm/nin>
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
#../2configs/copyq.nix
<stockholm/nin/2configs/games.nix>
<stockholm/nin/2configs/git.nix>
<stockholm/nin/2configs/retiolum.nix>
<stockholm/nin/2configs/termite.nix>
];
krebs.build.host = config.krebs.hosts.hiawatha;
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/b83f8830-84f3-4282-b10e-015c4b76bd9e";
fsType = "ext4";
};
fileSystems."/tmp" =
{ device = "tmpfs";
fsType = "tmpfs";
};
fileSystems."/home" =
{ device = "/dev/fam/home";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/2f319b08-2560-401d-b53c-2abd28f1a010";
fsType = "ext2";
};
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
swapDevices = [ ];
nix.maxJobs = lib.mkDefault 4;
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/sda";
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Enable CUPS to print documents.
# services.printing.enable = true;
fileSystems."/home/nin/.local/share/Steam" = {
device = "/dev/fam/steam";
};
# nin config
time.timeZone = "Europe/Berlin";
services.xserver.enable = true;
networking.networkmanager.enable = true;
#networking.wireless.enable = true;
hardware.pulseaudio = {
enable = true;
systemWide = true;
};
hardware.bluetooth.enable = true;
hardware.opengl.driSupport32Bit = true;
#nixpkgs.config.steam.java = true;
environment.systemPackages = with pkgs; [
firefox
git
lmms
networkmanagerapplet
python
steam
thunderbird
vim
virtmanager
];
nixpkgs.config = {
allowUnfree = true;
};
#services.logind.extraConfig = "HandleLidSwitch=ignore";
services.xserver.synaptics = {
enable = true;
};
services.xserver.desktopManager.xfce = let
xbindConfig = pkgs.writeText "xbindkeysrc" ''
"${pkgs.pass}/bin/passmenu --type"
Control + p
'';
in {
enable = true;
extraSessionCommands = ''
${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig}
'';
};
# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "17.03";
}

View file

@ -1,23 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
{
imports = [
<stockholm/nin>
<stockholm/nin/2configs/retiolum.nix>
<stockholm/nin/2configs/weechat.nix>
<stockholm/nin/2configs/git.nix>
];
krebs.build.host = config.krebs.hosts.onondaga;
boot.isContainer = true;
networking.useDHCP = false;
time.timeZone = "Europe/Amsterdam";
services.openssh.enable = true;
}

View file

@ -1,20 +0,0 @@
{ config, pkgs, ... }: let
mainUser = config.users.extraUsers.nin;
in {
users.users= {
ableton = {
isNormalUser = true;
extraGroups = [
"audio"
"video"
];
packages = [
pkgs.wine
pkgs.winetricks
];
};
};
security.sudo.extraConfig = ''
${mainUser.name} ALL=(ableton) NOPASSWD: ALL
'';
}

View file

@ -1,38 +0,0 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
let
copyqConfig = pkgs.writeDash "copyq-config" ''
${pkgs.copyq}/bin/copyq config check_clipboard true
${pkgs.copyq}/bin/copyq config check_selection true
${pkgs.copyq}/bin/copyq config copy_clipboard true
${pkgs.copyq}/bin/copyq config copy_selection true
${pkgs.copyq}/bin/copyq config activate_closes true
${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0
${pkgs.copyq}/bin/copyq config clipboard_tab clipboard
${pkgs.copyq}/bin/copyq config disable_tray true
${pkgs.copyq}/bin/copyq config hide_tabs true
${pkgs.copyq}/bin/copyq config hide_toolbar true
${pkgs.copyq}/bin/copyq config item_popup_interval true
${pkgs.copyq}/bin/copyq config maxitems 1000
${pkgs.copyq}/bin/copyq config move true
${pkgs.copyq}/bin/copyq config text_wrap true
'';
in {
systemd.user.services.copyq = {
after = [ "graphical.target" ];
wants = [ "graphical.target" ];
wantedBy = [ "default.target" ];
environment = {
DISPLAY = ":0";
};
serviceConfig = {
SyslogIdentifier = "copyq";
ExecStart = "${pkgs.copyq}/bin/copyq";
ExecStartPost = copyqConfig;
Restart = "always";
RestartSec = "2s";
StartLimitBurst = 0;
};
};
}

View file

@ -1,173 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
imports = [
../2configs/vim.nix
<stockholm/krebs/2configs/binary-cache/nixos.nix>
<stockholm/krebs/2configs/binary-cache/prism.nix>
{
users.extraUsers =
mapAttrs (_: h: { hashedPassword = h; })
(import <secrets/hashedPasswords.nix>);
}
{
users.users = {
root = {
openssh.authorizedKeys.keys = [
config.krebs.users.nin.pubkey
config.krebs.users.nin_h.pubkey
];
};
nin = {
name = "nin";
uid = 1337;
home = "/home/nin";
group = "users";
createHome = true;
useDefaultShell = true;
extraGroups = [
"audio"
"fuse"
];
openssh.authorizedKeys.keys = [
config.krebs.users.nin.pubkey
config.krebs.users.nin_h.pubkey
];
};
};
}
{
environment.variables = {
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
};
}
(let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in {
environment.variables = {
CURL_CA_BUNDLE = ca-bundle;
GIT_SSL_CAINFO = ca-bundle;
SSL_CERT_FILE = ca-bundle;
};
})
];
networking.hostName = config.krebs.build.host.name;
nix.maxJobs = config.krebs.build.host.cores;
krebs = {
enable = true;
dns.search-domain = "r";
build = {
user = config.krebs.users.nin;
};
};
nix.useSandbox = true;
users.mutableUsers = false;
services.timesyncd.enable = true;
#why is this on in the first place?
services.nscd.enable = false;
boot.tmpOnTmpfs = true;
# see tmpfiles.d(5)
systemd.tmpfiles.rules = [
"d /tmp 1777 root root - -"
];
# multiple-definition-problem when defining environment.variables.EDITOR
environment.extraInit = ''
EDITOR=vim
'';
nixpkgs.config.allowUnfree = true;
environment.shellAliases = {
gs = "git status";
};
environment.systemPackages = with pkgs; [
#stockholm
git
gnumake
jq
proot
pavucontrol
populate
p7zip
termite
unzip
unrar
hashPassword
];
programs.bash = {
enableCompletion = true;
interactiveShellInit = ''
HISTCONTROL='erasedups:ignorespace'
HISTSIZE=65536
HISTFILESIZE=$HISTSIZE
shopt -s checkhash
shopt -s histappend histreedit histverify
shopt -s no_empty_cmd_completion
complete -d cd
'';
promptInit = ''
if test $UID = 0; then
PS1='\[\033[1;31m\]$PWD\[\033[0m\] '
elif test $UID = 1337; then
PS1='\[\033[1;32m\]$PWD\[\033[0m\] '
else
PS1='\[\033[1;33m\]\u@$PWD\[\033[0m\] '
fi
if test -n "$SSH_CLIENT"; then
PS1='\[\033[35m\]\h'" $PS1"
fi
'';
};
services.openssh = {
enable = true;
hostKeys = [
# XXX bits here make no science
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
];
};
services.journald.extraConfig = ''
SystemMaxUse=1G
RuntimeMaxUse=128M
'';
krebs.iptables = {
enable = true;
tables = {
nat.PREROUTING.rules = [
{ predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; }
{ predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; }
];
nat.OUTPUT.rules = [
{ predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; }
];
filter.INPUT.policy = "DROP";
filter.FORWARD.policy = "DROP";
filter.INPUT.rules = [
{ predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
{ predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; }
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
{ predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
{ predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; }
{ predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; }
];
};
};
networking.dhcpcd.extraConfig = ''
noipv4ll
'';
}

View file

@ -1,70 +0,0 @@
{ config, pkgs, ... }:
let
mainUser = config.users.extraUsers.mainUser;
vdoom = pkgs.writeDash "vdoom" ''
${pkgs.zandronum}/bin/zandronum \
-fov 120 \
"$@"
'';
doom = pkgs.writeDash "doom" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${vdoom} \
-file $DOOM_DIR/lib/brutalv20.pk3 \
"$@"
'';
doom1 = pkgs.writeDashBin "doom1" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${doom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@"
'';
doom2 = pkgs.writeDashBin "doom2" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${doom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@"
'';
vdoom1 = pkgs.writeDashBin "vdoom1" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${vdoom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@"
'';
vdoom2 = pkgs.writeDashBin "vdoom2" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${vdoom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@"
'';
doomservercfg = pkgs.writeText "doomserver.cfg" ''
skill 7
#survival true
#sv_maxlives 4
#sv_norespawn true
#sv_weapondrop true
no_jump true
#sv_noweaponspawn true
sv_sharekeys true
sv_survivalcountdowntime 1
sv_noteamselect true
sv_updatemaster false
#sv_coop_loseinventory true
#cl_startasspectator false
#lms_spectatorview false
'';
vdoomserver = pkgs.writeDashBin "vdoomserver" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${pkgs.zandronum}/bin/zandronum-server \
+exec ${doomservercfg} \
"$@"
'';
in {
environment.systemPackages = with pkgs; [
dwarf_fortress
doom1
doom2
vdoom1
vdoom2
vdoomserver
];
hardware.pulseaudio.support32Bit = true;
}

View file

@ -1,60 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
out = {
services.nginx.enable = true;
krebs.git = {
enable = true;
cgit = {
settings = {
root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "keep calm and engage";
};
};
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
rules = rules;
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; }
];
};
repos = public-repos;
rules = concatMap make-rules (attrValues repos);
public-repos = mapAttrs make-public-repo {
stockholm = {
cgit.desc = "take all the computers hostage, they'll love you!";
};
};
make-public-repo = name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
};
make-rules =
with git // config.krebs.users;
repo:
singleton {
user = [ nin nin_h ];
repo = [ repo ];
perm = push "refs/*" [ non-fast-forward create delete merge ];
} ++
optional repo.public {
user = attrValues config.krebs.users;
repo = [ repo ];
perm = fetch;
} ++
optional (length (repo.collaborators or []) > 0) {
user = repo.collaborators;
repo = [ repo ];
perm = fetch;
};
in out

View file

@ -1,19 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
environment.systemPackages = with pkgs; [
(pkgs.writeDashBin "im" ''
export PATH=${makeSearchPath "bin" (with pkgs; [
tmux
gnugrep
weechat
])}
ssh chat@onondaga
if tmux list-sessions -F\#S | grep -q '^im''$'; then
exec tmux attach -t im
else
exec tmux new -s im weechat
fi
'')
];
}

View file

@ -1,28 +0,0 @@
{ ... }:
{
krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; }
{ predicate = "-p tcp --dport tinc"; target = "ACCEPT"; }
{ predicate = "-p udp --dport tinc"; target = "ACCEPT"; }
];
};
};
krebs.tinc.retiolum = {
enable = true;
connectTo = [
"prism"
"pigstarter"
"gum"
"flap"
];
};
nixpkgs.config.packageOverrides = pkgs: {
tinc = pkgs.tinc_pre;
};
}

View file

@ -1,27 +0,0 @@
{ config, lib, pkgs, ... }:
let
mainUser = config.users.extraUsers.nin;
inherit (import <stockholm/lib>) genid;
in {
users.extraUsers = {
skype = {
name = "skype";
uid = genid "skype";
description = "user for running skype";
home = "/home/skype";
useDefaultShell = true;
extraGroups = [ "audio" "video" ];
createHome = true;
};
};
krebs.per-user.skype.packages = [
pkgs.skype
];
security.sudo.extraConfig = ''
${mainUser.name} ALL=(skype) NOPASSWD: ALL
'';
}

View file

@ -1,22 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = [
pkgs.termite
];
krebs.per-user.nin.packages = let
termitecfg = pkgs.writeTextFile {
name = "termite-config";
destination = "/etc/xdg/termite/config";
text = ''
[colors]
foreground = #d0d7d0
background = #000000
'';
};
in [
termitecfg
];
}

View file

@ -1,355 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
out = {
environment.systemPackages = [
vim
pkgs.pythonPackages.flake8
];
environment.etc.vimrc.source = vimrc;
environment.variables.EDITOR = mkForce "vim";
environment.variables.VIMINIT = ":so /etc/vimrc";
};
vimrc = pkgs.writeText "vimrc" ''
set nocompatible
set autoindent
set backspace=indent,eol,start
set backup
set backupdir=${dirs.backupdir}/
set directory=${dirs.swapdir}//
set hlsearch
set incsearch
set laststatus=2
set mouse=a
set noruler
set pastetoggle=<INS>
set runtimepath=${extra-runtimepath},$VIMRUNTIME
set shortmess+=I
set showcmd
set showmatch
set ttimeoutlen=0
set undodir=${dirs.undodir}
set undofile
set undolevels=1000000
set undoreload=1000000
set viminfo='20,<1000,s100,h,n${files.viminfo}
set visualbell
set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
set wildmenu
set wildmode=longest,full
set et ts=2 sts=2 sw=2
filetype plugin indent on
set t_Co=256
colorscheme hack
syntax on
au Syntax * syn match Garbage containedin=ALL /\s\+$/
\ | syn match TabStop containedin=ALL /\t\+/
\ | syn keyword Todo containedin=ALL TODO
au BufRead,BufNewFile *.hs so ${hs.vim}
au BufRead,BufNewFile *.nix so ${nix.vim}
au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile
"Syntastic config
let g:syntastic_python_checkers=['flake8']
nmap <esc>q :buffer
nmap <M-q> :buffer
cnoremap <C-A> <Home>
noremap <C-c> :q<cr>
vnoremap < <gv
vnoremap > >gv
nnoremap <esc>[5^ :tabp<cr>
nnoremap <esc>[6^ :tabn<cr>
nnoremap <esc>[5@ :tabm -1<cr>
nnoremap <esc>[6@ :tabm +1<cr>
nnoremap <f1> :tabp<cr>
nnoremap <f2> :tabn<cr>
inoremap <f1> <esc>:tabp<cr>
inoremap <f2> <esc>:tabn<cr>
" <C-{Up,Down,Right,Left>
noremap <esc>Oa <nop> | noremap! <esc>Oa <nop>
noremap <esc>Ob <nop> | noremap! <esc>Ob <nop>
noremap <esc>Oc <nop> | noremap! <esc>Oc <nop>
noremap <esc>Od <nop> | noremap! <esc>Od <nop>
" <[C]S-{Up,Down,Right,Left>
noremap <esc>[a <nop> | noremap! <esc>[a <nop>
noremap <esc>[b <nop> | noremap! <esc>[b <nop>
noremap <esc>[c <nop> | noremap! <esc>[c <nop>
noremap <esc>[d <nop> | noremap! <esc>[d <nop>
vnoremap u <nop>
'';
extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [
pkgs.vimPlugins.Syntastic
pkgs.vimPlugins.undotree
pkgs.vimPlugins.airline
(pkgs.vimUtils.buildVimPlugin {
name = "file-line-1.0";
src = pkgs.fetchgit {
url = git://github.com/bogado/file-line;
rev = "refs/tags/1.0";
sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0";
};
})
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "hack";
in {
name = "vim-color-${name}-1.0.2";
destination = "/colors/${name}.vim";
text = /* vim */ ''
set background=dark
hi clear
if exists("syntax_on")
syntax clear
endif
let colors_name = ${toJSON name}
hi Normal ctermbg=235
hi Comment ctermfg=242
hi Constant ctermfg=062
hi Identifier ctermfg=068
hi Function ctermfg=041
hi Statement ctermfg=167
hi PreProc ctermfg=167
hi Type ctermfg=041
hi Delimiter ctermfg=251
hi Special ctermfg=062
hi Garbage ctermbg=088
hi TabStop ctermbg=016
hi Todo ctermfg=174 ctermbg=NONE
hi NixCode ctermfg=148
hi NixData ctermfg=149
hi NixQuote ctermfg=150
hi diffNewFile ctermfg=207
hi diffFile ctermfg=207
hi diffLine ctermfg=207
hi diffSubname ctermfg=207
hi diffAdded ctermfg=010
hi diffRemoved ctermfg=009
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "vim";
in {
name = "vim-syntax-${name}-1.0.0";
destination = "/syntax/${name}.vim";
text = /* vim */ ''
${concatMapStringsSep "\n" (s: /* vim */ ''
syn keyword vimColor${s} ${s}
\ containedin=ALLBUT,vimComment,vimLineComment
hi vimColor${s} ctermfg=${s}
'') (map (i: lpad 3 "0" (toString i)) (range 0 255))}
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "showsyntax";
in {
name = "vim-plugin-${name}-1.0.0";
destination = "/plugin/${name}.vim";
text = /* vim */ ''
if exists('g:loaded_showsyntax')
finish
endif
let g:loaded_showsyntax = 0
fu! ShowSyntax()
let id = synID(line("."), col("."), 1)
let name = synIDattr(id, "name")
let transName = synIDattr(synIDtrans(id),"name")
if name != transName
let name .= " (" . transName . ")"
endif
echo "Syntax: " . name
endfu
command! -n=0 -bar ShowSyntax :call ShowSyntax()
'';
})))
];
dirs = {
backupdir = "$HOME/.cache/vim/backup";
swapdir = "$HOME/.cache/vim/swap";
undodir = "$HOME/.cache/vim/undo";
};
files = {
viminfo = "$HOME/.cache/vim/info";
};
mkdirs = let
dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s));
in assert out != ""; out;
alldirs = attrValues dirs ++ map dirOf (attrValues files);
in unique (sort lessThan alldirs);
vim = pkgs.writeDashBin "vim" ''
set -efu
(umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
exec ${pkgs.vim}/bin/vim "$@"
'';
hs.vim = pkgs.writeText "hs.vim" ''
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
hi link ConId Identifier
hi link VarId Identifier
hi link hsDelimiter Delimiter
'';
nix.vim = pkgs.writeText "nix.vim" ''
setf nix
" Ref <nix/src/libexpr/lexer.l>
syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/
syn match NixINT /\<[0-9]\+\>/
syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/
syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/
syn region NixSTRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
syn region NixIND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
syn match NixOther /[():/;=.,?\[\]]/
syn match NixCommentMatch /\(^\|\s\)#.*/
syn region NixCommentRegion start="/\*" end="\*/"
hi link NixCode Statement
hi link NixData Constant
hi link NixComment Comment
hi link NixCommentMatch NixComment
hi link NixCommentRegion NixComment
hi link NixID NixCode
hi link NixINT NixData
hi link NixPATH NixData
hi link NixHPATH NixData
hi link NixSPATH NixData
hi link NixURI NixData
hi link NixSTRING NixData
hi link NixIND_STRING NixData
hi link NixEnter NixCode
hi link NixOther NixCode
hi link NixQuote NixData
syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
syn cluster nix_ind_strings contains=NixIND_STRING
syn cluster nix_strings contains=NixSTRING
${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let
startAlts = filter isString [
''/\* ${lang} \*/''
extraStart
];
sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*'';
in /* vim */ ''
syn include @nix_${lang}_syntax syntax/${lang}.vim
unlet b:current_syntax
syn match nix_${lang}_sigil
\ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X
\ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
\ transparent
syn region nix_${lang}_region_STRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn region nix_${lang}_region_IND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn cluster nix_ind_strings
\ add=nix_${lang}_region_IND_STRING
syn cluster nix_strings
\ add=nix_${lang}_region_STRING
syn cluster nix_has_dollar_curly
\ add=@nix_${lang}_syntax
'') {
c = {};
cabal = {};
haskell = {};
sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
vim.extraStart =
''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
})}
" Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
syn clear shVarAssign
syn region nixINSIDE_DOLLAR_CURLY
\ matchgroup=NixEnter
\ start="[$]{"
\ end="}"
\ contains=TOP
\ containedin=@nix_has_dollar_curly
\ transparent
syn region nix_inside_curly
\ matchgroup=NixEnter
\ start="{"
\ end="}"
\ contains=TOP
\ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
\ transparent
syn match NixQuote /'''\([''$']\|\\.\)/he=s+2
\ containedin=@nix_ind_strings
\ contained
syn match NixQuote /\\./he=s+1
\ containedin=@nix_strings
\ contained
syn sync fromstart
let b:current_syntax = "nix"
set isk=@,48-57,_,192-255,-,'
set bg=dark
'';
in
out

View file

@ -1,21 +0,0 @@
{ config, lib, pkgs, ... }:
let
inherit (import <stockholm/lib>) genid;
in {
krebs.per-user.chat.packages = with pkgs; [
mosh
weechat
tmux
];
users.extraUsers.chat = {
home = "/home/chat";
uid = genid "chat";
useDefaultShell = true;
createHome = true;
openssh.authorizedKeys.keys = [
config.krebs.users.nin.pubkey
];
};
}

View file

@ -1,7 +0,0 @@
_:
{
imports = [
../krebs
./2configs
];
}

View file

@ -1,35 +0,0 @@
{ name }: let
inherit (import ../krebs/krops.nix { inherit name; })
krebs-source
lib
pkgs
;
source = { test }: lib.evalSource [
(krebs-source { test = test; })
{
nixos-config.symlink = "stockholm/nin/1systems/${name}/config.nix";
secrets = if test then {
file = toString ./0tests/dummysecrets;
} else {
pass = {
dir = "${lib.getEnv "HOME"}/.password-store";
name = "hosts/${name}";
};
};
}
];
in {
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
deploy = pkgs.krops.writeDeploy "${name}-deploy" {
source = source { test = false; };
target = "root@${name}/var/src";
};
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
test = { target }: pkgs.krops.writeTest "${name}-test" {
inherit target;
source = source { test = true; };
};
}

@ -1 +1 @@
Subproject commit ed9fc6658226b1525bc008205d76276f0054c6c5
Subproject commit f1b7112ac3cbe090e96f2c82c525b6db69b82034

View file

@ -12,6 +12,9 @@ pactl = findExecutable "pactl"
passmenu :: FilePath
passmenu = findExecutable "passmenu"
pavucontrol :: FilePath
pavucontrol = findExecutable "pavucontrol"
slock :: FilePath
slock = findExecutable "slock"

View file

@ -160,6 +160,7 @@ myKeys conf = Map.fromList $
, ((0, xF86XK_AudioLowerVolume), audioLowerVolume)
, ((0, xF86XK_AudioRaiseVolume), audioRaiseVolume)
, ((0, xF86XK_AudioMute), audioMute)
, ((_4, xF86XK_AudioMute), pavucontrol [])
, ((_4, xK_Prior), forkFile Paths.xcalib ["-invert", "-alter"] Nothing)
]
@ -175,6 +176,8 @@ myKeys conf = Map.fromList $
_4SM = _4 .|. _S .|. _M
pactl args = forkFile Paths.pactl args Nothing
pavucontrol args = forkFile Paths.pavucontrol args Nothing
audioLowerVolume = pactl ["--", "set-sink-volume", "@DEFAULT_SINK@", "-5%"]
audioRaiseVolume = pactl ["--", "set-sink-volume", "@DEFAULT_SINK@", "+5%"]
audioMute = pactl ["--", "set-sink-mute", "@DEFAULT_SINK@", "toggle"]