From b95e15654d66607a416b2ba0e87a5d9dd0fe09ed Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 31 Jul 2017 23:55:08 +0200
Subject: [PATCH 01/39] krebs: keep correct host (build -> cgit)
---
krebs/3modules/lass/default.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 27009981b..4e50ef577 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -96,8 +96,8 @@ with import <stockholm/lib>;
ip6.addr = "42:0000:0000:0000:0000:0000:0000:15ab";
aliases = [
"prism.r"
- "build.prism.r"
"cache.prism.r"
+ "cgit.prism.r"
"paste.r"
"p.r"
];
From 67def2c04a8ce910033c5d4d22dda25b6fa85b7b Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 10:47:44 +0200
Subject: [PATCH 02/39] tv: add krebs-pages mirror at krebs.xu.r
---
krebs/3modules/tv/default.nix | 1 +
tv/1systems/xu/config.nix | 1 +
2 files changed, 2 insertions(+)
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 60827d589..26e8e2f34 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -323,6 +323,7 @@ with import <stockholm/lib>;
aliases = [
"xu.r"
"cgit.xu.r"
+ "krebs.xu.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix
index 2bffdddb3..e7516a455 100644
--- a/tv/1systems/xu/config.nix
+++ b/tv/1systems/xu/config.nix
@@ -13,6 +13,7 @@ with import <stockholm/lib>;
<stockholm/tv/2configs/gitrepos.nix>
<stockholm/tv/2configs/mail-client.nix>
<stockholm/tv/2configs/man.nix>
+ <stockholm/tv/2configs/nginx/krebs-pages.nix>
<stockholm/tv/2configs/nginx/public_html.nix>
<stockholm/tv/2configs/pulse.nix>
<stockholm/tv/2configs/retiolum.nix>
From bcc1a72d6a604533e025ad579e0dfca0a83c2716 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 10:57:36 +0200
Subject: [PATCH 03/39] makeScriptWriter: forward check parameter to writeOut
---
krebs/5pkgs/writers.nix | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/krebs/5pkgs/writers.nix b/krebs/5pkgs/writers.nix
index f1626078e..850ee6f1a 100644
--- a/krebs/5pkgs/writers.nix
+++ b/krebs/5pkgs/writers.nix
@@ -29,10 +29,11 @@ with import <stockholm/lib>;
execveBin = name: cfg:
pkgs.execve name (cfg // { destination = "/bin/${name}"; });
- makeScriptWriter = interpreter: name: text:
+ makeScriptWriter = { interpreter, check ? null }: name: text:
assert (with types; either absolute-pathname filename).check name;
pkgs.writeOut (baseNameOf name) {
${optionalString (types.absolute-pathname.check name) name} = {
+ inherit check;
executable = true;
text = "#! ${interpreter}\n${text}";
};
@@ -69,7 +70,9 @@ with import <stockholm/lib>;
strip --strip-unneeded "$exe"
'';
- writeDash = pkgs.makeScriptWriter "${pkgs.dash}/bin/dash";
+ writeDash = pkgs.makeScriptWriter {
+ interpreter = "${pkgs.dash}/bin/dash";
+ };
writeDashBin = name:
assert types.filename.check name;
@@ -305,5 +308,7 @@ with import <stockholm/lib>;
};
};
- writeSed = pkgs.makeScriptWriter "${pkgs.gnused}/bin/sed -f";
+ writeSed = pkgs.makeScriptWriter {
+ interpreter = "${pkgs.gnused}/bin/sed -f";
+ };
}
From 5742f322891d380b15b6570bf523e50c17c45212 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 11:27:03 +0200
Subject: [PATCH 04/39] krebs.sitemap: init
---
krebs/3modules/default.nix | 6 ++++++
lib/types.nix | 16 +++++++++++++++-
2 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index b0ad2baf5..abb3d37eb 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -70,6 +70,12 @@ let
type = types.hostname;
default = "r";
};
+
+ sitemap = mkOption {
+ default = {};
+ type = types.attrsOf types.sitemap.entry;
+ };
+
zone-head-config = mkOption {
type = with types; attrsOf str;
description = ''
diff --git a/lib/types.nix b/lib/types.nix
index 236190ccd..8c6846887 100644
--- a/lib/types.nix
+++ b/lib/types.nix
@@ -5,7 +5,7 @@ let
all any concatMapStringsSep concatStringsSep const filter flip
genid hasSuffix head isInt isString length mergeOneOption mkOption
mkOptionType optional optionalAttrs optionals range splitString
- stringLength substring test typeOf;
+ stringLength substring test testString typeOf;
inherit (lib.types)
attrsOf bool either enum int listOf nullOr path str string submodule;
in
@@ -357,6 +357,20 @@ rec {
pgp-pubkey = str;
+ sitemap.entry = submodule ({ config, ... }: {
+ options = {
+ desc = mkOption {
+ default = null;
+ type = nullOr str;
+ };
+ href = mkOption {
+ ${if testString "https?://.*" config._module.args.name
+ then "default" else null} = config._module.args.name;
+ type = nullOr str; # TODO nullOr uri?
+ };
+ };
+ });
+
ssh-pubkey = str;
ssh-privkey = submodule {
options = {
From 3d53636ab2ee3835f3cc823761843e22347d892d Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 11:27:27 +0200
Subject: [PATCH 05/39] tv: add cgit.krebsco.de and krebs.xu.r to sitemap
---
krebs/3modules/tv/default.nix | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 26e8e2f34..81db2d411 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -375,6 +375,14 @@ with import <stockholm/lib>;
ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNjHxyUC7afNGSwfwBfQizmDnHTNLWDRHE8SY9W4oiw2lPhCFGTN8Jz84CKtnABbZhbNY1E8T58emF2h45WzDg/OGi8DPAk4VsXSkIhyvAto+nkTy2L4atjqfvXDvqxTDC9sui+t8p5OqOK+sghe4kiy+Vx1jhnjSnkQsx9Kocu24BYTkNqYxG7uwOz6t262XYNwMn13Y2K/yygDR3Uw3wTnEjpaYnObRxxJS3iTECDzgixiQ6ewXwYNggpzO/+EfW1BTz5vmuEVf4GbQ9iEc7IsVXHhR+N0boCscvSgae9KW9MBun0A2veRFXNkkfBEMfzelz+S63oeVfelkBq6N5aLsHYYGC4VQjimScelHYVwxR7O4fV+NttJaFF7H06FJeFzPt3NYZeoPKealD5y2Muh1UnewpmkMgza9hQ9EmI4/G1fMowqeMq0U6Hu0QMDUAagyalizN97AfsllY2cs0qLNg7+zHMPwc5RgLzs73oPUsF3umz0O42I5p5733vveUlWi5IZeI8CA1ZKdpwyMXXNhIOHs8u+yGsOLfSy3RgjVKp2GjN4lfnFd0LI+p7iEsEWDRkIAvGCOFepsebyVpBjGP+Kqs10bPGpk5dMcyn9iBJejoz9ka+H9+JAG04LnXwt6Rf1CRV3VRCRX1ayZEjRv9czV7U9ZpuFQcIlVRJQ== root@zu";
};
};
+ sitemap = {
+ "http://cgit.krebsco.de" = {
+ desc = "Git repositories";
+ };
+ "http://krebs.xu.r" = {
+ desc = "krebs-pages mirror";
+ };
+ };
users = {
dv = {
mail = "dv@alnus.r";
From 8f5fc9bc4fff53936e8bba5b2a4de3d362b94f09 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 11:28:25 +0200
Subject: [PATCH 06/39] tv sudo: env_keep += XMONAD_SPAWN_WORKSPACE
---
tv/2configs/default.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index b59311092..420548bce 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -47,7 +47,7 @@ in {
{
security.hideProcessInformation = true;
security.sudo.extraConfig = ''
- Defaults env_keep+="SSH_CLIENT"
+ Defaults env_keep+="SSH_CLIENT XMONAD_SPAWN_WORKSPACE"
Defaults mailto="${config.krebs.users.tv.mail}"
Defaults !lecture
'';
From 2f52158dec91a87cddd3e643f29870a6acc233f6 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 11:30:16 +0200
Subject: [PATCH 07/39] tv: drop explicit stockholm deps
---
tv/2configs/default.nix | 12 ++----------
1 file changed, 2 insertions(+), 10 deletions(-)
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 420548bce..834a89083 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -21,16 +21,6 @@ in {
./sshd.nix
./vim.nix
./xdg.nix
- {
- # stockholm dependencies
- environment.systemPackages = with pkgs; [
- git
- gnumake
- hashPassword
- populate
- whatsupnix
- ];
- }
{
users = {
defaultUserShell = "/run/current-system/sw/bin/bash";
@@ -142,6 +132,8 @@ in {
{
environment.systemPackages = [
pkgs.get
+ pkgs.git
+ pkgs.hashPassword
pkgs.htop
pkgs.kpaste
pkgs.krebspaste
From e19b506f36c8848ece02d7796a91ff0634191609 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 12:15:45 +0200
Subject: [PATCH 08/39] tv retiolum: LocalDiscovery = yes
---
tv/2configs/retiolum.nix | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tv/2configs/retiolum.nix b/tv/2configs/retiolum.nix
index a914dad43..9940b1026 100644
--- a/tv/2configs/retiolum.nix
+++ b/tv/2configs/retiolum.nix
@@ -10,6 +10,9 @@ with import <stockholm/lib>;
"ni"
"prism"
];
+ extraConfig = ''
+ LocalDiscovery = yes
+ '';
tincPackage = pkgs.tinc_pre;
};
tv.iptables.input-internet-accept-tcp = singleton "tinc";
From dfcb663af9b116d07ec09603a6837230419a2785 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 1 Aug 2017 13:47:10 +0200
Subject: [PATCH 09/39] l mail: show html mails
---
lass/2configs/mail.nix | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index fe82fea59..cfc179842 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -15,6 +15,10 @@ let
${pkgs.msmtp}/bin/msmtp -C ${msmtprc} "$@"
'';
+ mailcap = pkgs.writeText "mailcap" ''
+ text/html; ${pkgs.elinks}/bin/elinks -dump ; copiousoutput;
+ '';
+
muttrc = pkgs.writeText "muttrc" ''
# gpg
source ${pkgs.neomutt}/share/doc/mutt/samples/gpg.rc
@@ -37,6 +41,9 @@ let
<display-message><enter-command> set crypt_verify_sig=\$my_crypt_verify_sig<enter>" \
'Verify PGP signature'
+ # read html mails
+ auto_view text/html
+ set mailcap_path = ${mailcap}
# notmuch
set nm_default_uri="notmuch://$HOME/Maildir" # path to the maildir
From e740022bc524a57dd671a5c714ab117b6331cf27 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 1 Aug 2017 14:15:45 +0200
Subject: [PATCH 10/39] l mail: use ISO date format
---
lass/2configs/mail.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index cfc179842..afd90315f 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -66,7 +66,7 @@ let
recipent="$(echo $1 | sed 's/[^,]*<\([^>]*\)[^,]*/ \1/g')"
# output to mutt
# V
- echo "%4C %Z %?GI?%GI& ? %[%d/%b] %-20.20a %?M?(%3M)& ? %s %> $recipent %?g?%g?%"
+ echo "%4C %Z %?GI?%GI& ? %[%y-%m-%d] %-20.20a %?M?(%3M)& ? %s %> $recipent %?g?%g?%"
# args to mutt-index dash script
# V
''} %r |"
From d56a90778408a199cc79ab47e1c2313a68cd2451 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 1 Aug 2017 18:06:13 +0200
Subject: [PATCH 11/39] l mail: activate indexbar in mailview
---
lass/2configs/mail.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index afd90315f..a90890aab 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -126,6 +126,8 @@ let
bind pager t noop
macro index t "<modify-labels>+TODO\n" # tag as Archived
+ # top index bar in email view
+ set pager_index_lines=7
# sidebar
set sidebar_width = 20
From e4042e132a50c343d3b42039140abb0695724e69 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 19:28:47 +0200
Subject: [PATCH 12/39] move subdirsOf from lib to makefu
---
lib/default.nix | 4 ----
makefu/5pkgs/default.nix | 5 ++++-
2 files changed, 4 insertions(+), 5 deletions(-)
diff --git a/lib/default.nix b/lib/default.nix
index 4c54f60aa..e5e40975e 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -20,10 +20,6 @@ let
then lib.lpad n c (c + s)
else s;
- subdirsOf = path:
- lib.mapAttrs (name: _: path + "/${name}")
- (filterAttrs (_: eq "directory") (readDir path));
-
genAttrs' = names: f: listToAttrs (map f names);
getAttrs = names: set:
diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix
index 99f8cf864..bb776ef25 100644
--- a/makefu/5pkgs/default.nix
+++ b/makefu/5pkgs/default.nix
@@ -15,6 +15,10 @@ self: super: let
override
else override;
+ subdirsOf = path:
+ mapAttrs (name: _: path + "/${name}")
+ (filterAttrs (_: eq "directory") (readDir path));
+
in {
alsa-hdspconf = callPackage ./alsa-tools { alsaToolTarget="hdspconf";};
alsa-hdspmixer = callPackage ./alsa-tools { alsaToolTarget="hdspmixer";};
@@ -27,7 +31,6 @@ in {
sha256 = "18ddzyh11bywrhzdkzvrl7nvgp5gdb4k1s0zxbz2bkhd14vi72bb";
};
};
-
}
// mapAttrs (_: flip callPackage {})
From fc59b6c395ffd68d7cd0504d1745fdc08e521525 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 19:56:42 +0200
Subject: [PATCH 13/39] tv test system: RIP
It was committed by accident.
---
tv/1systems/test/source.nix | 3 ---
1 file changed, 3 deletions(-)
delete mode 100644 tv/1systems/test/source.nix
diff --git a/tv/1systems/test/source.nix b/tv/1systems/test/source.nix
deleted file mode 100644
index f756b8586..000000000
--- a/tv/1systems/test/source.nix
+++ /dev/null
@@ -1,3 +0,0 @@
-import <stockholm/tv/source.nix> {
- name = "test";
-}
From f51f58f5ede75767b27354646d055649d7e37d82 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 20:07:17 +0200
Subject: [PATCH 14/39] tv: only xu is a virtualbox host
---
tv/1systems/wu/config.nix | 2 --
tv/1systems/xu/config.nix | 4 ++--
tv/1systems/zu/config.nix | 2 --
3 files changed, 2 insertions(+), 6 deletions(-)
diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix
index 1e28cc78a..9767f467a 100644
--- a/tv/1systems/wu/config.nix
+++ b/tv/1systems/wu/config.nix
@@ -169,6 +169,4 @@ with import <stockholm/lib>;
KERNEL=="rtc0", GROUP="audio"
KERNEL=="hpet", GROUP="audio"
'';
-
- virtualisation.virtualbox.host.enable = true;
}
diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix
index e7516a455..2c5e827a9 100644
--- a/tv/1systems/xu/config.nix
+++ b/tv/1systems/xu/config.nix
@@ -167,9 +167,9 @@ with import <stockholm/lib>;
#services.bitlbee.enable = true;
#services.tor.client.enable = true;
#services.tor.enable = true;
- #services.virtualboxHost.enable = true;
-
# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "15.09";
+
+ virtualisation.virtualbox.host.enable = true;
}
diff --git a/tv/1systems/zu/config.nix b/tv/1systems/zu/config.nix
index d2aab8c51..8eb64a27b 100644
--- a/tv/1systems/zu/config.nix
+++ b/tv/1systems/zu/config.nix
@@ -162,8 +162,6 @@ with import <stockholm/lib>;
#services.bitlbee.enable = true;
#services.tor.client.enable = true;
#services.tor.enable = true;
- #services.virtualboxHost.enable = true;
-
# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "15.09";
From 11a65914542870cf5326ea602926b55553362b17 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 20:09:48 +0200
Subject: [PATCH 15/39] tv zu: drop test secret-file
---
tv/1systems/zu/config.nix | 6 ------
1 file changed, 6 deletions(-)
diff --git a/tv/1systems/zu/config.nix b/tv/1systems/zu/config.nix
index 8eb64a27b..272fba880 100644
--- a/tv/1systems/zu/config.nix
+++ b/tv/1systems/zu/config.nix
@@ -6,12 +6,6 @@ with import <stockholm/lib>;
krebs.build.host = config.krebs.hosts.zu;
imports = [
- {
- options.tv.test.sercret-file = mkOption {
- type = types.secret-file;
- default = {};
- };
- }
<stockholm/tv>
<stockholm/tv/2configs/hw/x220.nix>
<stockholm/tv/2configs/exim-retiolum.nix>
From e749d26c4fd2401b7f8e0293aaf780b4700af3c1 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 20:11:14 +0200
Subject: [PATCH 16/39] tv public_html: add server aliases for gg23
---
tv/2configs/nginx/public_html.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/tv/2configs/nginx/public_html.nix b/tv/2configs/nginx/public_html.nix
index a686d281c..cc7a39891 100644
--- a/tv/2configs/nginx/public_html.nix
+++ b/tv/2configs/nginx/public_html.nix
@@ -9,6 +9,7 @@ with import <stockholm/lib>;
serverAliases = [
"localhost"
"${config.krebs.build.host.name}"
+ "${config.krebs.build.host.name}.gg23"
"${config.krebs.build.host.name}.r"
];
locations."~ ^/~(.+?)(/.*)?\$".extraConfig = ''
From 06d2c2d773559c0c059768e1ab8a350ae2a82c0e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 20:12:04 +0200
Subject: [PATCH 17/39] tv vim: colorize search results
---
tv/2configs/vim.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index f0b1cf520..85283238d 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -70,6 +70,8 @@ let {
hi diffSubname ctermfg=207
hi diffAdded ctermfg=010
hi diffRemoved ctermfg=009
+
+ hi Search cterm=NONE ctermbg=216
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
From 5aad878c525c16e98922858bbc85eade10365526 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 20:13:30 +0200
Subject: [PATCH 18/39] tv vim: relaxt sh.extraStart for variable names
---
tv/2configs/vim.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 85283238d..ca4718646 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -229,7 +229,7 @@ let {
lua = {};
sed.extraStart = ''writeSed[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
sh.extraStart = concatStringsSep ''\|'' [
- ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"''
+ ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)''
''[a-z]*Phase[ \t\r\n]*=''
];
yaml = {};
From ad0f78278968b3cd0656a72be8db9a287bd6398a Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 20:27:36 +0200
Subject: [PATCH 19/39] tv djbdns: RIP
---
tv/5pkgs/simple/djbdns/default.nix | 20 --------------------
1 file changed, 20 deletions(-)
delete mode 100644 tv/5pkgs/simple/djbdns/default.nix
diff --git a/tv/5pkgs/simple/djbdns/default.nix b/tv/5pkgs/simple/djbdns/default.nix
deleted file mode 100644
index ad5a530bd..000000000
--- a/tv/5pkgs/simple/djbdns/default.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ coreutils, gawk, fetchurl, stdenv, ... }:
-
-with stdenv.lib;
-
-stdenv.mkDerivation rec {
- name = "djbdns-1.05";
- src = fetchurl {
- url = "http://cr.yp.to/djbdns/djbdns-1.05.tar.gz";
- sha256 = "0j3baf92vkczr5fxww7rp1b7gmczxmmgrqc8w2dy7kgk09m85k9w";
- };
- configurePhase = ''
- echo $out > conf-home
- echo gcc -O2 -include errno.h > conf-cc
- '';
- patchPhase = ''
- sed -i 's:c("/","etc","dnsroots.global",-1,-1,0644);:// &:' hier.c
- sed -i '1s@^@PATH=${makeBinPath [ coreutils gawk ]}\n@' dnstracesort.sh
- '';
- installTargets = "setup check";
-}
From bcd8c5a9661634a53c88029fc9028e1dbf2228b2 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 20:46:32 +0200
Subject: [PATCH 20/39] tv tarantool: RIP
---
krebs/5pkgs/simple/tarantool/default.nix | 21 ---------------------
1 file changed, 21 deletions(-)
delete mode 100644 krebs/5pkgs/simple/tarantool/default.nix
diff --git a/krebs/5pkgs/simple/tarantool/default.nix b/krebs/5pkgs/simple/tarantool/default.nix
deleted file mode 100644
index 9e22fd4f3..000000000
--- a/krebs/5pkgs/simple/tarantool/default.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ stdenv, fetchgit, cmake, ncurses, openssl, readline, ... }:
-
-stdenv.mkDerivation rec {
- name = "tarantool-1.7.1-164-g0fd0239";
- src = fetchgit {
- url = https://github.com/tarantool/tarantool;
- rev = builtins.elemAt (builtins.match ".*-g([0-9a-f]+)" name) 0;
- sha256 = "1jnaiizbl9j4a8vsihqx75iqa9bkh1kpwsyrgmim8ikiyzfw54dz";
- fetchSubmodules = true;
- };
- buildInputs = [
- cmake
- ncurses
- openssl
- readline
- ];
- preConfigure = ''
- echo ${(builtins.parseDrvName name).version} > VERSION
- sed -i 's/NAMES termcap/NAMES ncurses/' cmake/FindTermcap.cmake
- '';
-}
From 95aef46c56564ce82e3f0e864cc0508e310a0825 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 1 Aug 2017 20:18:38 +0200
Subject: [PATCH 21/39] l statig_nginx: RIP
---
lass/3modules/static_nginx.nix | 78 ----------------------------------
1 file changed, 78 deletions(-)
delete mode 100644 lass/3modules/static_nginx.nix
diff --git a/lass/3modules/static_nginx.nix b/lass/3modules/static_nginx.nix
deleted file mode 100644
index cd33a2cf1..000000000
--- a/lass/3modules/static_nginx.nix
+++ /dev/null
@@ -1,78 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-
-let
- cfg = config.lass.staticPage;
-
- out = {
- options.lass.staticPage = api;
- config = imp;
- };
-
- api = mkOption {
- type = with types; attrsOf (submodule ({ config, ... }: {
- options = {
- domain = mkOption {
- type = str;
- default = config._module.args.name;
- };
- folder = mkOption {
- type = str;
- default = "/srv/http/${config.domain}";
- };
- #sslEnable = mkEnableOption "ssl";
- #certificate = mkOption {
- # type = str;
- #};
- #certificate_key = mkOption {
- # type = str;
- #};
- #ciphers = mkOption {
- # type = str;
- # default = "AES128+EECDH:AES128+EDH";
- #};
- ssl = mkOption {
- type = with types; submodule ({
- options = {
- enable = mkEnableOption "ssl";
- certificate = mkOption {
- type = str;
- };
- certificate_key = mkOption {
- type = str;
- };
- };
- });
- default = {};
- };
- };
- }));
- default = {};
- };
-
- user = config.services.nginx.user;
- group = config.services.nginx.group;
-
- external-ip = config.krebs.build.host.nets.internet.ip4.addr;
-
- imp = {
- krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, ssl, ... }: {
- server-names = [
- "${domain}"
- "www.${domain}"
- ];
- locations = [
- (nameValuePair "/" ''
- root ${folder};
- '')
- (nameValuePair "~ /\\." ''
- deny all;
- '')
- ];
- inherit ssl;
-
- });
- };
-
-in out
From 8c9e0ad35d330e980a59c57b89715c21971c1819 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 1 Aug 2017 20:47:34 +0200
Subject: [PATCH 22/39] l websites: add default.nix for 404
---
lass/2configs/websites/default.nix | 26 ++++++++++++++++++++++++++
lass/2configs/websites/domsen.nix | 1 +
lass/2configs/websites/fritz.nix | 1 +
lass/2configs/websites/lassulus.nix | 1 +
4 files changed, 29 insertions(+)
create mode 100644 lass/2configs/websites/default.nix
diff --git a/lass/2configs/websites/default.nix b/lass/2configs/websites/default.nix
new file mode 100644
index 000000000..1ffa105a7
--- /dev/null
+++ b/lass/2configs/websites/default.nix
@@ -0,0 +1,26 @@
+{ config, lib, ... }:
+
+with import <stockholm/lib>;
+
+{
+ services.nginx = {
+ recommendedGzipSettings = true;
+ recommendedOptimisation = true;
+ recommendedTlsSettings = true;
+
+ virtualHosts._http = {
+ default = true;
+ extraConfig = ''
+ return 404;
+ '';
+ };
+
+ virtualHosts.default = {
+ locations."= /etc/os-release".extraConfig = ''
+ default_type text/plain;
+ alias /etc/os-release;
+ '';
+ };
+ };
+}
+
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index b0e5375c7..10ff142f9 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -23,6 +23,7 @@ let
in {
imports = [
+ ./default.nix
./sqlBackup.nix
(servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ])
(servePage [
diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix
index 45927b102..aa57a9857 100644
--- a/lass/2configs/websites/fritz.nix
+++ b/lass/2configs/websites/fritz.nix
@@ -26,6 +26,7 @@ in {
services.nginx.enable = true;
imports = [
+ ./default.nix
./sqlBackup.nix
(serveWordpress [ "radical-dreamers.de" "www.radical-dreamers.de" ])
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 0771570ca..93b817c3b 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -8,6 +8,7 @@ let
in {
imports = [
+ ./default.nix
../git.nix
];
From 24a515c4a0069828bc84ac60d239f88f9b637524 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 22:22:10 +0200
Subject: [PATCH 23/39] tv {wu,zu}: remove extra systemPackages
---
tv/1systems/wu/config.nix | 92 -------------------------------------
tv/1systems/zu/config.nix | 96 ---------------------------------------
2 files changed, 188 deletions(-)
diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix
index 9767f467a..5ec6a462e 100644
--- a/tv/1systems/wu/config.nix
+++ b/tv/1systems/wu/config.nix
@@ -17,91 +17,6 @@ with import <stockholm/lib>;
<stockholm/tv/2configs/pulse.nix>
<stockholm/tv/2configs/retiolum.nix>
<stockholm/tv/2configs/xserver>
- {
- environment.systemPackages = with pkgs; [
- # root
- cryptsetup
-
- # tv
- bc
- bind # dig
- cac-api
- dic
- file
- get
- gnupg1compat
- haskellPackages.hledger
- jq
- mkpasswd
- netcat
- nix-repl
- nmap
- p7zip
- push
- qrencode
- tmux
-
- #ack
- #apache-httpd
- #ascii
- #emacs
- #es
- #esniper
- #gcc
- #gptfdisk
- #graphviz
- #haskellPackages.cabal2nix
- #haskellPackages.ghc
- #haskellPackages.shake
- #hdparm
- #i7z
- #iftop
- #imagemagick
- #inotifyTools
- #iodine
- #iotop
- #lshw
- #lsof
- #minicom
- #mtools
- #ncmpc
- #neovim
- #nethogs
- #nix-prefetch-scripts #cvs bug
- #openssl
- #openswan
- #parted
- #perl
- #powertop
- #ppp
- #proot
- #pythonPackages.arandr
- #pythonPackages.youtube-dl
- #racket
- #rxvt_unicode-with-plugins
- #scrot
- #sec
- #silver-searcher
- #sloccount
- #smartmontools
- #socat
- #sshpass
- #strongswan
- #sysdig
- #sysstat
- #tcpdump
- #tlsdate
- #unetbootin
- #utillinuxCurses
- #wvdial
- #xdotool
- #xkill
- #xl2tpd
- #xsel
-
- unison
- ];
- }
];
boot.initrd.luks = {
@@ -143,13 +58,6 @@ with import <stockholm/lib>;
hardware.enableRedistributableFirmware= true;
hardware.opengl.driSupport32Bit = true;
- environment.systemPackages = with pkgs; [
- ethtool
- tinc_pre
- iptables
- #jack2
- ];
-
security.wrappers = {
sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
};
diff --git a/tv/1systems/zu/config.nix b/tv/1systems/zu/config.nix
index 272fba880..5936ddfe1 100644
--- a/tv/1systems/zu/config.nix
+++ b/tv/1systems/zu/config.nix
@@ -16,93 +16,6 @@ with import <stockholm/lib>;
<stockholm/tv/2configs/pulse.nix>
<stockholm/tv/2configs/retiolum.nix>
<stockholm/tv/2configs/xserver>
- {
- environment.systemPackages = with pkgs; [
-
- # root
- cryptsetup
-
- # tv
- bc
- bind # dig
- cac-api
- dic
- file
- gnupg1compat
- haskellPackages.hledger
- jq
- mkpasswd
- netcat
- nix-repl
- nmap
- p7zip
- pass
- q
- qrencode
- # XXX fails at systemd.services.dbus.unitConfig
- #texlive
- tmux
-
- #ack
- #apache-httpd
- #ascii
- #emacs
- #es
- #esniper
- #gcc
- #gptfdisk
- #graphviz
- #haskellPackages.cabal2nix
- #haskellPackages.ghc
- #haskellPackages.shake
- #hdparm
- #i7z
- #iftop
- #imagemagick
- #inotifyTools
- #iodine
- #iotop
- #lshw
- #lsof
- #minicom
- #mtools
- #ncmpc
- #nethogs
- #nix-prefetch-scripts #cvs bug
- #openssl
- #openswan
- #parted
- #perl
- #powertop
- #ppp
- #proot
- #pythonPackages.arandr
- #pythonPackages.youtube-dl
- #racket
- #rxvt_unicode-with-plugins
- #scrot
- #sec
- #silver-searcher
- #sloccount
- #smartmontools
- #socat
- #sshpass
- #strongswan
- #sysdig
- #sysstat
- #tcpdump
- #tlsdate
- #unetbootin
- #utillinuxCurses
- #wvdial
- #xdotool
- #xkill
- #xl2tpd
- #xsel
-
- unison
- ];
- }
];
boot.initrd.luks = {
@@ -133,15 +46,6 @@ with import <stockholm/lib>;
};
};
- environment.systemPackages = with pkgs; [
- ethtool
- tinc_pre
- iptables
- #jack2
-
- gptfdisk
- ];
-
security.wrappers = {
sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
};
From 0b4d3edff8f3e0e33756355f1b3121cf311bafdb Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 22:32:14 +0200
Subject: [PATCH 24/39] tv: boot.tmpOnTmpfs = true
---
tv/1systems/mu/config.nix | 10 ----------
tv/1systems/nomic/config.nix | 3 ---
tv/1systems/wu/config.nix | 10 ----------
tv/1systems/xu/config.nix | 10 ----------
tv/1systems/zu/config.nix | 10 ----------
tv/2configs/default.nix | 2 ++
6 files changed, 2 insertions(+), 43 deletions(-)
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 4c6d16329..01de9ee6b 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -50,11 +50,6 @@ with import <stockholm/lib>;
"/boot" = {
device = "/dev/sda1";
};
- "/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = [ "nosuid" "nodev" "noatime" ];
- };
};
swapDevices =[ ];
@@ -152,9 +147,4 @@ with import <stockholm/lib>;
"networkmanager"
];
};
-
- # see tmpfiles.d(5)
- systemd.tmpfiles.rules = [
- "d /tmp 1777 root root - -" # does this work with mounted /tmp?
- ];
}
diff --git a/tv/1systems/nomic/config.nix b/tv/1systems/nomic/config.nix
index d0144986b..64cccde0c 100644
--- a/tv/1systems/nomic/config.nix
+++ b/tv/1systems/nomic/config.nix
@@ -52,9 +52,6 @@ with import <stockholm/lib>;
swapDevices = [ ];
- # TODO base
- boot.tmpOnTmpfs = true;
-
environment.systemPackages = with pkgs; [
(writeDashBin "play" ''
set -euf
diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix
index 5ec6a462e..cdcaa98d9 100644
--- a/tv/1systems/wu/config.nix
+++ b/tv/1systems/wu/config.nix
@@ -45,11 +45,6 @@ with import <stockholm/lib>;
"/boot" = {
device = "/dev/sda1";
};
- "/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
};
krebs.nixpkgs.allowUnfreePredicate = pkg: hasPrefix "nvidia-x11-" pkg.name;
@@ -64,11 +59,6 @@ with import <stockholm/lib>;
services.printing.enable = true;
- # see tmpfiles.d(5)
- systemd.tmpfiles.rules = [
- "d /tmp 1777 root root - -" # does this work with mounted /tmp?
- ];
-
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="00:90:f5:da:aa:c3", NAME="en0"
SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:1b:ae:6c", NAME="wl0"
diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix
index 2c5e827a9..0525be858 100644
--- a/tv/1systems/xu/config.nix
+++ b/tv/1systems/xu/config.nix
@@ -137,11 +137,6 @@ with import <stockholm/lib>;
"/boot" = {
device = "/dev/sda1";
};
- "/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
};
environment.systemPackages = with pkgs; [
@@ -159,11 +154,6 @@ with import <stockholm/lib>;
services.printing.enable = true;
- # see tmpfiles.d(5)
- systemd.tmpfiles.rules = [
- "d /tmp 1777 root root - -" # does this work with mounted /tmp?
- ];
-
#services.bitlbee.enable = true;
#services.tor.client.enable = true;
#services.tor.enable = true;
diff --git a/tv/1systems/zu/config.nix b/tv/1systems/zu/config.nix
index 5936ddfe1..7267bbc9e 100644
--- a/tv/1systems/zu/config.nix
+++ b/tv/1systems/zu/config.nix
@@ -39,11 +39,6 @@ with import <stockholm/lib>;
"/boot" = {
device = "/dev/sda1";
};
- "/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
};
security.wrappers = {
@@ -52,11 +47,6 @@ with import <stockholm/lib>;
services.printing.enable = true;
- # see tmpfiles.d(5)
- systemd.tmpfiles.rules = [
- "d /tmp 1777 root root - -" # does this work with mounted /tmp?
- ];
-
#services.bitlbee.enable = true;
#services.tor.client.enable = true;
#services.tor.enable = true;
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 834a89083..c58525e98 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -4,6 +4,8 @@ with import <stockholm/lib>;
then "buildbot"
else "tv";
in {
+ boot.tmpOnTmpfs = true;
+
krebs.enable = true;
krebs.build.user = config.krebs.users.tv;
From f58b49aa82769b4f3eca5ee0e63de407224c7dd9 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 22:34:14 +0200
Subject: [PATCH 25/39] tv config: drop unused "builder" variable
---
tv/2configs/default.nix | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index c58525e98..730b055a2 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -1,9 +1,6 @@
with import <stockholm/lib>;
-{ config, lib, pkgs, ... }: let
- builder = if getEnv "dummy_secrets" == "true"
- then "buildbot"
- else "tv";
-in {
+{ config, pkgs, ... }: {
+
boot.tmpOnTmpfs = true;
krebs.enable = true;
From 9b62b9d74ba298b10823d5b71aa46d6ea46f0e13 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 22:37:41 +0200
Subject: [PATCH 26/39] tv systems: normalize head
---
tv/1systems/alnus/config.nix | 4 +---
tv/1systems/mu/config.nix | 4 +---
tv/1systems/nomic/config.nix | 4 +---
tv/1systems/wu/config.nix | 4 +---
tv/1systems/xu/config.nix | 4 +---
tv/1systems/zu/config.nix | 4 +---
6 files changed, 6 insertions(+), 18 deletions(-)
diff --git a/tv/1systems/alnus/config.nix b/tv/1systems/alnus/config.nix
index dd9e594fc..b53a8ea9e 100644
--- a/tv/1systems/alnus/config.nix
+++ b/tv/1systems/alnus/config.nix
@@ -1,8 +1,6 @@
-{ config, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
imports = [
<stockholm/tv>
<stockholm/tv/2configs/hw/x220.nix>
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 01de9ee6b..11715c14d 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -1,8 +1,6 @@
-{ config, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
imports = [
<stockholm/krebs>
<stockholm/tv/2configs>
diff --git a/tv/1systems/nomic/config.nix b/tv/1systems/nomic/config.nix
index 64cccde0c..e96699800 100644
--- a/tv/1systems/nomic/config.nix
+++ b/tv/1systems/nomic/config.nix
@@ -1,8 +1,6 @@
-{ config, lib, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
krebs.build.host = config.krebs.hosts.nomic;
imports = [
diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix
index cdcaa98d9..24a1141ba 100644
--- a/tv/1systems/wu/config.nix
+++ b/tv/1systems/wu/config.nix
@@ -1,8 +1,6 @@
-{ config, lib, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
krebs.build.host = config.krebs.hosts.wu;
imports = [
diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix
index 0525be858..0444b95cb 100644
--- a/tv/1systems/xu/config.nix
+++ b/tv/1systems/xu/config.nix
@@ -1,8 +1,6 @@
-{ config, lib, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
krebs.build.host = config.krebs.hosts.xu;
imports = [
diff --git a/tv/1systems/zu/config.nix b/tv/1systems/zu/config.nix
index 7267bbc9e..1a924a477 100644
--- a/tv/1systems/zu/config.nix
+++ b/tv/1systems/zu/config.nix
@@ -1,8 +1,6 @@
-{ config, lib, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
krebs.build.host = config.krebs.hosts.zu;
imports = [
From 91e48fae045a8b00239ae65bb027143ef9fcc50c Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 22:47:08 +0200
Subject: [PATCH 27/39] tv: drop redundant swapDevices defs
---
tv/1systems/alnus/config.nix | 2 --
tv/1systems/mu/config.nix | 2 --
tv/1systems/nomic/config.nix | 2 --
3 files changed, 6 deletions(-)
diff --git a/tv/1systems/alnus/config.nix b/tv/1systems/alnus/config.nix
index b53a8ea9e..71302d594 100644
--- a/tv/1systems/alnus/config.nix
+++ b/tv/1systems/alnus/config.nix
@@ -79,8 +79,6 @@ with import <stockholm/lib>;
};
};
- swapDevices =[ ];
-
users.users.dv = {
inherit (config.krebs.users.dv) home uid;
isNormalUser = true;
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 11715c14d..0c1e79238 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -50,8 +50,6 @@ with import <stockholm/lib>;
};
};
- swapDevices =[ ];
-
nixpkgs.config.allowUnfree = true;
hardware.opengl.driSupport32Bit = true;
diff --git a/tv/1systems/nomic/config.nix b/tv/1systems/nomic/config.nix
index e96699800..996a5e7ec 100644
--- a/tv/1systems/nomic/config.nix
+++ b/tv/1systems/nomic/config.nix
@@ -48,8 +48,6 @@ with import <stockholm/lib>;
fsType = "btrfs";
};
- swapDevices = [ ];
-
environment.systemPackages = with pkgs; [
(writeDashBin "play" ''
set -euf
From 4580d831a889b6260210ec2abb01ca387f35f801 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 22:55:16 +0200
Subject: [PATCH 28/39] tv zu: add fileSystems."/bku"
---
tv/1systems/zu/config.nix | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tv/1systems/zu/config.nix b/tv/1systems/zu/config.nix
index 1a924a477..05c14299c 100644
--- a/tv/1systems/zu/config.nix
+++ b/tv/1systems/zu/config.nix
@@ -29,6 +29,11 @@ with import <stockholm/lib>;
fsType = "btrfs";
options = ["defaults" "noatime" "ssd" "compress=lzo"];
};
+ "/bku" = {
+ device = "/dev/mapper/zuvga-bku";
+ fsType = "btrfs";
+ options = ["defaults" "noatime" "ssd" "compress=lzo"];
+ };
"/home" = {
device = "/dev/mapper/zuvga-home";
fsType = "btrfs";
From 51042442288c2d27a2fb7ce073801932c5457813 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 23:28:21 +0200
Subject: [PATCH 29/39] tv: drop security.wrappers.sendmail
---
tv/1systems/mu/config.nix | 1 -
tv/1systems/wu/config.nix | 4 ----
tv/1systems/xu/config.nix | 4 ----
tv/1systems/zu/config.nix | 4 ----
4 files changed, 13 deletions(-)
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 0c1e79238..95b01bffc 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -88,7 +88,6 @@ with import <stockholm/lib>;
programs.ssh.startAgent = false;
security.wrappers = {
- sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
slock.source = "${pkgs.slock}/bin/slock";
};
diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix
index 24a1141ba..79b5aa269 100644
--- a/tv/1systems/wu/config.nix
+++ b/tv/1systems/wu/config.nix
@@ -51,10 +51,6 @@ with import <stockholm/lib>;
hardware.enableRedistributableFirmware= true;
hardware.opengl.driSupport32Bit = true;
- security.wrappers = {
- sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
- };
-
services.printing.enable = true;
services.udev.extraRules = ''
diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix
index 0444b95cb..0abd544ce 100644
--- a/tv/1systems/xu/config.nix
+++ b/tv/1systems/xu/config.nix
@@ -146,10 +146,6 @@ with import <stockholm/lib>;
gptfdisk
];
- security.wrappers = {
- sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
- };
-
services.printing.enable = true;
#services.bitlbee.enable = true;
diff --git a/tv/1systems/zu/config.nix b/tv/1systems/zu/config.nix
index 05c14299c..414d2f226 100644
--- a/tv/1systems/zu/config.nix
+++ b/tv/1systems/zu/config.nix
@@ -44,10 +44,6 @@ with import <stockholm/lib>;
};
};
- security.wrappers = {
- sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
- };
-
services.printing.enable = true;
#services.bitlbee.enable = true;
From c5fae75443a7f13b54a0952d12275e9016628db2 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 1 Aug 2017 23:28:41 +0200
Subject: [PATCH 30/39] mv: drop security.wrappers.sendmail
---
mv/1systems/stro.nix | 4 ----
1 file changed, 4 deletions(-)
diff --git a/mv/1systems/stro.nix b/mv/1systems/stro.nix
index c8035b88e..bb37aedda 100644
--- a/mv/1systems/stro.nix
+++ b/mv/1systems/stro.nix
@@ -143,10 +143,6 @@ with import <stockholm/lib>;
};
};
- security.wrappers = {
- sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
- };
-
security.sudo.extraConfig = ''
Defaults env_keep+="SSH_CLIENT"
Defaults mailto="${config.krebs.users.mv.mail}"
From 13b161949cee6f1fb97781fcfa0a700ac4f5b352 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 2 Aug 2017 00:22:49 +0200
Subject: [PATCH 31/39] tv mu: drop boot.extraModprobeConfig
---
tv/1systems/mu/config.nix | 4 ----
1 file changed, 4 deletions(-)
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 95b01bffc..32143f37c 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -31,10 +31,6 @@ with import <stockholm/lib>;
boot.kernelModules = [ "fbcon" "kvm-intel" ];
boot.extraModulePackages = [ ];
- boot.extraModprobeConfig = ''
- options kvm_intel nested=1
- '';
-
fileSystems = {
"/" = {
device = "/dev/vgmu1/nixroot";
From 26b88c04c59ed05ae29b9a65563322aa01527b96 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 2 Aug 2017 02:13:21 +0200
Subject: [PATCH 32/39] tv: add x0vncserver module
---
tv/3modules/default.nix | 1 +
tv/3modules/x0vncserver.nix | 52 +++++++++++++++++++++++++++++++++++++
2 files changed, 53 insertions(+)
create mode 100644 tv/3modules/x0vncserver.nix
diff --git a/tv/3modules/default.nix b/tv/3modules/default.nix
index 397ee8e85..83dc212a6 100644
--- a/tv/3modules/default.nix
+++ b/tv/3modules/default.nix
@@ -6,5 +6,6 @@ _:
./ejabberd
./hosts.nix
./iptables.nix
+ ./x0vncserver.nix
];
}
diff --git a/tv/3modules/x0vncserver.nix b/tv/3modules/x0vncserver.nix
new file mode 100644
index 000000000..44fed590d
--- /dev/null
+++ b/tv/3modules/x0vncserver.nix
@@ -0,0 +1,52 @@
+with import <stockholm/lib>;
+{ config, pkgs, ... }: let
+
+ cfg = config.tv.x0vncserver;
+
+in {
+ options.tv.x0vncserver = {
+ display = mkOption {
+ default = ":${toString config.services.xserver.display}";
+ type = types.str;
+ };
+ enable = mkEnableOption "tv.x0vncserver";
+ pwfile = mkOption {
+ default = {
+ owner = cfg.user;
+ path = "${cfg.user.home}/.vncpasswd";
+ source-path = toString <secrets> + "/vncpasswd";
+ };
+ description = ''
+ Use vncpasswd to edit pwfile.
+ See: nix-shell -p tigervnc --run 'man vncpasswd'
+ '';
+ type = types.secret-file;
+ };
+ rfbport = mkOption {
+ default = 5900;
+ type = types.int;
+ };
+ user = mkOption {
+ default = config.krebs.build.user;
+ type = types.user;
+ };
+ };
+ config = mkIf cfg.enable {
+ krebs.secret.files = {
+ x0vncserver-pwfile = cfg.pwfile;
+ };
+ systemd.services.x0vncserver = {
+ after = [ "graphical.target" "secret.service" ];
+ requires = [ "graphical.target" "secret.service" ];
+ serviceConfig = {
+ ExecStart = "${pkgs.tigervnc}/bin/x0vncserver ${toString [
+ "-display ${cfg.display}"
+ "-passwordfile ${cfg.pwfile.path}"
+ "-rfbport ${toString cfg.rfbport}"
+ ]}";
+ User = cfg.user.name;
+ };
+ };
+ tv.iptables.input-retiolum-accept-tcp = singleton (toString cfg.rfbport);
+ };
+}
From f607ba46109e11466988b980ff36e395aa0c4049 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 2 Aug 2017 02:13:57 +0200
Subject: [PATCH 33/39] tv mu: drop udev extraRules
---
tv/1systems/mu/config.nix | 10 ----------
1 file changed, 10 deletions(-)
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 32143f37c..42fcfdb29 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -12,16 +12,6 @@ with import <stockholm/lib>;
krebs.build.host = config.krebs.hosts.mu;
krebs.build.user = mkForce config.krebs.users.vv;
- services.udev.extraRules = ''
- SUBSYSTEM=="net", ATTR{address}=="00:90:f5:da:aa:c3", NAME="en0"
- SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:1b:ae:6c", NAME="wl0"
-
- # for jack
- KERNEL=="rtc0", GROUP="audio"
- KERNEL=="hpet", GROUP="audio"
- '';
-
-
# hardware configuration
boot.initrd.luks.devices = [
{ name = "vgmu1"; device = "/dev/sda2"; }
From d97d86eddec8002a7a7e5b01320e33121a6ff27f Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 2 Aug 2017 02:14:23 +0200
Subject: [PATCH 34/39] tv mu: boot.loader.{gummiboot => systemd-boot}
---
tv/1systems/mu/config.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 42fcfdb29..96ccd321e 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -43,8 +43,8 @@ with import <stockholm/lib>;
hardware.enableRedistributableFirmware = true;
- boot.loader.gummiboot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
+ boot.loader.systemd-boot.enable = true;
networking.networkmanager.enable = true;
From 87c7d8dcf933c2de783098dfe9b6f1b383062daf Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 2 Aug 2017 02:14:49 +0200
Subject: [PATCH 35/39] tv mu: enable x0vncserver
---
tv/1systems/mu/config.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 96ccd321e..089481872 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -12,6 +12,8 @@ with import <stockholm/lib>;
krebs.build.host = config.krebs.hosts.mu;
krebs.build.user = mkForce config.krebs.users.vv;
+ tv.x0vncserver.enable = true;
+
# hardware configuration
boot.initrd.luks.devices = [
{ name = "vgmu1"; device = "/dev/sda2"; }
From 37373468839e8b734d0ea9ddabb49d2196206d4f Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 2 Aug 2017 01:08:12 +0200
Subject: [PATCH 36/39] ma sane-extra: init
---
makefu/3modules/default.nix | 1 +
makefu/3modules/sane-extra.nix | 45 ++++++++++++++++++++++++++++++++++
2 files changed, 46 insertions(+)
create mode 100644 makefu/3modules/sane-extra.nix
diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix
index 2981e0fa3..00df56bee 100644
--- a/makefu/3modules/default.nix
+++ b/makefu/3modules/default.nix
@@ -9,6 +9,7 @@ _:
./opentracker.nix
./ps3netsrv.nix
./logging-config.nix
+ ./sane-extra.nix
./server-config.nix
./snapraid.nix
./torrent.nix
diff --git a/makefu/3modules/sane-extra.nix b/makefu/3modules/sane-extra.nix
new file mode 100644
index 000000000..2e0ce8f2f
--- /dev/null
+++ b/makefu/3modules/sane-extra.nix
@@ -0,0 +1,45 @@
+{ config, lib, pkgs, ... }:
+# https://github.com/michalrus/dotfiles/blob/d943be3089aa436e07cea5f22d829402936a9229/.nixos-config.symlink/modules/sane-extra-config.nix
+# via https://github.com/NixOS/nixpkgs/issues/17411
+# via https://unix.stackexchange.com/questions/321954/install-epson-v39-on-nixos
+with lib;
+
+let
+
+ cfg = config.hardware.sane;
+
+ pkg = if cfg.snapshot
+ then pkgs.sane-backends-git
+ else pkgs.sane-backends;
+
+ backends = [ pkg ] ++ cfg.extraBackends;
+
+ saneConfig = pkgs.mkSaneConfig { paths = backends; };
+
+ saneExtraConfig = pkgs.runCommand "sane-extra-config" {} ''
+ cp -Lr '${pkgs.mkSaneConfig { paths = [ pkgs.sane-backends ]; }}'/etc/sane.d $out
+ chmod +w $out
+ ${concatMapStrings (c: ''
+ f="$out/${c.name}.conf"
+ [ ! -e "$f" ] || chmod +w "$f"
+ cat ${builtins.toFile "" (c.value + "\n")} >>"$f"
+ chmod -w "$f"
+ '') (mapAttrsToList nameValuePair cfg.extraConfig)}
+ chmod -w $out
+ '';
+
+in
+
+{
+ options = {
+ hardware.sane.extraConfig = mkOption {
+ type = types.attrsOf types.lines;
+ default = {};
+ example = { "some-backend" = "# some lines to add to its .conf"; };
+ };
+ };
+
+ config = mkIf (cfg.enable && cfg.extraConfig != {}) {
+ hardware.sane.configDir = saneExtraConfig.outPath;
+ };
+}
From a5c7310cc24145aee4f8c7fc3f89dde9b95fe7f9 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 2 Aug 2017 11:49:27 +0200
Subject: [PATCH 37/39] ma printer: add support for magicolor
---
makefu/2configs/printer.nix | 25 ++++++++++++++++++++-----
1 file changed, 20 insertions(+), 5 deletions(-)
diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix
index 509ed512d..0865a0841 100644
--- a/makefu/2configs/printer.nix
+++ b/makefu/2configs/printer.nix
@@ -1,15 +1,30 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
-{
+let
+ mainUser = config.krebs.build.user.name;
+in {
services.printing = {
enable = true;
drivers = [
pkgs.samsungUnifiedLinuxDriver
- pkgs.cups-dymo
+ pkgs.cups-dymo # dymo labelwriter
+ pkgs.foo2zjs # magicolor 1690mf
];
};
# scanners are printers just in reverse anyway
- hardware.sane.enable = true;
- hardware.sane.extraBackends = [ pkgs.samsungUnifiedLinuxDriver ];
+ services.saned.enable = true;
+ users.users."${mainUser}".extraGroups = [ "scanner" ];
+
+ hardware.sane = {
+ enable = true;
+ extraBackends = [ pkgs.samsungUnifiedLinuxDriver ];
+
+ # $ scanimage -p --format=jpg --mode=Gray --source="Automatic Document Feeder" -v --batch="lol%d.jpg" --resolution=150
+
+ # requires 'sane-extra', scan via:
+ extraConfig."magicolor" = ''
+ net 10.42.20.30 0x2098
+ ''; # 10.42.20.30: uhrenkind.shack magicolor 1690mf
+ };
}
From a00db299ace1d0950d7d8030a9684fec3b3b2c43 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 2 Aug 2017 22:17:41 +0200
Subject: [PATCH 38/39] ma x: enable stk1160
---
makefu/1systems/x/config.nix | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 969e78bee..368655575 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -54,7 +54,7 @@ with import <stockholm/lib>;
<stockholm/makefu/2configs/hw/rtl8812au.nix>
<stockholm/makefu/2configs/hw/exfat-nofuse.nix>
<stockholm/makefu/2configs/hw/wwan.nix>
- # <stockholm/makefu/2configs/hw/stk1160.nix>
+ <stockholm/makefu/2configs/hw/stk1160.nix>
# <stockholm/makefu/2configs/rad1o.nix>
# Filesystem
@@ -62,6 +62,9 @@ with import <stockholm/lib>;
# Security
<stockholm/makefu/2configs/sshd-totp.nix>
+ {
+ programs.adb.enable = true;
+ }
];
From 1310375624b7fbcb6c165a032edc9d3ef336d57b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 2 Aug 2017 22:38:26 +0200
Subject: [PATCH 39/39] ma stk1160: revert to hacky override
---
makefu/2configs/hw/stk1160.nix | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
index e73741e26..b3a9e1a5a 100644
--- a/makefu/2configs/hw/stk1160.nix
+++ b/makefu/2configs/hw/stk1160.nix
@@ -1,8 +1,9 @@
{ pkgs, ... }:
{
# TODO: un-pin linuxPackages somehow
+ boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages;
nixpkgs.config.packageOverrides = pkgs: {
- linux_latest = pkgs.linux_latest.override {
+ linux_4_9 = pkgs.linux_4_9.override {
extraConfig = ''
MEDIA_ANALOG_TV_SUPPORT y
VIDEO_STK1160_COMMON m