Merge remote-tracking branch 'gum/master'

This commit is contained in:
lassulus 2017-07-23 21:39:36 +02:00
commit c06435596a
4 changed files with 69 additions and 7 deletions

View file

@ -6,6 +6,7 @@ with import <stockholm/lib>;
hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) {
drop = rec { drop = rec {
cores = 1; cores = 1;
managed = true;
nets = { nets = {
retiolum = { retiolum = {
ip4.addr = "10.243.177.9"; ip4.addr = "10.243.177.9";
@ -28,6 +29,7 @@ with import <stockholm/lib>;
}; };
studio = rec { studio = rec {
cores = 4; cores = 4;
managed = true;
ssh.privkey.path = <secrets/ssh_host_ed25519_key>; ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio";
nets = { nets = {
@ -53,6 +55,7 @@ with import <stockholm/lib>;
fileleech = rec { fileleech = rec {
cores = 4; cores = 4;
managed = true;
ssh.privkey.path = <secrets/ssh_host_ed25519_key>; ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech";
nets = { nets = {
@ -78,6 +81,7 @@ with import <stockholm/lib>;
pnp = { pnp = {
cores = 1; cores = 1;
managed = true;
nets = { nets = {
retiolum = { retiolum = {
ip4.addr = "10.243.0.210"; ip4.addr = "10.243.0.210";
@ -101,6 +105,7 @@ with import <stockholm/lib>;
}; };
darth = { darth = {
cores = 4; cores = 4;
managed = true;
nets = { nets = {
retiolum = { retiolum = {
ip4.addr = "10.243.0.84"; ip4.addr = "10.243.0.84";
@ -171,6 +176,7 @@ with import <stockholm/lib>;
}; };
}; };
tsp = { tsp = {
managed = true;
cores = 1; cores = 1;
nets = { nets = {
retiolum = { retiolum = {
@ -198,6 +204,7 @@ with import <stockholm/lib>;
}; };
}; };
x = { x = {
managed = true;
cores = 4; cores = 4;
nets = { nets = {
retiolum = { retiolum = {
@ -243,6 +250,7 @@ with import <stockholm/lib>;
vbob = { vbob = {
cores = 2; cores = 2;
managed = true;
nets = { nets = {
retiolum = { retiolum = {
ip4.addr = "10.243.1.91"; ip4.addr = "10.243.1.91";
@ -305,6 +313,7 @@ with import <stockholm/lib>;
}; };
wry = rec { wry = rec {
cores = 1; cores = 1;
managed = true;
extraZones = { extraZones = {
"krebsco.de" = '' "krebsco.de" = ''
wry IN A ${nets.internet.ip4.addr} wry IN A ${nets.internet.ip4.addr}
@ -349,6 +358,7 @@ with import <stockholm/lib>;
}; };
filepimp = rec { filepimp = rec {
cores = 1; cores = 1;
managed = true;
nets = { nets = {
lan = { lan = {
ip4.addr = "192.168.1.12"; ip4.addr = "192.168.1.12";
@ -378,6 +388,7 @@ with import <stockholm/lib>;
omo = rec { omo = rec {
cores = 2; cores = 2;
managed = true;
nets = { nets = {
lan = { lan = {
@ -411,6 +422,7 @@ with import <stockholm/lib>;
}; };
wbob = rec { wbob = rec {
cores = 4; cores = 4;
managed = true;
nets = { nets = {
siem = { siem = {
ip4.addr = "10.8.10.7"; ip4.addr = "10.8.10.7";
@ -452,6 +464,7 @@ with import <stockholm/lib>;
gum = rec { gum = rec {
cores = 2; cores = 2;
managed = true;
extraZones = { extraZones = {
"krebsco.de" = '' "krebsco.de" = ''
@ -514,6 +527,7 @@ with import <stockholm/lib>;
}; };
shoney = rec { shoney = rec {
cores = 1; cores = 1;
managed = true;
nets = rec { nets = rec {
siem = { siem = {
via = internet; via = internet;
@ -562,6 +576,7 @@ with import <stockholm/lib>;
}; };
sdev = rec { sdev = rec {
cores = 1; cores = 1;
managed = true;
ssh.privkey.path = <secrets/ssh_host_ed25519_key>; ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILtm6ETzNgLcXNkrKs2VUEiGsTKBmOFpW2fazbzdUfOg sdev"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILtm6ETzNgLcXNkrKs2VUEiGsTKBmOFpW2fazbzdUfOg sdev";
nets = { nets = {

View file

@ -1,17 +1,19 @@
{ lib, pkgs, python3Packages, fetchurl, ... }: { lib, pkgs, python3Packages, fetchFromGitHub, ... }:
with python3Packages; buildPythonPackage rec { with python3Packages; buildPythonPackage rec {
name = "repo-sync-${version}"; name = "repo-sync-${version}";
version = "0.2.6"; version = "0.2.7";
disabled = isPy26 || isPy27; disabled = isPy26 || isPy27;
propagatedBuildInputs = [ propagatedBuildInputs = [
docopt docopt
GitPython GitPython
pkgs.git pkgs.git
]; ];
src = fetchurl { src = fetchFromGitHub {
url = "https://pypi.python.org/packages/source/r/repo-sync/repo-sync-${version}.tar.gz"; owner = "krebscode";
sha256 = "1hqa9qw9qg7mxgniqzys9szycs05llg4yik8a9wz94a437zzarsk"; repo = "repo-sync";
rev = version;
sha256 = "1qjf1jmxf7xzwskybdys4vqncnwj9f3xwk1gv354zrla68s533cw";
}; };
meta = { meta = {
homepage = http://github.com/makefu/repo-sync; homepage = http://github.com/makefu/repo-sync;

View file

@ -8,6 +8,7 @@ let
krebs-repos = mapAttrs make-krebs-repo { krebs-repos = mapAttrs make-krebs-repo {
brain = { }; brain = { };
krebs-secrets = { };
}; };
@ -33,7 +34,7 @@ let
set-owners repo [ config.krebs.users.makefu ] ++ set-ro-access repo krebsminister; set-owners repo [ config.krebs.users.makefu ] ++ set-ro-access repo krebsminister;
set-ro-access = with git; repo: user: set-ro-access = with git; repo: user:
optional repo.public { singleton {
inherit user; inherit user;
repo = [ repo ]; repo = [ repo ];
perm = fetch; perm = fetch;

View file

@ -8,6 +8,7 @@ in
users.extraUsers.${mainUser}.shell = "/run/current-system/sw/bin/zsh"; users.extraUsers.${mainUser}.shell = "/run/current-system/sw/bin/zsh";
programs.zsh= { programs.zsh= {
enable = true; enable = true;
enableCompletion = false ; #manually at the end
interactiveShellInit = '' interactiveShellInit = ''
HISTSIZE=900001 HISTSIZE=900001
HISTFILESIZE=$HISTSIZE HISTFILESIZE=$HISTSIZE
@ -29,7 +30,49 @@ in
unset SSH_AGENT_PID unset SSH_AGENT_PID
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh" export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
'';
# fzf
__fsel_fzf() {
local cmd="''${FZF_CTRL_T_COMMAND:-"command find -L . -mindepth 1 \\( -path '*/\\.*' -o -fstype 'sysfs' -o -fstype 'devfs' -o -fstype 'devtmpfs' -o -fstype 'proc' \\) -prune \
-o -type f -print \
-o -type d -print \
-o -type l -print 2> /dev/null | cut -b3-"}"
setopt localoptions pipefail 2> /dev/null
eval "$cmd" | FZF_DEFAULT_OPTS="--height ''${FZF_TMUX_HEIGHT:-40%} --reverse $FZF_DEFAULT_OPTS $FZF_CTRL_T_OPTS" $(__fzfcmd) -m "$@" | while read item; do
echo -n "''${(q)item} "
done
local ret=$?
echo
return $ret
}
__fzf_use_tmux__() {
[ -n "$TMUX_PANE" ] && [ "''${FZF_TMUX:-0}" != 0 ] && [ ''${LINES:-40} -gt 15 ]
}
__fzfcmd() {
__fzf_use_tmux__ &&
echo "fzf-tmux -d''${FZF_TMUX_HEIGHT:-40%}" || echo "fzf"
}
fzf-file-widget() {
LBUFFER="''${LBUFFER}$(__fsel_fzf)"
local ret=$?
zle redisplay
typeset -f zle-line-init >/dev/null && zle zle-line-init
return $ret
}
zle -N fzf-file-widget
bindkey '^T' fzf-file-widget
# Auto-Completion
for p in ''${(z)NIX_PROFILES}; do
fpath+=($p/share/zsh/site-functions $p/share/zsh/$ZSH_VERSION/functions $p/share/zsh/vendor-completions)
done
autoload -U compinit && compinit
compdef _pass brain
zstyle ':completion::complete:brain::' prefix "$HOME/brain"
'';
promptInit = '' promptInit = ''
RPROMPT="" RPROMPT=""
@ -47,5 +90,6 @@ in
krebs.per-user.${mainUser}.packages = [ krebs.per-user.${mainUser}.packages = [
pkgs.nix-zsh-completions pkgs.nix-zsh-completions
pkgs.fzf
]; ];
} }