diff options
| author | makefu <github@syntax-fehler.de> | 2020-04-21 21:52:12 +0200 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2020-04-21 21:52:12 +0200 |
| commit | aaacb5f31c9e87b09f36cfbffcdd8231fb8a4fe8 (patch) | |
| tree | 6a358fa5135fd214cc4aa4f43527d60820d4317b | |
| parent | 0b371833e9ef68fd891fac65a657d8e38b5b3fad (diff) | |
| parent | 077b2783d19ab0377c1fa8ef6fbfdf5ef7481a7f (diff) | |
Merge remote-tracking branch 'lass/20.03' into 20.03
83 files changed, 1296 insertions, 2065 deletions
diff --git a/.gitmodules b/.gitmodules index aee01051a..aa4d06621 100644 --- a/.gitmodules +++ b/.gitmodules @@ -7,6 +7,9 @@ [submodule "lass/5pkgs/autowifi"] path = lass/5pkgs/autowifi url = https://github.com/Lassulus/autowifi +[submodule "jeschli/2configs/elisp"] + path = jeschli/2configs/elisp + url = https://github.com/Jeschli/misc-elisp-scripts.git [submodule "submodules/brockman"] path = submodules/brockman url = https://github.com/kmein/brockman.git diff --git a/jeschli/1systems/reagenzglas/config.nix b/jeschli/1systems/reagenzglas/config.nix index 7596f17d6..b3b335585 100644 --- a/jeschli/1systems/reagenzglas/config.nix +++ b/jeschli/1systems/reagenzglas/config.nix @@ -7,6 +7,8 @@ <stockholm/jeschli/2configs/emacs.nix> <stockholm/jeschli/2configs/firefox.nix> <stockholm/jeschli/2configs/rust.nix> + <stockholm/jeschli/2configs/haskell.nix> + <stockholm/jeschli/2configs/steam.nix> <stockholm/jeschli/2configs/python.nix> ./desktop.nix ./i3-configuration.nix @@ -36,10 +38,19 @@ # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ - wget vim git - rofi ag alacritty + google-chrome + chromium + copyq + direnv + go + git + gitAndTools.hub + sbcl + rofi + vim + wget ]; users.users.ombi = { @@ -48,19 +59,28 @@ }; users.users.jeschli = { - isNormalUser = true; + isNormalUser = true; + extraGroups = [ "audio" ]; }; # services.xserver.synaptics.enable = true; services.xserver.libinput.enable = true; services.xserver.libinput.disableWhileTyping = true; + hardware.pulseaudio.enable = true; + #Enable ssh daemon services.openssh.enable = true; + #Enable clight + services.clight.enable = true; + services.geoclue2.enable = true; + location.provider = "geoclue2"; + users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM1xtX/SF2IzfAIzrXvH4HsW05eTBX8U8MYlEPadq0DS/nHC45hW2PSEUOVsH0UhBRAB+yClVLyN+JAYsuOoQacQqAVq9R7HAoFITdYTMJCxVs4urSRv0pWwTopRIh1rlI+Q0QfdMoeVtO2ZKG3KoRM+APDy2dsX8LTtWjXmh/ZCtpGl1O8TZtz2ZyXyv9OVDPnQiFwPU3Jqs2Z036c+kwxWlxYc55FRuqwRtQ48c/ilPMu+ZvQ22j1Ch8lNuliyAg1b8pZdOkMJF3R8b46IQ8FEqkr3L1YQygYw2M50B629FPgHgeGPMz3mVd+5lzP+okbhPJjMrUqZAUwbMGwGzZ ombi@nixos" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFXgtbgeivxlMKkoEJ4ANhtR+LRMSPrsmL4U5grFUME jeschli@nixos" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG7C3bgoL9VeVl8pgu8sp3PCOs6TXk4R9y7JKJAHGsfm root@baeckerei" ]; # This value determines the NixOS release with which your system is to be diff --git a/jeschli/1systems/reagenzglas/desktop.nix b/jeschli/1systems/reagenzglas/desktop.nix index 0c4298109..88eae086f 100644 --- a/jeschli/1systems/reagenzglas/desktop.nix +++ b/jeschli/1systems/reagenzglas/desktop.nix @@ -7,8 +7,8 @@ enable = true; xkbOptions = "caps:super"; exportConfiguration = true; - - displayManager.slim.enable = true; + + displayManager.lightdm.enable = true; }; # Configure fonts diff --git a/jeschli/1systems/reagenzglas/i3-configuration.nix b/jeschli/1systems/reagenzglas/i3-configuration.nix index c9968c17a..88f63426d 100644 --- a/jeschli/1systems/reagenzglas/i3-configuration.nix +++ b/jeschli/1systems/reagenzglas/i3-configuration.nix @@ -5,88 +5,93 @@ with pkgs; let i3_config_file = pkgs.writeText "config" '' set $mod Mod4 - + font pango:monospace 8 - + #font pango:DejaVu Sans Mono 8 - + # Before i3 v4.8, we used to recommend this one as the default: # font -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1 # The font above is very space-efficient, that is, it looks good, sharp and # clear in small sizes. However, its unicode glyph coverage is limited, the old # X core fonts rendering does not support right-to-left and this being a bitmap # font, it doesn’t scale on retina/hidpi displays. - + # Use Mouse+$mod to drag floating windows to their wanted position floating_modifier $mod - + # start a terminal - bindsym $mod+Return exec i3-sensible-terminal - + bindsym $mod+Return exec alacritty + # kill focused window bindsym $mod+Shift+q kill - + # start dmenu (a program launcher) # bindsym $mod+d exec dmenu_run # start dmenu (a program launcher) bindsym $mod+d exec ${pkgs.rofi}/bin/rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run - + + bindsym $mod+x exec ${pkgs.rofi}/bin/rofi -modi window -show window -auto-select + + bindsym $mod+F1 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput disable + bindsym $mod+F2 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput enable + # There also is the (new) i3-dmenu-desktop which only displays applications # shipping a .desktop file. It is a wrapper around dmenu, so you need that # installed. # bindsym $mod+d exec --no-startup-id i3-dmenu-desktop - + # change focus bindsym $mod+j focus left bindsym $mod+k focus down bindsym $mod+l focus up bindsym $mod+semicolon focus right - + # alternatively, you can use the cursor keys: bindsym $mod+Left focus left bindsym $mod+Down focus down bindsym $mod+Up focus up bindsym $mod+Right focus right - + # move focused window bindsym $mod+Shift+j move left bindsym $mod+Shift+k move down bindsym $mod+Shift+l move up bindsym $mod+Shift+colon move right - + # alternatively, you can use the cursor keys: bindsym $mod+Shift+Left move left bindsym $mod+Shift+Down move down bindsym $mod+Shift+Up move up bindsym $mod+Shift+Right move right - + # split in horizontal orientation bindsym $mod+h split h - + # split in vertical orientation bindsym $mod+v split v - + # enter fullscreen mode for the focused container bindsym $mod+f fullscreen toggle - + # change container layout (stacked, tabbed, toggle split) bindsym $mod+s layout stacking bindsym $mod+w layout tabbed bindsym $mod+e layout toggle split - + # toggle tiling / floating bindsym $mod+Shift+space floating toggle - + # change focus between tiling / floating windows bindsym $mod+space focus mode_toggle - + # focus the parent container bindsym $mod+a focus parent - + # focus the child container #bindsym $mod+d focus child - + # Define names for default workspaces for which we configure key bindings later on. # We use variables to avoid repeating the names in multiple places. set $ws1 "1" @@ -99,7 +104,7 @@ let set $ws8 "8" set $ws9 "9" set $ws10 "10" - + # switch to workspace bindsym $mod+1 workspace $ws1 bindsym $mod+2 workspace $ws2 @@ -111,7 +116,7 @@ let bindsym $mod+8 workspace $ws8 bindsym $mod+9 workspace $ws9 bindsym $mod+0 workspace $ws10 - + # move focused container to workspace bindsym $mod+Shift+1 move container to workspace $ws1 bindsym $mod+Shift+2 move container to workspace $ws2 @@ -123,18 +128,18 @@ let bindsym $mod+Shift+8 move container to workspace $ws8 bindsym $mod+Shift+9 move container to workspace $ws9 bindsym $mod+Shift+0 move container to workspace $ws10 - + # reload the configuration file bindsym $mod+Shift+c reload # restart i3 inplace (preserves your layout/session, can be used to upgrade i3) bindsym $mod+Shift+r restart # exit i3 (logs you out of your X session) bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'" - + # resize window (you can also use the mouse for that) mode "resize" { # These bindings trigger as soon as you enter the resize mode - + # Pressing left will shrink the window’s width. # Pressing right will grow the window’s width. # Pressing up will shrink the window’s height. @@ -143,27 +148,27 @@ let bindsym k resize grow height 10 px or 10 ppt bindsym l resize shrink height 10 px or 10 ppt bindsym semicolon resize grow width 10 px or 10 ppt - + # same bindings, but for the arrow keys bindsym Left resize shrink width 10 px or 10 ppt bindsym Down resize grow height 10 px or 10 ppt bindsym Up resize shrink height 10 px or 10 ppt bindsym Right resize grow width 10 px or 10 ppt - + # back to normal: Enter or Escape or $mod+r bindsym Return mode "default" bindsym Escape mode "default" bindsym $mod+r mode "default" } - + bindsym $mod+r mode "resize" - + # Start i3bar to display a workspace bar (plus the system information i3status # finds out, if available) bar { status_command i3status } - ''; + ''; in { diff --git a/jeschli/2configs/elisp b/jeschli/2configs/elisp new file mode 160000 +Subproject ae1a03ddee80d73ac166af75cdb1d93d24fa44b diff --git a/jeschli/2configs/emacs-org-agenda.nix b/jeschli/2configs/emacs-org-agenda.nix index f9139fcfe..0420dc43d 100644 --- a/jeschli/2configs/emacs-org-agenda.nix +++ b/jeschli/2configs/emacs-org-agenda.nix @@ -114,29 +114,29 @@ let ("NEXT" ("WAITING") ("CANCELLED") ("HOLD")) ("DONE" ("WAITING") ("CANCELLED") ("HOLD"))))) -(setq org-directory "~/projects/notes_private") -(setq org-default-notes-file "~/projects/notes_private/refile.org") +(setq org-directory "~/projects/notes_privat") +(setq org-default-notes-file "~/projects/notes_privat/refile.org") ;; I use C-c c to start capture mode (global-set-key (kbd "C-c c") 'org-capture) ;; Capture templates for: TODO tasks, Notes, appointments, phone calls, meetings, and org-protocol (setq org-capture-templates - (quote (("t" "todo" entry (file "~/git/org/refile.org") + (quote (("t" "todo" entry (file org-default-notes-file) "* TODO %?\n%U\n%a\n" :clock-in t :clock-resume t) - ("r" "respond" entry (file "~/git/org/refile.org") + ("r" "respond" entry (file org-default-notes-file) "* NEXT Respond to %:from on %:subject\nSCHEDULED: %t\n%U\n%a\n" :clock-in t :clock-resume t :immediate-finish t) - ("n" "note" entry (file "~/git/org/refile.org") + ("n" "note" entry (file org-default-notes-file) "* %? :NOTE:\n%U\n%a\n" :clock-in t :clock-resume t) ("j" "Journal" entry (file+datetree "~/git/org/diary.org") "* %?\n%U\n" :clock-in t :clock-resume t) - ("w" "org-protocol" entry (file "~/git/org/refile.org") + ("w" "org-protocol" entry (file org-default-notes-file) "* TODO Review %c\n%U\n" :immediate-finish t) - ("m" "Meeting" entry (file "~/git/org/refile.org") + ("m" "Meeting" entry (file org-default-notes-file) "* MEETING with %? :MEETING:\n%U" :clock-in t :clock-resume t) - ("p" "Phone call" entry (file "~/git/org/refile.org") + ("p" "Phone call" entry (file org-default-notes-file) "* PHONE %? :PHONE:\n%U" :clock-in t :clock-resume t) - ("h" "Habit" entry (file "~/git/org/refile.org") + ("h" "Habit" entry (file org-default-notes-file) "* NEXT %?\n%U\n%a\nSCHEDULED: %(format-time-string \"%<<%Y-%m-%d %a .+1d/3d>>\")\n:PROPERTIES:\n:STYLE: habit\n:REPEAT_TO_STATE: NEXT\n:END:\n")))) ;; Remove empty LOGBOOK drawers on clock out @@ -144,7 +144,7 @@ let (interactive) (save-excursion (beginning-of-line 0) - (org-remove-empty-drawer-at "LOGBOOK" (point)))) + (org-remove-empty-drawer-at (point)))) (add-hook 'org-clock-out-hook 'bh/remove-empty-drawer-on-clock-out 'append) diff --git a/jeschli/2configs/emacs.nix b/jeschli/2configs/emacs.nix index f866bbca9..5c35bc280 100644 --- a/jeschli/2configs/emacs.nix +++ b/jeschli/2configs/emacs.nix @@ -4,240 +4,81 @@ let pkgsWithOverlay = import <nixpkgs-unstable> { overlays = [ (import (builtins.fetchTarball { - url = https://github.com/nix-community/emacs-overlay/archive/master.tar.gz; + url = https://github.com/nix-community/emacs-overlay/archive/403c14c23be188b58c0b1bc197b428041d8a0cea.tar.gz; })) ]; }; - orgAgendaView = import ./emacs-org-agenda.nix; + # The emacs packages that I use + # I differ between + # - stable (Packages that I use for some time - happy with it) + # - unstable (Packages that I use for some time - but may drop) + # - testing (Packages that I try out - the new stuff) + emacsPkgs = epkgs: + (with epkgs.melpaPackages ; - packageRepos = '' - (require 'package) ;; You might already have this line - (let* ((no-ssl (and (memq system-type '(windows-nt ms-dos)) - (not (gnutls-available-p)))) - (url (concat (if no-ssl "http" "https") "://melpa.org/packages/"))) - (add-to-list 'package-archives (cons "melpa" url) t) - (add-to-list 'package-archives - '("org" . "http://orgmode.org/elpa/") t) - ) - (when (< emacs-major-version 24) - ;; For important compatibility libraries like cl-lib - (add-to-list 'package-archives '("gnu" . "http://elpa.gnu.org/packages/"))) - (package-initialize) - ''; + ## windows-purpose (testing) + [ window-purpose ] ++ - evilMode = '' - ;; Evil Mode - (require 'evil) - (evil-mode 1) - ;; (require 'evil-org) - ;; (add-hook 'org-mode-hook 'evil-org-mode) - ;; (evil-org-set-key-theme '(navigation insert textobjects additional calendar)) - ;; (require 'evil-org-agenda) - ;; (evil-org-agenda-set-keys) - ''; + ## helm (stable) + # emacs completion engine + [ helm helm-ag ] ++ - goMode = '' - (setq godoc-and-godef-command "go doc") ;godoc has no cli support any more, thats go doc now - (add-to-list 'exec-path "~/go/bin") - (add-hook 'go-mode-hook - (lambda () - (setq-default) - (setq tab-width 2) - (setq standard-indent 2) - (setq indent-tabs-mode nil))) - ''; + ## deft (testing) + # text search for a directory + [ deft ] ++ - ido = '' - (require 'ido) - (ido-mode t) - ''; + ## lsp mode (unstable) + # Language Server Protocol mode + # Used for rust + [ company-lsp dap-mode helm-lsp lsp-mode lsp-treemacs lsp-ui ] ++ - helm = '' - (helm-mode 1) - (global-set-key (kbd "M-x") #'helm-M-x) - (global-set-key (kbd "C-x r b") #'helm-filtered-bookmarks) - (global-set-key (kbd "C-x C-f") #'helm-find-files) - ''; + ## emacs convenience (stable) + # Mixed and general purpose + [ ag company direnv evil google-this spacemacs-theme ] ++ - magit = '' - (global-set-key (kbd "C-x g") 'magit-status) ; "Most Magit commands are commonly invoked from the status buffer" - ''; - - windowCosmetics = '' - (menu-bar-mode -1) - (tool-bar-mode -1) ; Disable the button bar atop screen - (scroll-bar-mode -1) ; Disable scroll bar - (toggle-scroll-bar -1) - (setq inhibit-startup-screen t) ; Disable startup screen with graphics - (setq-default indent-tabs-mode nil) ; Use spaces instead of tabs - (setq default-tab-width 2) ; Two spaces is a tab - (setq tab-width 2) ; Four spaces is a tab - (setq visible-bell nil) ; Disable annoying visual bell graphic - (setq ring-bell-function 'ignore) ; Disable super annoying audio bell - ''; + ## common lisp (testing) + [ slime ] ++ - orgMode = '' - (add-to-list 'auto-mode-alist '("\\.\\(org\\|org_archive\\|txt\\)$" . org-mode)) - (global-set-key "\C-cl" 'org-store-link) - (global-set-key "\C-ca" 'org-agenda) - (global-set-key "\C-cb" 'org-iswitchb) - (global-set-key "\C-c L" 'org-insert-link-global) - (global-set-key "\C-c o" 'org-open-at-point-global) - (setq org-link-frame-setup '((file . find-file))) ; open link in same frame. - (if (boundp 'org-user-agenda-files) - (setq org-agenda-files org-user-agenda-files) - (setq org-agenda-files (quote ("~/projects/notes_privat"))) - ) - ''; + ## magit (stable) + [ magit ] ++ - theme = '' - (load-theme 'monokai-alt t) - (load-theme 'whiteboard t) - (disable-theme 'monokai-alt) - (disable-theme 'whiteboard) - - (defun mh/load-whiteboard-theme () - "load whiteboard theme" - (interactive) - (message "whiteboard loaded") - (disable-theme 'monokai-alt) - (enable-theme 'whiteboard) - ) - - (defun mh/load-monokai-theme () - "load monokai theme" - (interactive) - (message "monokai loaded") - (disable-theme 'whiteboard) - (enable-theme 'monokai-alt) - ) - - (global-set-key "\C-ctw" 'mh/load-whiteboard-theme) - (global-set-key "\C-ctm" 'mh/load-monokai-theme) - ''; - - # Configuration for rust development - # inspired by - # https://github.com/bbatsov/prelude/blob/master/modules/prelude-rust.el - # - # This requires rls and racer to be installed on the system - rustDevelopment = '' - (add-hook 'rust-mode-hook #'racer-mode) - (add-hook 'rust-mode-hook (lambda() - (local-set-key (kbd "C-c C-d") 'racer-describe) - (local-set-key (kbd "C-c .") 'racer-find-definition) - (local-set-key (kbd "C-c ,") 'pop-tag-mark)) - ) - (add-hook 'racer-mode-hook #'eldoc-mode) - (add-hook 'racer-mode-hook #'company-mode) - (require 'rust-mode) - (define-key rust-mode-map (kbd "TAB") #'company-indent-or-complete-common) - (setq company-tooltip-align-annotations t) - ''; - - recentFiles = '' - (recentf-mode 1) - (setq recentf-max-menu-items 25) - (global-set-key "\C-x\ \C-r" 'recentf-open-files) - ''; + ## bunch of programming languages (unstable) + [ go-mode haskell-mode nix-mode ] ++ - myFunctionKeys = '' - (fset 'kill-actual-buffer - [?\C-x ?k return]) + ## rust (unstable) + [ racer rust-mode ] ++ - (defun mh/open-term-and-rename (name) - "open a new bash and rename it" - (interactive "sName of new terminal: ") - (term "/run/current-system/sw/bin/bash") - (rename-buffer name) - ) - (global-set-key (kbd "M-<f8>") 'kill-actual-buffer) - - (global-set-key (kbd "<f5>") 'mh/open-term-and-rename) - (global-set-key (kbd "<f6>") 'other-window) - (global-set-key (kbd "<f7>") 'split-window-right) - (global-set-key (kbd "<f8>") 'delete-other-windows) - ''; - - lspMode = '' - (require 'lsp-mode) - (add-hook 'rust-mode-hook #'lsp) - ''; - - dotEmacs = pkgs.writeText "dot-emacs" '' - ${packageRepos} - - ${evilMode} - ${goMode} - ${helm} - ${magit} - ${orgMode} - ${rustDevelopment} - ${theme} - ${windowCosmetics} - - ${orgAgendaView} - ${myFunctionKeys} - ${lspMode} - ''; - - #emacsWithCustomPackages - emacsPkgs= epkgs: [ - # testing lsp mode - epkgs.melpaPackages.lsp-ui - epkgs.melpaPackages.company-lsp - epkgs.melpaPackages.lsp-treemacs - epkgs.melpaPackages.helm-lsp - epkgs.melpaPackages.dap-mode - epkgs.melpaPackages.lsp-mode + ## python (stable) + # Python IDE for emacs + [ elpy ]) ++ + ## org-mode + # Org-Mode has several extensions + # and can be seen as an application of its own. + (with epkgs.melpaPackages ; # testing - epkgs.melpaPackages.web-mode - epkgs.melpaPackages.js2-mode - epkgs.melpaPackages.xref-js2 - - epkgs.melpaPackages.academic-phrases - - epkgs.melpaPackages.gitlab - epkgs.melpaPackages.helm - epkgs.melpaPackages.weechat - -# emacs convenience - epkgs.melpaPackages.ag - epkgs.melpaPackages.company - epkgs.melpaPackages.direnv - epkgs.melpaPackages.evil - epkgs.melpaPackages.google-this - epkgs.melpaPackages.monokai-alt-theme - epkgs.melpaPackages.zenburn-theme + [ org-super-agenda org-bullets org-ql ] ++ + # unstable + [ smex org-mime orgit ] + ) ++ -# development - epkgs.melpaPackages.magit - epkgs.melpaPackages.nix-mode - epkgs.melpaPackages.go-mode - epkgs.melpaPackages.haskell-mode -# rust - epkgs.melpaPackages.rust-mode -# epkgs.melpaPackages.flycheck-rust - epkgs.melpaPackages.racer + # stable + (with epkgs.orgPackages ; + [ org-plus-contrib ]) ++ -# python - epkgs.melpaPackages.elpy + # stable + (with epkgs.elpaPackages ; + [ bbdb which-key ]); -# org-mode - epkgs.elpaPackages.bbdb - epkgs.orgPackages.org-plus-contrib - epkgs.melpaPackages.smex - epkgs.melpaPackages.org-mime - epkgs.melpaPackages.orgit - - - epkgs.elpaPackages.which-key - ]; +# ## EXWM related (unstable) +# epkgs.exwm +# epkgs.melpaPackages.desktop-environment +# epkgs.melpaPackages.helm-exwm +# ]; emacsWithOverlay = pkgsWithOverlay.emacsWithPackagesFromUsePackage { - config = builtins.readFile dotEmacs; # builtins.readFile ./emacs.el; + config = builtins.readFile ./elisp/init.el; # Package is optional, defaults to pkgs.emacs package = pkgsWithOverlay.emacsGit; # Optionally provide extra packages not in the configuration file @@ -245,18 +86,34 @@ let }; myEmacs = pkgs.writeDashBin "my-emacs" '' - exec ${emacsWithOverlay}/bin/emacs -q -l ${dotEmacs} "$@" + exec ${emacsWithOverlay}/bin/emacs -q "$@" ''; myEmacsWithDaemon = pkgs.writeDashBin "my-emacs-daemon" '' - exec ${emacsWithOverlay}/bin/emacs -q -l ${dotEmacs} --daemon + exec ${emacsWithOverlay}/bin/emacs -q --daemon -l ${./elisp/init.el} ''; myEmacsClient = pkgs.writeDashBin "meclient" '' - exec ${emacsWithOverlay}/bin/emacsclient --create-frame + exec ${emacsWithOverlay}/bin/emacsclient --create-frame "$@" ''; in { environment.systemPackages = [ - myEmacs myEmacsWithDaemon myEmacsClient + myEmacs myEmacsWithDaemon myEmacsClient emacsWithOverlay ]; + +## EXWM Config +# services.xserver = { +# enable = true; +# xkbOptions = "caps:super"; +# exportConfiguration = true; +# +# displayManager.slim.enable = true; +# windowManager.default = "exwm"; +# +# # Set up the login session +# windowManager.session = [{ +# name = "exwm"; +# start = "${emacsWithOverlay}/bin/emacs -q -l " + builtins.toString ./elisp/init.el; +# }]; +# }; } diff --git a/jeschli/2configs/haskell.nix b/jeschli/2configs/haskell.nix new file mode 100644 index 000000000..2e00d0673 --- /dev/null +++ b/jeschli/2configs/haskell.nix @@ -0,0 +1,19 @@ +{ config, pkgs, ... }: +let + all-hies = import (fetchTarball "https://github.com/infinisil/all-hies/tarball/master") {}; +in +{ + environment.systemPackages = with pkgs; [ + cabal2nix + gcc + ghc + haskellPackages.cabal-install + haskellPackages.ghcid + haskellPackages.hindent + haskellPackages.hlint + haskellPackages.hoogle + haskellPackages.stack + haskellPackages.stylish-haskell + (all-hies.selection { selector = p: {inherit (p) ghc864; }; }) + ]; +} diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index ca6e0922a..43dd96919 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -26,14 +26,12 @@ "http://cgit.hotdog.r/krops" "http://cgit.ni.r/krops" "http://cgit.prism.r/krops" - "https://git.ingolf-wagner.de/krebs/krops.git" "https://github.com/krebs/krops.git" ]; nix_writers.urls = [ "http://cgit.hotdog.r/nix-writers" "http://cgit.ni.r/nix-writers" "http://cgit.prism.r/nix-writers" - "https://git.ingolf-wagner.de/krebs/nix-writers.git" ]; stockholm.urls = [ "http://cgit.enklave.r/stockholm" diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index 7695667fd..50db0b971 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -52,7 +52,7 @@ let "${url}", workdir='${name}-${elemAt(splitString "." url) 1}', branches=True, project='${name}', - pollinterval=10 + pollinterval=100 ) ) '') repo.urls) diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 6f06f4510..f3180722d 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -50,7 +50,6 @@ let ./secret.nix ./setuid.nix ./shadow.nix - ./syncthing.nix ./tinc.nix ./tinc_graphs.nix ./urlwatch.nix @@ -103,7 +102,6 @@ let { krebs = import ./krebs { inherit config; }; } { krebs = import ./lass { inherit config; }; } { krebs = import ./makefu { inherit config; }; } - { krebs = import ./nin { inherit config; }; } { krebs = import ./external/palo.nix { inherit config; }; } { krebs = import ./external/mic92.nix { inherit config; }; } { krebs = import ./tv { inherit config; }; } diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 1d73fade2..b437456ec 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -373,6 +373,30 @@ in { syncthing.id = "22NLFY5-QMRM3BH-76QIBYI-OPMKVGM-DU4FNZI-3KN2POF-V4WIC6M-2SFFUAC"; nets = {}; }; + catalonia = { + owner = config.krebs.users.xkey; + nets = { + retiolum = { + ip4.addr = "10.243.13.12"; + aliases = [ "catalonia.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAug+nej8/spuRHdzcfBYAuzUVoiq4YufmJqXSshvgf4aqjeVEt91Y + gT6iBN8IKnMjYk3bAS7MxmgiyVE17MQlaQi0RSYY47M8I9TvCYtWX/FcXuP9e6CA + VcalDUNpy2qNB+yEE8gMa8vDA3smKk/iK47jTtpWoPtvejLK/SCi8RdlYjKlOErE + Yl9mCniGD1WEYgdrjf6Nl7av6uuGYNibivIMkB2JyGwGGmzvP+oBFi2Cwarw8K2e + FK2VGrAfkgiP5rTPACHseoeCsJtRLozgzYzmS5M9XhP5ZoPkbtR/pL5btCwoCTlZ + HotmLVg4DezbPjNOBB9gtJF4UuzQjSPNY6K1VvvLOhDwXdyln82LuNcm9l+cy9y3 + mGeSvqOouBugDqie6OpkF0KrRwlGQVwzwtnDohGd/5f7TbiPf1QjC+JP/m4mxZl3 + zE0BCOct9b4hUc/CFto71CPlytSbTsMhfJAn8JxttGvsWIAj+dQ0iuLXfLDflWt6 + sImmnOo28YInvFx6pKoxTwcV1AVrPWn5TSePhZM50dmzs0exltOISFECDhpPabU3 + ZymRCze8fH9Z3SHxfxTlTZV7IaW2kpyyBe1KsWpM46gLPk5icX+Xc6mdGwbdGBpf + vDZ+BoHCjq9FfQrAu1+E83yCYyu+3fWrLSgYyrqjg0gPcCcnb1g6hqECAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; }; users = { ciko = { @@ -421,6 +445,7 @@ in { mail = "xq@shackspace.de"; pubkey = ssh-for "xq"; }; + xkey = {}; miaoski = { }; filly = { diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index a748b1454..23ab4f684 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -144,24 +144,24 @@ in { }; }; }; - idontcare = { + herbert = { owner = config.krebs.users.Mic92; nets = rec { retiolum = { addrs = [ - config.krebs.hosts.idontcare.nets.retiolum.ip4.addr - config.krebs.hosts.idontcare.nets.retiolum.ip6.addr + config.krebs.hosts.herbert.nets.retiolum.ip4.addr + config.krebs.hosts.herbert.nets.retiolum.ip6.addr ]; ip4.addr = "10.243.29.177"; - aliases = [ "idontcare.r" ]; + aliases = [ "herbert.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O - qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A - OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An - lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb - O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw - jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB + MIIBCgKCAQEA7ZINr8YxVwHtcOR+ySpc9UjnJWsFXlOyu3CnrJ8IrY+mPA25UmNZ + stXd8QbJuxpad9HyPs294uW8UmXttEZzIwAlikVHasM5IQHVltudTTFvv7s3YFWd + /lgpHbo8zOA2mafx+Sr02Fy/lHjk6BTf8IOzdJIpUHZL/P+FUl9baBwGLmtbEvPh + fbvtf5QryBjJ9nRnb+wsPVpeFE/LncIMK/bYQsyE01T5QDu/muAaeYPbgm6FqaQH + OJ4oEHsarWBvU1qzgz/IRz0BHHeTrbbP3AG/glTwL02Z1mtTXSjME7cfk7ZRM5Cj + jXAqnqu2m1B08Kii+zYp4BPZDmPLT5gq+QIDAQAB -----END RSA PUBLIC KEY----- ''; }; diff --git a/krebs/3modules/hidden-ssh.nix b/krebs/3modules/hidden-ssh.nix index 2d697e497..f497de451 100644 --- a/krebs/3modules/hidden-ssh.nix +++ b/krebs/3modules/hidden-ssh.nix @@ -19,6 +19,10 @@ let type = types.str; default = "irc.freenode.org"; }; + message = mkOption { + type = types.str; + default = "SSH Hidden Service at "; + }; }; imp = let @@ -50,7 +54,7 @@ let ${pkgs.irc-announce}/bin/irc-announce \ ${cfg.server} 6667 ${config.krebs.build.host.name}-ssh \ \${cfg.channel} \ - "SSH Hidden Service at $(cat ${hiddenServiceDir}/hostname)" + "${cfg.message}$(cat ${hiddenServiceDir}/hostname)" ''; PrivateTmp = "true"; User = "tor"; diff --git a/krebs/3modules/nin/default.nix b/krebs/3modules/nin/default.nix deleted file mode 100644 index 1531a2c89..000000000 --- a/krebs/3modules/nin/default.nix +++ /dev/null @@ -1,111 +0,0 @@ -{ config, ... }: - -with import <stockholm/lib>; - -{ - hosts = mapAttrs (_: recursiveUpdate { - owner = config.krebs.users.nin; - ci = true; - }) { - hiawatha = { - cores = 2; - nets = { - retiolum = { - ip4.addr = "10.243.132.96"; - ip6.addr = "42:0000:0000:0000:0000:0000:0000:2342"; - aliases = [ - "hiawatha.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAucIe5yLzKJ8F982XRpZT6CvyXuPrtnNTmw/E/T6Oyq88m/OVHh6o - Viho1XAlJZZwqNniItD0AQB98uFB3+3yA7FepnwwC+PEceIfBG4bTDNyYD3ZCsAB - iWpmRar9SQ7LFnoZ6X2lYaJkUD9afmvXqJJLR5MClnRQo5OSqXaFdp7ryWinHP7E - UkPSNByu4LbQ9CnBEW8mmCVZSBLb8ezxg3HpJSigmUcJgiDBJ6aj22BsZ5L+j1Sr - lvUuaCr8WOS41AYsD5dbTYk7EG42tU5utrOS6z5yHmhbA5r8Ro2OFi/R3Td68BIJ - yw/m8sfItBCvjJSMEpKHEDfGMBCfQKltCwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFizK5kauDlnjm/IzyzLi+W4hLKqjSWMkfuxzLwg6egx"; - }; - axon= { - cores = 2; - nets = { - retiolum = { - ip4.addr = "10.243.134.66"; - ip6.addr = "42:0000:0000:0000:0000:0000:0000:1379"; - aliases = [ - "axon.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIECgKCBAEA89h5SLDQL/ENM//3SMzNkVnW4dBdg1GOXs/SdRCTcgygJC0TzsAo - glfQhfS+OhFSC/mXAjP8DnN7Ys6zXzMfJgH7TgVRJ8tCo5ETehICA19hMjMFINLj - KZhhthPuX7u2Jr4uDMQ0eLJnKVHF4PmHnkA+JGcOqO7VSkgcqPvqPMnJFcMkGWvH - L3KAz1KGPHZWrAB2NBDrD/bOZj4L39nS4nJIYVOraP7ze1GTTC7s/0CnZj3qwS5j - VdUYgAR+bdxlWm1B1PPOjkslP6UOklQQK4SjK3ceLYb2yM7BVICeznjWCbkbMACY - PUSvdxyiD7nZcLvuM3cJ1M45zUK+tAHHDB5FFUUAZ+YY/Xml4+JOINekpQdGQqkN - X4VsdRGKpjqi+OXNP4ktDcVkl8uALmNR6TFfAEwQJdjgcMxgJGW9PkqvPl3Mqgoh - m89lHPpO0Cpf40o6lZRG42gH1OR7Iy1M234uA08a3eFf+IQutHaOBt/Oi0YeiaQp - OtJHmWtpsQRz24/m+uroSUtKZ63sESli28G1jP73Qv7CiB8KvSX0Z4zKJOV/CyaT - LLguAyeWdNLtVg4bGRd7VExoWA+Rd9YKHCiE5duhETZk0Hb9WZmgPdM7A0RBb+1H - /F9BPKSZFl2e42VEsy8yNmBqO8lL7DVbAjLhtikTpPLcyjNeqN99a8jFX4c5nhIK - MVsSLKsmNGQq+dylXMbErsGu3P/OuCZ4mRkC32Kp4qwJ+JMrJc8+ZbhKl6Fhwu0w - 7DwwoUaRoMqtr2AwR+X67eJsYiOVo5EkqBo6DrWIM6mO2GrWHg5LTBIShn08q/Nm - ofPK2TmLdfqBycUR0kRCCPVi82f9aElmg3pzzPJnLAn9JLL43q6l+sefvtr9sTs3 - 1co6m8k5mO8zTb8BCmX2nFMkCopuHeF1nQ33y6woq0D8WsXHfHtbPwN9eYRVrbBF - 29YBp5E+Q1pQB+0rJ4A5N1I3VUKhDGKc72pbQc8cYoAbDXA+RKYbsFOra5z585dt - 4HQXpwj3a/JGJYRT6FVbJp4p8PjwAtN9VkpXNl4//3lXQdDD6aQ6ssXaKxVAp2Xj - FjPjx6J6ok4mRvofKNAREt4eZUdDub34bff6G0zI7Vls9t4ul0uHsJ6+ic3CG+Yl - buLfOkDp4hVCAlMPQ2NJfWKSggoVao7OTBPTMB3NiM56YOPptfZgu2ttDRTyuQ7p - hrOwutxoy/abH3hA8bWj1+C23vDtQ2gj0r16SWxpPdb3sselquzKp9NIvtyRVfnG - yYZTWRHg9mahMC2P0/wWAQVjKb0LnTib4lSe21uqFkWzp+3/Uu+hiwP5xGez/NIi - ahyL7t0D9r9y+i1RPjYWypgyR568fiGheQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF4ubHA2pQzV4tQq9D1zRTD1xOSR6xZM3z6te+5A1ekc"; - }; - onondaga = { - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.132.55"; - ip6.addr = "42:0000:0000:0000:0000:0000:0000:1357"; - aliases = [ - "onondaga.r" - "cgit.onondaga.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAqj6NPhRVsr8abz9FFx9+ld3amfxN7SRNccbksUOqkufGS0vaupFR - OWsgj4Qmt3lQ82YVt5yjx0FZHkAsenCEKM3kYoIb4nipT0e1MWkQ7plVveMfGkiu - htaJ1aCbI2Adxfmk4YbyAr8k3G+Zl9t7gTikBRh7cf5PMiu2JhGUZHzx9urR0ieH - xyashZFjl4TtIy4q6QTiyST9kfzteh8k7CJ72zfYkdHl9dPlr5Nk22zH9xPkyzmO - kCNeknuDqKeTT9erNtRLk6pjEcyutt0y2/Uq6iZ38z5qq9k4JzcMuQ3YPpNy8bxn - hVuk2qBu6kBTUW3iLchoh0d4cfFLWLx1SQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGmQk7AXsYLzjUrOjsuhZ3+gT7FjhPtjwxv5XnuU8GJO"; - }; - - }; - users = { - nin = { - mail = "nin@axon.r"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl4jHl2dya9Tecot7AcHuk57FiPN0lo8eDa03WmTOCCU7gEJLgpi/zwLxY/K4eXsDgOt8LJwddicgruX2WgIYD3LnwtuN40/U9QqqdBIv/5sYZTcShAK2jyPj0vQJlVUpL7DLxxRH+t4lWeRw/1qaAAVt9jEVbzT5RH233E6+SbXxfnQDhDwOXwD1qfM10BOGh63iYz8/loXG1meb+pkv3HTf5/D7x+/y1XvWRPKuJ2Ml33p2pE3cTd+Tie1O8CREr45I9JOIOKUDQk1klFL5NNXnaQ9h1FRCsnQuoGztoBq8ed6XXL/b8mQ0lqJMxHIoCuDN/HBZYJ0z+1nh8X6XH nin@axon"; - }; - nin_h = { - mail = "nin@hiawatha.r"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDicZLUPEVNX7SgqYWcjPo0UESRizEfIvVVbiwa1aApA8x25u/5R3sevcgbIpLHYKDMl5tebny9inr6G2zqB6oq/pocQjHxrPnuLzqjvqeSpbjQjlNWJ9GaHT5koTXZHdkEXGL0vfv1SRDNWUiK0rNymr3GXab4DyrnRnuNl/G1UtLf4Zka94YUD0SSPdS9y6knnRrUWKjGMFBZEbNSgHqMGATPQP9VDwKHIO2OWGfiBAJ4nj/MWj+BxHDleCMY9zbym8yY7p/0PLaUe9eIyLC8MftJ5suuMmASlj+UGWgnqUxWxsMHax9y7CTAc23r1NNCXN5LC6/facGt0rEQrdrTizBgOA1FSHAPCl5f0DBEgWBrRuygEcAueuGWvI8/uvtvQQZLhosDbXEfs/3vm2xoYBe7wH4NZHm+d2LqgIcPXehH9hVQsl6pczngTCJt0Q/6tIMffjhDHeYf6xbe/n3AqFT0PylUSvOw/H5iHws3R6rxtgnOio7yTJ4sq0NMzXCtBY6LYPGnkwf0oKsgB8KavZVnxzF8B1TD4nNi0a7ma7bd1LMzI/oGE6i8kDMROgisIECOcoe8YYJZXIne/wimhhRKZAsd+VrKUo4SzNIavCruCodGAVh2vfrqRJD+HD/aWH7Vr1fCEexquaxeKpRtKGIPW9LRCcEsTilqpZdAiw== nin@hiawatha"; - }; - }; -} diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix index 837a9bea7..fcc453fa4 100644 --- a/krebs/3modules/reaktor2.nix +++ b/krebs/3modules/reaktor2.nix @@ -45,6 +45,10 @@ with import <stockholm/lib>; default = self.config.port == "6697"; type = types.bool; }; + API.listen = mkOption { + default = null; + type = types.nullOr types.str; + }; }; })); }; @@ -65,9 +69,11 @@ with import <stockholm/lib>; ExecStart = let configFile = pkgs.writeJSON configFileName configValue; configFileName = "${cfg.systemd-service-name}.config.json"; - configValue = recursiveUpdate { - logTime = false; - } (removeAttrs cfg ["_module"]); + configValue = stripAttr ( + recursiveUpdate { + logTime = false; + } (removeAttrs cfg ["_module"]) + ); in "${pkgs.reaktor2}/bin/reaktor ${configFile}"; Restart = "always"; RestartSec = "30"; diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index a83758ccd..cfa8a65ba 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -17,21 +17,6 @@ let default = "/var/realwallpaper/"; }; - nightmap = mkOption { - type = types.str; - default = "http://eoimages.gsfc.nasa.gov/images/imagerecords/55000/55167/earth_lights_lrg.jpg"; - }; - - daymap = mkOption { - type = types.str; - default = "https://www.nnvl.noaa.gov/images/globaldata/SnowIceCover_Daily.png"; - }; - - cloudmap = mkOption { - type = types.str; - default = "http://home.megapass.co.kr/~holywatr/cloud_data/clouds_2048.jpg"; - }; - marker = mkOption { type = types.str; default = "http://graph.r/marker.json"; @@ -60,6 +45,7 @@ let path = with pkgs; [ xplanet imagemagick + inkscape curl file jq @@ -67,9 +53,6 @@ let environment = { working_dir = cfg.workingDir; - nightmap_url = cfg.nightmap; - daymap_url = cfg.daymap; - cloudmap_url = cfg.cloudmap; marker_url = cfg.marker; }; diff --git a/krebs/3modules/syncthing.nix b/krebs/3modules/syncthing.nix deleted file mode 100644 index 799ed7eda..000000000 --- a/krebs/3modules/syncthing.nix +++ /dev/null @@ -1,206 +0,0 @@ -{ config, pkgs, ... }: with import <stockholm/lib>; - -let - - kcfg = config.krebs.syncthing; - scfg = config.services.syncthing; - - devices = mapAttrsToList (name: peer: { - name = name; - deviceID = peer.id; - addresses = peer.addresses; - }) kcfg.peers; - - folders = mapAttrsToList ( _: folder: { - inherit (folder) path id type; - devices = map (peer: { deviceId = kcfg.peers.${peer}.id; }) folder.peers; - rescanIntervalS = folder.rescanInterval; - fsWatcherEnabled = folder.watch; - fsWatcherDelayS = folder.watchDelay; - ignoreDelete = folder.ignoreDelete; - ignorePerms = folder.ignorePerms; - }) kcfg.folders; - - getApiKey = pkgs.writeDash "getAPIKey" '' - ${pkgs.libxml2}/bin/xmllint \ - --xpath 'string(configuration/gui/apikey)'\ - ${scfg.configDir}/config.xml - ''; - - updateConfig = pkgs.writeDash "merge-syncthing-config" '' - set -efu - - # XXX this assumes the GUI address to be "IPv4 address and port" - host=${shell.escape (elemAt (splitString ":" scfg.guiAddress) 0)} - port=${shell.escape (elemAt (splitString ":" scfg.guiAddress) 1)} - - # wait for service to restart - ${pkgs.untilport}/bin/untilport "$host" "$port" - - API_KEY=$(${getApiKey}) - - _curl() { - ${pkgs.curl}/bin/curl \ - -Ss \ - -H "X-API-Key: $API_KEY" \ - "http://$host:$port/rest""$@" - } - - old_config=$(_curl /system/config) - new_config=${shell.escape (toJSON { - inherit devices folders; - })} - new_config=$(${pkgs.jq}/bin/jq -en \ - --argjson old_config "$old_config" \ - --argjson new_config "$new_config" \ - ' - $old_config * $new_config - ${optionalString (!kcfg.overridePeers) '' - * { devices: $old_config.devices } - ''} - ${optionalString (!kcfg.overrideFolders) '' - * { folders: $old_config.folders } - ''} - ' - ) - echo $new_config | _curl /system/config -d @- - _curl /system/restart -X POST - ''; - -in - -{ - options.krebs.syncthing = { - - enable = mkEnableOption "syncthing-init"; - - cert = mkOption { - type = types.nullOr types.absolute-pathname; - default = null; - }; - - key = mkOption { - type = types.nullOr types.absolute-pathname; - default = null; - }; - - overridePeers = mkOption { - type = types.bool; - default = true; - description = '' - Whether to delete the peers which are not configured via the peers option - ''; - }; - peers = mkOption { - default = {}; - type = types.attrsOf (types.submodule ({ - options = { - - # TODO make into addr + port submodule - addresses = mkOption { - type = types.listOf types.str; - default = []; - }; - - #TODO check - id = mkOption { - type = types.str; - }; - - }; - })); - }; - - overrideFolders = mkOption { - type = types.bool; - default = true; - description = '' - Whether to delete the folders which are not configured via the peers option - ''; - }; - folders = mkOption { - default = {}; - type = types.attrsOf (types.submodule ({ config, ... }: { - options = { - - path = mkOption { - type = types.absolute-pathname; - default = config._module.args.name; - }; - - id = mkOption { - type = types.str; - default = config._module.args.name; - }; - - peers = mkOption { - type = types.listOf types.str; - default = []; - }; - - rescanInterval = mkOption { - type = types.int; - default = 3600; - }; - - type = mkOption { - type = types.enum [ "sendreceive" "sendonly" "receiveonly" ]; - default = "sendreceive"; - }; - - watch = mkOption { - type = types.bool; - default = true; - }; - - watchDelay = mkOption { - type = types.int; - default = 10; - }; - - ignoreDelete = mkOption { - type = types.bool; - default = false; - }; - - ignorePerms = mkOption { - type = types.bool; - default = true; - }; - - }; - })); - }; - }; - - config = mkIf kcfg.enable { - - systemd.services.syncthing = mkIf (kcfg.cert != null || kcfg.key != null) { - serviceConfig.PermissionsStartOnly = mkDefault true; - preStart = '' - ${optionalString (kcfg.cert != null) '' - cp ${toString kcfg.cert} ${scfg.configDir}/cert.pem - chown ${scfg.user}:${scfg.group} ${scfg.configDir}/cert.pem - chmod 400 ${scfg.configDir}/cert.pem - ''} - ${optionalString (kcfg.key != null) '' - cp ${toString kcfg.key} ${scfg.configDir}/key.pem - chown ${scfg.user}:${scfg.group} ${scfg.configDir}/key.pem - chmod 400 ${scfg.configDir}/key.pem - ''} - ''; - }; - - systemd.services.syncthing-init = { - after = [ "syncthing.service" ]; - wantedBy = [ "multi-user.target" ]; - - serviceConfig = { - User = scfg.user; - RemainAfterExit = true; - Type = "oneshot"; - ExecStart = updateConfig; - }; - }; - }; -} diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix index f06e79121..ae242efea 100644 --- a/krebs/5pkgs/haskell/reaktor2.nix +++ b/krebs/5pkgs/haskell/reaktor2.nix @@ -1,17 +1,18 @@ { mkDerivation, aeson, async, attoparsec, base, blessings , bytestring, containers, data-default, fetchgit, filepath , hashable, lens, lens-aeson, network, network-simple -, network-simple-tls, pcre-light, process, random, stdenv -, string-conversions, stringsearch, text, time, transformers -, unagi-chan, unix, unordered-containers, vector +, network-simple-tls, network-uri, pcre-light, process, random +, servant-server, stdenv, string-conversions, stringsearch, text +, time, transformers, unagi-chan, unix, unordered-containers +, vector, wai, warp }: mkDerivation { pname = "reaktor2"; - version = "0.2.2"; + version = "0.3.0"; src = fetchgit { url = "https://cgit.krebsco.de/reaktor2"; - sha256 = "1kyr5i5zdzvc7fcyac1i1yvi88kcxafrgp8p79c1b9l4g9sjnv78"; - rev = "9f4e2644188f985d7cd806c13e2c0dee1688b9f0"; + sha256 = "02hqpq8wcfd6rvi8qk10zy3f3lrzzqnjwqal4cbvksjn3vahz36h"; + rev = "a6893c00f78a8acd0a4bfe7da87ab6889eabcf21"; fetchSubmodules = true; }; isLibrary = false; @@ -19,9 +20,9 @@ mkDerivation { executableHaskellDepends = [ aeson async attoparsec base blessings bytestring containers data-default filepath hashable lens lens-aeson network - network-simple network-simple-tls pcre-light process random - string-conversions stringsearch text time transformers unagi-chan - unix unordered-containers vector + network-simple network-simple-tls network-uri pcre-light process + random servant-server string-conversions stringsearch text time + transformers unagi-chan unix unordered-containers vector wai warp ]; license = stdenv.lib.licenses.mit; } diff --git a/krebs/5pkgs/simple/go-shortener/node-packages.nix b/krebs/5pkgs/simple/go-shortener/node-packages.nix index 526cd5a11..613e31ba0 100644 --- a/krebs/5pkgs/simple/go-shortener/node-packages.nix +++ b/krebs/5pkgs/simple/go-shortener/node-packages.nix @@ -1,34 +1,43 @@ -# This file has been generated by node2nix 1.5.3. Do not edit! +# This file has been generated by node2nix 1.7.0. Do not edit! {nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}: let sources = { - "double-ended-queue-2.1.0-0" = { - name = "double-ended-queue"; - packageName = "double-ended-queue"; - version = "2.1.0-0"; + "denque-1.4.1" = { + name = "denque"; + packageName = "denque"; + version = "1.4.1"; src = fetchurl { - url = "https://registry.npmjs.org/double-ended-queue/-/double-ended-queue-2.1.0-0.tgz"; - sha1 = "103d3527fd31528f40188130c841efdd78264e5c"; + url = "https://registry.npmjs.org/denque/-/denque-1.4.1.tgz"; + sha512 = "OfzPuSZKGcgr96rf1oODnfjqBFmr1DVoc/TrItj3Ohe0Ah1C5WX5Baquw/9U9KovnQ88EqmJbD66rKYUQYN1tQ=="; }; }; - "redis-commands-1.3.5" = { + "redis-commands-1.5.0" = { name = "redis-commands"; packageName = "redis-commands"; - version = "1.3.5"; + version = "1.5.0"; src = fetchurl { - url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.3.5.tgz"; - sha512 = "2q8pai3gf0dczb03jjig3mpaz4j2kvw8icpgf8hp4fryr3d6c0mjkvxxdmlyhainybx4zhgqsw9ghc9p986alzdzd2n2p4cxvr8b0by"; + url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.5.0.tgz"; + sha512 = "6KxamqpZ468MeQC3bkWmCB1fp56XL64D4Kf0zJSwDZbVLLm7KFkoIcHrgRvQ+sk8dnhySs7+yBg94yIkAK7aJg=="; }; }; - "redis-parser-2.6.0" = { + "redis-errors-1.2.0" = { + name = "redis-errors"; + packageName = "redis-errors"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/redis-errors/-/redis-errors-1.2.0.tgz"; + sha1 = "eb62d2adb15e4eaf4610c04afe1529384250abad"; + }; + }; + "redis-parser-3.0.0" = { name = "redis-parser"; packageName = "redis-parser"; - version = "2.6.0"; + version = "3.0.0"; src = fetchurl { - url = "https://registry.npmjs.org/redis-parser/-/redis-parser-2.6.0.tgz"; - sha1 = "52ed09dacac108f1a631c07e9b69941e7a19504b"; + url = "https://registry.npmjs.org/redis-parser/-/redis-parser-3.0.0.tgz"; + sha1 = "b66d828cdcafe6b4b8a428a7def4c6bcac31c8b4"; }; }; }; @@ -37,40 +46,43 @@ in formidable = nodeEnv.buildNodePackage { name = "formidable"; packageName = "formidable"; - version = "1.2.1"; + version = "1.2.2"; src = fetchurl { - url = "https://registry.npmjs.org/formidable/-/formidable-1.2.1.tgz"; - sha512 = "1x0n2rfaiasdjbw1mm7s29z84f68c7iji7lb1gkxvpknvv6q7bwns7z55ijcf4vkh4kvis12rbgaaih49jf9lj53s30mllb1d35bkqn"; + url = "https://registry.npmjs.org/formidable/-/formidable-1.2.2.tgz"; + sha512 = "V8gLm+41I/8kguQ4/o1D3RIHRmhYFG4pnNyonvua+40rqcEmT4+V71yaZ3B457xbbgCsCfjSPi65u/W6vK1U5Q=="; }; buildInputs = globalBuildInputs; meta = { description = "A node.js module for parsing form data, especially file uploads."; - homepage = https://github.com/felixge/node-formidable; + homepage = https://github.com/node-formidable/formidable; license = "MIT"; }; production = true; bypassCache = true; + reconstructLock = true; }; redis = nodeEnv.buildNodePackage { name = "redis"; packageName = "redis"; - version = "2.8.0"; + version = "3.0.2"; src = fetchurl { - url = "https://registry.npmjs.org/redis/-/redis-2.8.0.tgz"; - sha512 = "3a3044ax6qdvss83xgjfx10h5q91ls0mwgs3wpsnxcdsiipq3cnmqzsh6glyq0r7vsmpw49jp84c2jnfrhi2bgycrkd9hhhf6ia8lrk"; + url = "https://registry.npmjs.org/redis/-/redis-3.0.2.tgz"; + sha512 = "PNhLCrjU6vKVuMOyFu7oSP296mwBkcE6lrAjruBYG5LgdSqtRBoVQIylrMyVZD/lkF24RSNNatzvYag6HRBHjQ=="; }; dependencies = [ - sources."double-ended-queue-2.1.0-0" - sources."redis-commands-1.3.5" - sources."redis-parser-2.6.0" + sources."denque-1.4.1" + sources."redis-commands-1.5.0" + sources."redis-errors-1.2.0" + sources."redis-parser-3.0.0" ]; buildInputs = globalBuildInputs; meta = { - description = "Redis client library"; - homepage = https://github.com/NodeRedis/node_redis; + description = "A high performance Redis client."; + homepage = https://github.com/NodeRedis/node-redis; license = "MIT"; }; production = true; bypassCache = true; + reconstructLock = true; }; }
\ No newline at end of file diff --git a/krebs/5pkgs/simple/go-shortener/update.sh b/krebs/5pkgs/simple/go-shortener/update.sh index 0c1ecc58c..1a58d0367 100755 --- a/krebs/5pkgs/simple/go-shortener/update.sh +++ b/krebs/5pkgs/simple/go-shortener/update.sh @@ -1,2 +1,4 @@ -node2nix -8 -i pkgs.json -c combine.nix +#!/usr/bin/env nix-shell +#! nix-shell -i bash -p nodePackages_10_x.node2nix +node2nix -10 -i pkgs.json -c combine.nix rm node-env.nix combine.nix diff --git a/krebs/5pkgs/simple/grib2json/default.nix b/krebs/5pkgs/simple/grib2json/default.nix new file mode 100644 index 000000000..2a7959a75 --- /dev/null +++ b/krebs/5pkgs/simple/grib2json/default.nix @@ -0,0 +1,19 @@ +{ stdenv, fetchzip, makeWrapper, jre }: + +stdenv.mkDerivation { + name = "grib2json"; + src = fetchzip { + url = "https://github.com/krebs/grib2json-bin/archive/31efe677b40fe491c988d50f96b59b1b7e2d46f7.zip"; + sha256 = "1h3yxg270bvac7kaqsbsv4f8nln1i03rfz4cm8cp7llhjj3s6a6b"; + }; + installPhase = '' + mkdir -p $out/bin + cp -r lib $out/ + cat > $out/bin/grib2json << EOF + #!/bin/sh + set -x + ${jre}/bin/java -jar $out/lib/grib2json-0.8.0-SNAPSHOT.jar "\$@" + EOF + chmod +x $out/bin/grib2json + ''; +} diff --git a/krebs/5pkgs/simple/irc-announce/default.nix b/krebs/5pkgs/simple/irc-announce/default.nix index a90814aa9..52cf12862 100644 --- a/krebs/5pkgs/simple/irc-announce/default.nix +++ b/krebs/5pkgs/simple/irc-announce/default.nix @@ -25,10 +25,10 @@ pkgs.writeDashBin "irc-announce" '' # This is used to see what we send to the irc server. (debug output) echo2() { echo "$*"; echo "$*" >&2; } cat2() { - while read -r line; do - echo "$line" - echo "$line" >&2 - done + awk '{ + print $0 + print $0 > "/dev/stderr" + }' } # privmsg_cat transforms stdin to a privmsg diff --git a/krebs/5pkgs/simple/nomads-cloud/default.nix b/krebs/5pkgs/simple/nomads-cloud/default.nix new file mode 100644 index 000000000..6e4ace484 --- /dev/null +++ b/krebs/5pkgs/simple/nomads-cloud/default.nix @@ -0,0 +1,43 @@ +{ writers, coreutils, grib2json, curl, jq, findutils, imagemagick }: +writers.writeDashBin "nomads-cloud" '' + prefix=$(mktemp -d) + grib_path=$prefix.grib + json_path=$prefix.json + pgm_path=$prefix.pgm + png_path="$1" + + mkdir -p "$prefix" + + date=$(${coreutils}/bin/date +%Y%m%d) + for hour in 18 12 06 00; do + url="https://nomads.ncep.noaa.gov/cgi-bin/filter_gfs_0p25_1hr.pl?file=gfs.t''${hour}z.pgrb2.0p25.anl&lev_entire_atmosphere_%5C%28considered_as_a_single_layer%5C%29=on&var_CWAT=on&leftlon=-180&rightlon=180&toplat=90&bottomlat=-90&dir=%2Fgfs.$date%2F$hour" + ${curl}/bin/curl -fsS "$url" > "$grib_path" + if [ "$?" -eq 0 ]; then + break + fi + done + ${grib2json}/bin/grib2json --data "$grib_path" > "$json_path" + + width=$(${jq}/bin/jq '.[0].header.nx' < "$json_path") + height=$(${jq}/bin/jq '.[0].header.ny' < "$json_path") + + # The maximum gray value. Must be bigger than 0 and less than 65536. + maxval=1000 + + # pgm - Netpbm grayscale image format + # http://netpbm.sourceforge.net/doc/pgm.html + { + echo P2 + echo "$width $height" + echo "$maxval" + cat "$json_path" | + ${jq}/bin/jq --argjson maxval "$maxval" -c ' + ((.[0].data[]) * $maxval | round) + ' | + ${findutils}/bin/xargs -n "$width" + } > "$pgm_path" + + ${imagemagick}/bin/convert -roll +50% "$pgm_path" "$png_path" + + rm -r "$prefix" +'' diff --git a/krebs/5pkgs/simple/realwallpaper/default.nix b/krebs/5pkgs/simple/realwallpaper/default.nix index ef83d2e59..057983fec 100644 --- a/krebs/5pkgs/simple/realwallpaper/default.nix +++ b/krebs/5pkgs/simple/realwallpaper/default.nix @@ -1,5 +1,5 @@ { pkgs, ... }: -pkgs.writeDashBin "generate-wallpaper" '' +pkgs.writers.writeDashBin "generate-wallpaper" '' set -euf # usage: getimg FILENAME URL @@ -17,24 +17,28 @@ pkgs.writeDashBin "generate-wallpaper" '' fi } - # usage: image_size FILENAME - image_size() { - identify "$1" | awk '{print$3}' + # check if file exists and fetch only if missing + fetch_once() { + name=$1 + url=$2 + test -e "$name" || fetch "$name" "$url" } - # usage: make_mask DST SRC MASK - make_layer() { - if needs_rebuild "$@"; then - echo "make $1 (apply mask)" >&2 - convert "$2" "$3" -alpha off -compose copy_opacity -composite "$1" + fetch_older_min() { + min=$1 + name=$2 + url=$3 + if ! test "$(find $name -mmin -$min)"; then + fetch "$name" "$url" fi } - # usage: flatten DST HILAYER LOLAYER - flatten() { - if needs_rebuild "$@"; then - echo "make $1 (flatten)" >&2 - composite "$2" "$3" "$1" + fetch_older_days() { + days=$1 + name=$2 + url=$3 + if ! test "$(find $name -mtime -$days)"; then + fetch "$name" "$url" fi } @@ -48,9 +52,11 @@ pkgs.writeDashBin "generate-wallpaper" '' else result=1 for b; do - if test "$b" -nt "$a"; then - #echo " $b is newer than $a" >&2 - result=0 + if check_type "$b" image; then + if test "$b" -nt "$a"; then + #echo " $b is newer than $a" >&2 + result=0 + fi fi done fi @@ -60,34 +66,67 @@ pkgs.writeDashBin "generate-wallpaper" '' return $result } + get_neo_url() { + url=$1 + curl -Ss "$url" | grep '3600 x 1800' | sed 's/.*href="\([^"]*\)".*/\1/' + } + main() { cd "$working_dir" # fetch source images in parallel - fetch nightmap-raw.jpg \ - "$nightmap_url" & - fetch daymap-raw.png \ - "$daymap_url" & - fetch clouds-raw.jpg \ - "$cloudmap_url" & - fetch marker.json \ - "$marker_url" & - wait + fetch_once nightmap-raw.jpg \ + 'https://eoimages.gsfc.nasa.gov/images/imagerecords/144000/144898/BlackMarble_2016_3km.jpg' & + fetch_once daymap-raw.tif \ + 'https://eoimages.gsfc.nasa.gov/images/imagerecords/57000/57752/land_shallow_topo_8192.tif' & + + fetch_once mercury-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/2/2e/Mercury_symbol.svg' & + fetch_once venus-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/6/66/Venus_symbol.svg' & + fetch_once mars-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/b/b7/Mars_symbol.svg' & + fetch_once jupiter-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/2/26/Jupiter_symbol.svg' & + fetch_once saturn-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/7/74/Saturn_symbol.svg' & + fetch_once uranus-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/f/f1/Uranus_symbol.svg' & + fetch_once neptune-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/4/47/Neptune_symbol.svg' & + + fetch_once krebs-raw.svg \ + 'https://raw.githubusercontent.com/krebs/painload/master/cholerab/bling/krebs_aquarium.svg' & + + fetch_older_min 720 ice-raw.jpg $(get_neo_url \ + 'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=NISE_D') & + fetch_older_days 3 snow-raw.jpg $(get_neo_url \ + 'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MOD10C1_E_SNOW') & + fetch_older_days 7 chlora-raw.jpg $(get_neo_url \ + 'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MY1DMM_CHLORA') & + fetch_older_days 3 fire-raw.jpg $(get_neo_url \ + 'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MOD14A1_E_FIRE') & - check_type nightmap-raw.jpg image - check_type daymap-raw.png image - check_type clouds-raw.jpg image + # regular fetches + fetch marker.json "$marker_url" & + fetch sun-raw.jpg 'https://sdo.gsfc.nasa.gov/assets/img/latest/latest_512_0171.jpg' & - in_size=2048x1024 - xplanet_out_size=1466x1200 - out_geometry=1366x768+100+160 + wait + + # fetch clouds if they are older than 3h + if ! test "$(find clouds-raw.png -mmin -180)"; then + ${pkgs.nomads-cloud}/bin/nomads-cloud clouds-raw.png + fi - nightsnow_color='#0c1a49' # nightmap + in_size=3600x1800 + xplanet_out_size=3200x2500 + out_geometry=3200x1800+0+350 for raw in \ nightmap-raw.jpg \ - daymap-raw.png \ - clouds-raw.jpg \ + daymap-raw.tif \ + chlora-raw.jpg \ + clouds-raw.png \ ; do normal=''${raw%-raw.*}.png @@ -97,49 +136,79 @@ pkgs.writeDashBin "generate-wallpaper" '' fi done - # create nightmap-fullsnow - if needs_rebuild nightmap-fullsnow.png; then - convert -size $in_size xc:$nightsnow_color nightmap-fullsnow.png + # remove snow from ice map + if needs_rebuild ice.png ice-raw.jpg; then + convert ice-raw.jpg -fuzz 20% -fill black -opaque white -colorspace gray -blur 0x6 -scale "$in_size" ice.png fi - # extract daymap-snowmask from daymap-final - if needs_rebuild daymap-snowmask.png daymap.png; then - convert daymap.png -threshold 95% daymap-snowmask.png + if needs_rebuild snow.png snow-raw.jpg; then + convert snow-raw.jpg -fuzz 20% -fill '#DEDEDE' -opaque white -scale "$in_size" snow.png fi - # extract nightmap-lightmask from nightmap - if needs_rebuild nightmap-lightmask.png nightmap.png; then - convert nightmap.png -threshold 25% nightmap-lightmask.png + # make fire more red + if needs_rebuild fire.png fire-raw.jpg; then + convert fire-raw.jpg -fuzz 20% -fill '#ef840c' -opaque white -scale "$in_size" fire.png fi - # create layers - make_layer nightmap-snowlayer.png nightmap-fullsnow.png daymap-snowmask.png - make_layer nightmap-lightlayer.png nightmap.png nightmap-lightmask.png + # cut out sun with alpha transparency + if needs_rebuild sun.png sun-raw.jpg; then + convert sun-raw.jpg \ + \( +clone -colorspace HSB -fill white -draw "circle 256,256 256,54" -separate -delete 0,1 \) \ + -compose copyopacity -composite -crop 512x472+0+20 -scale "100x100" sun.png + fi - # apply layers - flatten nightmap-lightsnowlayer.png \ - nightmap-lightlayer.png \ - nightmap-snowlayer.png + if needs_rebuild krebs.png krebs-raw.svg; then + inkscape -z -e krebs.png -w 16 -h 16 krebs-raw.svg + fi - flatten nightmap-final.png \ - nightmap-lightsnowlayer.png \ - nightmap.png + # -- Planets -- + for planet in mercury venus mars jupiter saturn uranus neptune; do + if needs_rebuild "$planet".png "$planet"-raw.svg; then + sed -i 's/#000/#FE8019/g' "$planet"-raw.svg + inkscape -z -e "$planet".png -w 40 -h 40 "$planet"-raw.svg + fi + done + + # -- Daymap -- + + # merge with water chlora layer + if needs_rebuild daymap-final.png daymap.png fire.png snow.png ice.png chlora.png; then + convert daymap.png fire.png -compose lighten -composite daymap-1.png + convert daymap-1.png ice.png -compose lighten -composite daymap-2.png + convert daymap-2.png snow.png -compose lighten -composite daymap-3.png + convert daymap-3.png chlora.png -compose lighten -composite daymap-final.png + fi + + # -- Nightmap -- + + if needs_rebuild nightmap-final.png nightmap.png fire.png snow.png ice.png chlora.png; then + convert nightmap.png fire.png -compose lighten -composite nightmap-1.png + convert nightmap-1.png \( -fill black -colorize 70% ice.png \) -compose lighten -composite nightmap-2.png + convert nightmap-2.png \( -fill black -colorize 70% snow.png \) -compose lighten -composite nightmap-3.png + convert nightmap-3.png \( -fill black -colorize 70% chlora.png \) -compose lighten -composite nightmap-final.png + fi # create marker file from json if [ -s marker.json ]; then - jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude)"' marker.json > marker_file + jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude) image=krebs.png"' marker.json > marker_file + echo 'position=sun image=sun.png' >> marker_file + echo 'position=moon image=moon.png' >> marker_file + echo 'position=mercury image=mercury.png' >> marker_file + echo 'position=venus image=venus.png' >> marker_file + echo 'position=mars image=mars.png' >> marker_file + echo 'position=jupiter image=jupiter.png' >> marker_file + echo 'position=saturn image=saturn.png' >> marker_file + echo 'position=uranus image=uranus.png' >> marker_file + echo 'position=neptune image=neptune.png' >> marker_file fi - # make all unmodified files as final - for normal in \ - daymap.png \ - clouds.png \ - ; - do - final=''${normal%.png}-final.png - needs_rebuild $final && - ln $normal $final - done + # generate moon + xplanet -body moon --num_times 1 -origin earth \ + --transpng moon.png --geometry 50x50 \ + -config ${pkgs.writeText "moon.config" '' + [moon] + shade=10 + ''} # rebuild every time to update shadow xplanet --num_times 1 --geometry $xplanet_out_size \ @@ -149,8 +218,9 @@ pkgs.writeDashBin "generate-wallpaper" '' "Earth" map=daymap-final.png night_map=nightmap-final.png - cloud_map=clouds-final.png - cloud_threshold=10 + cloud_map=clouds.png + cloud_threshold=1 + cloud_gamma=10 shade=15 ''} @@ -161,8 +231,9 @@ pkgs.writeDashBin "generate-wallpaper" '' "Earth" map=daymap-final.png night_map=nightmap-final.png - cloud_map=clouds-final.png - cloud_threshold=10 + cloud_map=clouds.png + cloud_threshold=1 + cloud_gamma=10 marker_file=marker_file shade=15 ''} @@ -178,6 +249,8 @@ pkgs.writeDashBin "generate-wallpaper" '' convert xplanet-krebs-output.png -crop $out_geometry \ realwallpaper-krebs-tmp.png mv realwallpaper-krebs-tmp.png realwallpaper-krebs.png + mkdir -p archive + convert realwallpaper-krebs.png archive/"$(date -Is)".jpg fi } diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 1600d6f4a..8f426cc05 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "55beed9922c2f6b030af61ca7e33bd47850c68f2", - "date": "2020-02-26T03:53:16-05:00", - "sha256": "0jxkb3bl7axa6vmfsfdfx4mxv6wx0pc8iiwgrw2qh8wxhlhbylks", + "rev": "b61999e4ad60c351b4da63ae3ff43aae3c0bbdfb", + "date": "2020-04-16T08:43:36-04:00", + "sha256": "0cggpdks4qscyirqwfprgdl91mlhjlw24wkg0riapk5f2g2llbpq", "fetchSubmodules": false } diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index e0b37d1fc..3c4afe8bb 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "b7bbc6d37878ed00b6467b574b02e840279f7d3d", - "date": "2020-02-26T11:51:29+01:00", - "sha256": "02q10jgi6m0vak3amb50ifw1pj82i17hs0npdkig7lsp8w3is7jq", + "rev": "5272327b81ed355bbed5659b8d303cf2979b6953", + "date": "2020-04-20T11:58:47-04:00", + "sha256": "0182ys095dfx02vl2a20j1hz92dx3mfgz2a6fhn31bqlp1wa8hlq", "fetchSubmodules": false } diff --git a/krebs/update-nixpkgs.sh b/krebs/update-nixpkgs.sh index 9b5d7ccd8..bb4b54793 100755 --- a/krebs/update-nixpkgs.sh +++ b/krebs/update-nixpkgs.sh @@ -3,7 +3,7 @@ dir=$(dirname $0) oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \ --url https://github.com/NixOS/nixpkgs-channels \ - --rev refs/heads/nixos-19.09' \ + --rev refs/heads/nixos-20.03' \ > $dir/nixpkgs.json newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev" diff --git a/lass/1systems/hilum/config.nix b/lass/1systems/hilum/config.nix index 7a506591b..3f25991d9 100644 --- a/lass/1systems/hilum/config.nix +++ b/lass/1systems/hilum/config.nix @@ -33,4 +33,6 @@ services.logind.lidSwitch = "ignore"; services.logind.lidSwitchDocked = "ignore"; + + boot.tmpOnTmpfs = true; } diff --git a/lass/1systems/icarus/physical.nix b/lass/1systems/icarus/physical.nix index 861bd8b0b..bd74c29f3 100644 --- a/lass/1systems/icarus/physical.nix +++ b/lass/1systems/icarus/physical.nix @@ -46,6 +46,15 @@ ''; services.thinkfan.enable = true; + services.thinkfan.levels = '' + (0, 0, 55) + (1, 48, 60) + (2, 50, 61) + (3, 52, 63) + (6, 60, 65) + (7, 80, 85) + (127, 90, 32767) + ''; services.logind.lidSwitch = "ignore"; services.logind.lidSwitchDocked = "ignore"; diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 03ff42132..fe0b6d85b 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -49,17 +49,17 @@ with import <stockholm/lib>; ]; } { - krebs.syncthing = { - peers.schasch.addresses = [ "schasch.r:22000" ]; + services.syncthing.declarative = { + devices.schasch.addresses = [ "schasch.r:22000" ]; folders = { the_playlist = { path = "/home/lass/tmp/the_playlist"; - peers = [ "mors" "phone" "prism" "xerxes" ]; + devices = [ "mors" "phone" "prism" "xerxes" ]; }; free_music = { id = "mu9mn-zgvsw"; path = "/home/lass/tmp/free_music"; - peers = [ "mors" "schasch" ]; + devices = [ "mors" "schasch" ]; }; }; }; diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index cde65ea6c..d8bb14d0a 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -263,8 +263,6 @@ with import <stockholm/lib>; } { users.users.download.openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos" - config.krebs.users.palo.pubkey ]; } { @@ -338,30 +336,36 @@ with import <stockholm/lib>; localAddress = "10.233.2.14"; }; - services.nginx.virtualHosts."lassul.us".locations."^~ /flix/".extraConfig = '' - if ($scheme != "https") { - rewrite ^ https://$host$request_uri permanent; - } - auth_basic "Restricted Content"; - auth_basic_user_file ${pkgs.writeText "flix-user-pass" '' - krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0 - ''}; - proxy_pass http://10.233.2.14:80/; - proxy_set_header Accept-Encoding ""; - sub_filter "https://lassul.us/" "https://lassul.us/flix/"; - sub_filter_once off; - ''; - services.nginx.virtualHosts."lassul.us".locations."^~ /transmission".extraConfig = '' - if ($scheme != "https") { - rewrite ^ https://$host$request_uri permanent; - } - auth_basic "Restricted Content"; - auth_basic_user_file ${pkgs.writeText "transmission-user-pass" '' - krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0 - ''}; - proxy_pass_header X-Transmission-Session-Id; - proxy_pass http://10.233.2.14:9091; - ''; + services.nginx.virtualHosts."lassul.us" = { + locations."^~ /flix/".extraConfig = '' + if ($scheme != "https") { + rewrite ^ https://$host$request_uri permanent; + } + auth_basic "Restricted Content"; + auth_basic_user_file ${pkgs.writeText "flix-user-pass" '' + krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0 + ''}; + proxy_pass http://10.233.2.14:80/; + proxy_set_header Accept-Encoding ""; + sub_filter "https://lassul.us/" "https://lassul.us/flix/"; + sub_filter_once off; + ''; + locations."^~ /chatty/".extraConfig = '' + rewrite ^ https://$host/flix/$request_uri permanent; + ''; + #locations."^~ /transmission".return = "301 https://$host/transmission/web/"; + locations."^~ /transmission/".extraConfig = '' + if ($scheme != "https") { + rewrite ^ https://$host$request_uri permanent; + } + auth_basic "Restricted Content"; + auth_basic_user_file ${pkgs.writeText "transmission-user-pass" '' + krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0 + ''}; + proxy_pass_header X-Transmission-Session-Id; + proxy_pass http://10.233.2.14:9091; + ''; + }; users.groups.download = {}; users.users = { @@ -376,6 +380,9 @@ with import <stockholm/lib>; lass.pubkey lass-android.pubkey makefu.pubkey + palo.pubkey + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos" + "AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki11:15 <Profpatsch> AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki" ]; }; }; diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix index 9bb31191c..831e03f79 100644 --- a/lass/1systems/shodan/config.nix +++ b/lass/1systems/shodan/config.nix @@ -19,7 +19,9 @@ with import <stockholm/lib>; <stockholm/lass/2configs/ssh-cryptsetup.nix> <stockholm/lass/2configs/nfs-dl.nix> <stockholm/lass/2configs/gg23.nix> + <stockholm/lass/2configs/hass> <stockholm/lass/2configs/br.nix> + <stockholm/lass/2configs/fetchWallpaper.nix> ]; krebs.build.host = config.krebs.hosts.shodan; diff --git a/lass/1systems/uriel/config.nix b/lass/1systems/uriel/config.nix index 3eddcfc52..b50dc63f5 100644 --- a/lass/1systems/uriel/config.nix +++ b/lass/1systems/uriel/config.nix @@ -12,6 +12,7 @@ with import <stockholm/lib>; i18n.defaultLocale ="de_DE.UTF-8"; time.timeZone = "Europe/Berlin"; services.xserver.enable = true; + services.xserver.libinput.enable = false; users.users.locke = { uid = genid "locke"; home = "/home/locke"; diff --git a/lass/1systems/xerxes/config.nix b/lass/1systems/xerxes/config.nix index 8630d0f4b..e4a4fb505 100644 --- a/lass/1systems/xerxes/config.nix +++ b/lass/1systems/xerxes/config.nix @@ -41,11 +41,11 @@ displayManager.lightdm.autoLogin.user = "lass"; }; - krebs.syncthing = { + services.syncthing.declarative = { folders = { the_playlist = { path = "/home/lass/tmp/the_playlist"; - peers = [ "mors" "phone" "prism" "xerxes" ]; + devices = [ "mors" "phone" "prism" "xerxes" ]; }; }; }; diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix index abbc0045b..82fe3fac5 100644 --- a/lass/1systems/yellow/config.nix +++ b/lass/1systems/yellow/config.nix @@ -54,12 +54,107 @@ with import <stockholm/lib>; root = "/var/download/finished"; extraConfig = '' fancyindex on; - dav_methods PUT DELETE MKCOL COPY MOVE; - + fancyindex_footer "/fancy.html"; + include ${pkgs.nginx}/conf/mime.types; + include ${pkgs.writeText "extrMime" '' + types { + video/webm mkv; + } + ''}; create_full_put_path on; - dav_access all:r; ''; }; + locations."/chatty" = { + proxyPass = "http://localhost:3000"; + extraConfig = '' + rewrite /chatty/(.*) /$1 break; + proxy_set_header Host $host; + ''; + }; + locations."= /fancy.html".extraConfig = '' + alias ${pkgs.writeText "nginx_footer" '' + <div id="mydiv"> + <!-- Include a header DIV with the same name as the draggable DIV, followed by "header" --> + <div id="mydivheader">Click here to move</div> + <iframe src="/chatty/index.html"></iframe> + </div> + <style> + #mydiv { + position: absolute; + z-index: 9; + background-color: #f1f1f1; + border: 1px solid #d3d3d3; + text-align: center; + } + + #mydivheader { + padding: 10px; + cursor: move; + z-index: 10; + background-color: #2196F3; + color: #fff; + } + </style> + <script> + // Make the DIV element draggable: + dragElement(document.getElementById("mydiv")); + + function dragElement(elmnt) { + var pos1 = 0, pos2 = 0, pos3 = 0, pos4 = 0; + if (document.getElementById(elmnt.id + "header")) { + // if present, the header is where you move the DIV from: + document.getElementById(elmnt.id + "header").onmousedown = dragMouseDown; + } else { + // otherwise, move the DIV from anywhere inside the DIV: + elmnt.onmousedown = dragMouseDown; + } + + function dragMouseDown(e) { + e = e || window.event; + e.preventDefault(); + // get the mouse cursor position at startup: + pos3 = e.clientX; + pos4 = e.clientY; + document.onmouseup = closeDragElement; + // call a function whenever the cursor moves: + document.onmousemove = elementDrag; + } + + function elementDrag(e) { + e = e || window.event; + e.preventDefault(); + // calculate the new cursor position: + pos1 = pos3 - e.clientX; + pos2 = pos4 - e.clientY; + pos3 = e.clientX; + pos4 = e.clientY; + // set the element's new position: + elmnt.style.top = (elmnt.offsetTop - pos2) + "px"; + elmnt.style.left = (elmnt.offsetLeft - pos1) + "px"; + } + + function closeDragElement() { + // stop moving when mouse button is released: + document.onmouseup = null; + document.onmousemove = null; + } + } + </script> + ''}; + ''; + }; + }; + + systemd.services.bruellwuerfel = { + wantedBy = [ "multi-user.target" ]; + environment = { + IRC_CHANNEL = "#flix"; + IRC_NICK = "bruelli"; + IRC_SERVER = "irc.r"; + IRC_HISTORY_FILE = "/tmp/bruelli.history"; + }; + serviceConfig = { + ExecStart = "${pkgs.bruellwuerfel}/bin/bruellwuerfel"; }; }; diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 52d694c46..b3340cb31 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -71,12 +71,14 @@ in { gitAndTools.qgit git-preview gnome3.dconf + iodine lm_sensors ncdu nix-index nix-review nmap pavucontrol + ponymix powertop rxvt_unicode-with-plugins sxiv diff --git a/lass/2configs/blue.nix b/lass/2configs/blue.nix index aad8411b1..a4000cada 100644 --- a/lass/2configs/blue.nix +++ b/lass/2configs/blue.nix @@ -19,6 +19,7 @@ with (import <stockholm/lib>); ]; services.tor.enable = true; + services.tor.client.enable = true; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-i retiolum -p udp --dport 60000:61000"; target = "ACCEPT";} diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 565608633..82839beba 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -102,9 +102,19 @@ "microsoft@lassul.us" "stickers@lassul.us" "nextbike@lassul.us" + "mytello@lassul.us" + "camp@lassul.us" + "urlwatch@lassul.us" + "lidl@lassul.us" + "geizhals@lassul.us" + "auschein@lassul.us" + "tleech@lassul.us" + "durstexpress@lassul.us" ]; in { + environment.systemPackages = [ pkgs.review-mail-queue ]; + krebs.exim-smarthost = { enable = true; dkim = [ diff --git a/lass/2configs/gg23.nix b/lass/2configs/gg23.nix index b23494b28..3d4c1e306 100644 --- a/lass/2configs/gg23.nix +++ b/lass/2configs/gg23.nix @@ -20,12 +20,13 @@ with import <stockholm/lib>; } ''; machines = [ - { ethernetAddress = "c8:3d:d4:2c:40:ae"; hostName = "tv"; ipAddress = "10.42.0.3"; } + { ethernetAddress = "a8:a6:48:65:ce:4c"; hostName = "tv"; ipAddress = "10.42.0.3"; } { ethernetAddress = "3c:2a:f4:22:28:37"; hostName = "drucker"; ipAddress = "10.42.0.4"; } - { ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-bett"; ipAddress = "10.42.0.10"; } + { ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-tv"; ipAddress = "10.42.0.10"; } { ethernetAddress = "80:7d:3a:68:04:f0"; hostName = "s20-drucker"; ipAddress = "10.42.0.11"; } - { ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-kueche"; ipAddress = "10.42.0.12"; } + { ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-wasch"; ipAddress = "10.42.0.12"; } { ethernetAddress = "80:7d:3a:67:bb:69"; hostName = "s20-stereo"; ipAddress = "10.42.0.13"; } + { ethernetAddress = "ec:b5:fa:07:78:16"; hostName = "hue-bridge"; ipAddress = "10.42.0.21"; } { ethernetAddress = "80:8d:b7:c5:80:dc"; hostName = "arubaAP"; ipAddress = "10.42.0.99"; } ]; }; @@ -45,9 +46,6 @@ with import <stockholm/lib>; boot.kernel.sysctl."net.ipv4.ip_forward" = 1; krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass - { predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass - { predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto { predicate = "-i int0 -p udp --dport 53"; target = "ACCEPT"; } # dns ]; krebs.iptables.tables.filter.FORWARD.rules = [ @@ -62,72 +60,5 @@ with import <stockholm/lib>; krebs.iptables.tables.nat.POSTROUTING.rules = [ { v6 = false; predicate = "-s 10.42.0.0/24 ! -d 10.42.0.0/24"; target = "MASQUERADE"; } ]; - - services.home-assistant = let - tasmota_s20 = name: topic: { - platform = "mqtt"; - inherit name; - state_topic = "stat/${topic}/POWER"; - command_topic = "cmnd/${topic}/POWER"; - payload_on = "ON"; - payload_off = "OFF"; - }; - in { - enable = true; - package = pkgs.home-assistant.override { - #extraComponents = [ - # (pkgs.fetchgit { - # url = "https://github.com/marcschumacher/dwd_pollen"; - # rev = "0.1"; - # sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymllz2p"; - # }) - #]; - }; - config = { - homeassistant = { - name = "Home"; time_zone = "Europe/Berlin"; - latitude = "48.7687"; - longitude = "9.2478"; - elevation = 247; - }; - sun.elevation = 66; - discovery = {}; - frontend = { }; - mqtt = { - broker = "localhost"; - port = 1883; - client_id = "home-assistant"; - username = "gg23"; - password = "gg23-mqtt"; - keepalive = 60; - protocol = 3.1; - }; - sensor = [ - ]; - switch = [ - (tasmota_s20 "Drucker Strom" "drucker") - (tasmota_s20 "Bett Licht" "bett") - (tasmota_s20 "Kueche Licht" "kueche") - ]; - device_tracker = [ - { - platform = "luci"; - } - ]; - }; - }; - - services.mosquitto = { - enable = true; - host = "0.0.0.0"; - allowAnonymous = false; - checkPasswords = true; - users.gg23 = { - password = "gg23-mqtt"; - acl = [ "topic readwrite #" ]; - }; - }; - environment.systemPackages = [ pkgs.mosquitto ]; - } diff --git a/lass/2configs/green-host.nix b/lass/2configs/green-host.nix index 1421eede7..0cccbc30e 100644 --- a/lass/2configs/green-host.nix +++ b/lass/2configs/green-host.nix @@ -20,7 +20,7 @@ with import <stockholm/lib>; } ]; - krebs.syncthing.folders."/var/lib/sync-containers".peers = [ "icarus" "skynet" "littleT" "shodan" ]; + services.syncthing.declarative.folders."/var/lib/sync-containers".devices = [ "icarus" "skynet" "littleT" "shodan" ]; krebs.permown."/var/lib/sync-containers" = { owner = "root"; group = "syncthing"; diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix new file mode 100644 index 000000000..ef9361102 --- /dev/null +++ b/lass/2configs/hass/default.nix @@ -0,0 +1,86 @@ +{ config, lib, pkgs, ... }: +{ + imports = [ + ./zigbee.nix + ./rooms/bett.nix + ]; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto + { predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto + { predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass + { predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass + ]; + + services.home-assistant = { + enable = true; + package = pkgs.home-assistant.override { + # extraComponents = [ "hue" ]; + }; + configWritable = true; + }; + + lass.hass.config = let + tasmota_s20 = name: topic: { + platform = "mqtt"; + inherit name; + state_topic = "stat/${topic}/POWER"; + command_topic = "cmnd/${topic}/POWER"; + payload_on = "ON"; + payload_off = "OFF"; + }; + in { + homeassistant = { + name = "Home"; + time_zone = "Europe/Berlin"; + latitude = "48.7687"; + longitude = "9.2478"; + elevation = 247; + }; + config = {}; + sun.elevation = 66; + discovery = {}; + frontend = {}; + mqtt = { + broker = "localhost"; + port = 1883; + client_id = "home-assistant"; + username = "gg23"; + password = "gg23-mqtt"; + keepalive = 60; + protocol = 3.1; + + discovery = true; + birth_message = { + topic = "/hass/status"; + payload = "online"; + }; + will_message = { + topic = "/hass/status"; + payload = "offline"; + }; + }; + sensor = [ + ]; + switch = [ + (tasmota_s20 "TV" "tv") + (tasmota_s20 "Drucker Strom" "drucker") + (tasmota_s20 "Waschmaschine" "wasch") + (tasmota_s20 "Stereo Anlage" "stereo") + ]; + mobile_app = {}; + }; + + services.mosquitto = { + enable = true; + host = "0.0.0.0"; + allowAnonymous = false; + checkPasswords = true; + users.gg23 = { + password = "gg23-mqtt"; + acl = [ "topic readwrite #" ]; + }; + }; + + environment.systemPackages = [ pkgs.mosquitto ]; +} diff --git a/lass/2configs/hass/lib.nix b/lass/2configs/hass/lib.nix new file mode 100644 index 000000000..c69f5e887 --- /dev/null +++ b/lass/2configs/hass/lib.nix @@ -0,0 +1,83 @@ +{ + lights = { + bett = "light.0x0017880106ed3bd8_light"; + essen = "light.0x0017880108327622_light"; + arbeit = "light.0x0017880106ee2865_light"; + nass = "light.0x00178801082e9f2f_light"; + }; + + sensors = { + bett = "0x00178801086ac38c"; + }; + + lightswitch = switch: light: { + automation = [ + { + trigger = { + platform = "mqtt"; + topic = "zigbee/${switch}"; + }; + condition = { + condition = "or"; + conditions = [ + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'on-press' }}"; + } + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'up-press' }}"; + } + { + condition = "and"; + conditions = [ + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'down-press' }}"; + } + { + condition = "template"; + value_template = "{{ trigger.payload_json.brightness > 30 }}"; + } + ]; + } + ]; + }; + action = [ + { + service = "light.turn_on"; + data_template = { + entity_id = light; + brightness = "{{ trigger.payload_json.brightness }}"; + }; + } + ]; + } + { + trigger = { + platform = "mqtt"; + topic = "zigbee/${switch}"; + }; + condition = { + condition = "or"; + conditions = [ + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'off-press' }}"; + } + { + condition = "template"; + value_template = "{{ trigger.payload_json.brightness < 30 }}"; + } + ]; + }; + action = { + service = "light.turn_off"; + data_template = { + entity_id = light; + }; + }; + } + ]; + }; +} diff --git a/lass/2configs/hass/rooms/bett.nix b/lass/2configs/hass/rooms/bett.nix new file mode 100644 index 000000000..21092ef5f --- /dev/null +++ b/lass/2configs/hass/rooms/bett.nix @@ -0,0 +1,27 @@ +{ lib, ... }: +with import ../lib.nix; + +{ + lass.hass.config = lib.lists.fold lib.recursiveUpdate {} [ + { + #automation = [{ + # trigger = { + # platform = "mqtt"; + # topic = "zigbee/0x00178801086ac38c/action"; + # payload = "on-press"; + # }; + # action = { + # service = "light.turn_on"; + # data = { + # brightness = 150; + # rgb_color = [ 255 0 0 ]; + # entity_id = [ + # "light.0x0017880108327622_light" + # ]; + # }; + # }; + #}]; + } + (lightswitch sensors.bett lights.bett) + ]; +} diff --git a/lass/2configs/hass/zigbee.nix b/lass/2configs/hass/zigbee.nix new file mode 100644 index 000000000..4d57f9ca4 --- /dev/null +++ b/lass/2configs/hass/zigbee.nix @@ -0,0 +1,152 @@ +{config, pkgs, lib, ...}: let + + zigbee2mqtt_cfg = pkgs.writeText "zigbee2mqtt.json" (builtins.toJSON { + homeassistant = true; + permit_join = true; + mqtt = { + discovery = true; + base_topic = "zigbee"; + server = "mqtt://10.42.0.1"; + user = "gg23"; + password = "gg23-mqtt"; + }; + serial.port = "/dev/cc2531"; + }); + +in { + # symlink the zigbee controller + services.udev.extraRules = '' + SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dailout" + ''; + + system.activationScripts.installZigbee = '' + install -d /var/lib/zigbee2mqtt + install ${zigbee2mqtt_cfg} /var/lib/zigbee2mqtt/configuration.yaml + ''; + + # hack to restart docker container on config change + systemd.services.docker-zigbee2mqtt.environment.cfg = zigbee2mqtt_cfg; + + docker-containers.zigbee2mqtt = { + image = "koenkk/zigbee2mqtt"; + extraDockerOptions = [ + "--device=/dev/cc2531:/dev/cc2531" + ]; + volumes = ["/var/lib/zigbee2mqtt:/app/data"]; + }; + + lass.hass.config = { + sensor = [ + # Sensor for monitoring the bridge state + { + platform = "mqtt"; + name = "Zigbee2mqtt Bridge state"; + state_topic = "/zigbee/bridge/state"; + icon = "mdi:router-wireless"; + } + # Sensor for Showing the Zigbee2mqtt Version + { + platform = "mqtt"; + name = "Zigbee2mqtt Version"; + state_topic = "/zigbee/bridge/config"; + value_template = "{{ value_json.version }}"; + icon = "mdi:zigbee"; + } + # Sensor for Showing the Coordinator Version + { + platform = "mqtt"; + name = "Coordinator Version"; + state_topic = "/zigbee/bridge/config"; + value_template = "{{ value_json.coordinator }}"; + icon = "mdi:chip"; + } + ]; + switch = [ + { + platform = "mqtt"; + name = "Zigbee2mqtt Main join"; + state_topic = "/zigbee/bridge/config/permit_join"; + command_topic = "/zigbee/bridge/config/permit_join"; + payload_on = "true"; + payload_off = "false"; + } + ]; + automation = [ + { + alias = "Zigbee2mqtt Log Level"; + initial_state = "on"; + trigger = { + platform = "state"; + entity_id = "input_select.zigbee2mqtt_log_level"; + }; + action = [ + { + service = "mqtt.publish"; + data = { + payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}"; + topic = "/zigbee/bridge/config/log_level"; + }; + } + ]; + } + # Automation to start timer when enable join is turned on + { + id = "zigbee_join_enabled"; + alias = "Zigbee Join Enabled"; + hide_entity = "true"; + trigger = { + platform = "state"; + entity_id = "switch.zigbee2mqtt_main_join"; + to = "on"; + }; + action = { + service = "timer.start"; + entity_id = "timer.zigbee_permit_join"; + }; + } + # Automation to stop timer when switch turned off and turn off switch when timer finished + { + id = "zigbee_join_disabled"; + alias = "Zigbee Join Disabled"; + hide_entity = "true"; + trigger = [ + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.zigbee_permit_join"; + } + { + platform = "state"; + entity_id = "switch.zigbee2mqtt_main_join"; + to = "off"; + } + ]; + action = [ + { service = "timer.cancel"; + data.entity_id = "timer.zigbee_permit_join"; + } + { service = "switch.turn_off"; + entity_id = "switch.zigbee2mqtt_main_join"; + } + ]; + } + ]; + input_select.zigbee2mqtt_log_level = { + name = "Zigbee2mqtt Log Level"; + options = [ + "debug" + "info" + "warn" + "error" + ]; + initial = "info"; + icon = "mdi:format-list-bulleted"; + }; + + timer.zigbee_permit_join = { + name = "Zigbee Time remaining"; + duration = 120; + }; + }; +} + diff --git a/lass/2configs/mpv.nix b/lass/2configs/mpv.nix index 7dc43a9ee..5d7bfed60 100644 --- a/lass/2configs/mpv.nix +++ b/lass/2configs/mpv.nix @@ -12,14 +12,17 @@ let video_filename = sys.argv[1] vid = scan_video(video_filename) - sub = download_best_subtitles([vid], {Language('eng')})[vid][0] + try: + sub = download_best_subtitles([vid], {Language('eng')})[vid][0] - filename = '/tmp/' + vid.title + '.srt' + filename = '/tmp/' + vid.title + '.srt' - with open(filename, 'wb+') as file: - file.write(sub.content) + with open(filename, 'wb+') as file: + file.write(sub.content) - print(filename) + print(filename) + except: # noqa + print("/dev/null") ''; autosub = pkgs.writeText "autosub.lua" '' @@ -70,7 +73,6 @@ let download() end - mp.register_event('file-loaded', control_download) mp.add_key_binding('S', "download_subs", download) ''; @@ -79,7 +81,6 @@ let paths = [ (pkgs.writeDashBin "mpv" '' exec ${pkgs.mpv}/bin/mpv --no-config --script=${autosub} "$@" - # exec ${pkgs.mpv}/bin/mpv --no-config "$@" '') pkgs.mpv ]; diff --git a/lass/2configs/network-manager.nix b/lass/2configs/network-manager.nix index ab27eb841..75b9bd1fd 100644 --- a/lass/2configs/network-manager.nix +++ b/lass/2configs/network-manager.nix @@ -26,7 +26,11 @@ users.users.mainUser = { extraGroups = [ "networkmanager" ]; packages = with pkgs; [ - gnome3.gnome_keyring gnome3.dconf + gnome3.gnome_keyring + gnome3.dconf ]; }; + environment.systemPackages = [ + pkgs.nm-dmenu + ]; } diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index b24d7af3e..6245691fe 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -9,20 +9,76 @@ let admin-password = import <secrets/icecast-admin-pw>; source-password = import <secrets/icecast-source-pw>; + music_dir = "/home/radio/music"; + add_random = pkgs.writeDashBin "add_random" '' - ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.mpc_cli}/bin/mpc ls the_playlist/music | grep '\.ogg$' | shuf -n1)" + ${pkgs.mpc_cli}/bin/mpc add "$(${pkgs.findutils}/bin/find "${music_dir}/the_playlist" | grep -v '/other/' | grep '\.ogg$' | shuf -n1 | sed 's,${music_dir}/,,')" ''; - skip_track = pkgs.writeDashBin "skip_track" '' + skip_track = pkgs.writeBashBin "skip_track" '' + set -eu + ${add_random}/bin/add_random - echo skipping: "$(${print_current}/bin/print_current)" + music_dir=${escapeShellArg music_dir} + current_track=$(${pkgs.mpc_cli}/bin/mpc current -f %file%) + track_infos=$(${print_current}/bin/print_current) + skip_count=$(${pkgs.attr}/bin/getfattr -n user.skip_count --only-values "$music_dir"/"$current_track" || echo 0) + if [[ "$current_track" =~ ^the_playlist/music/.* ]] && [ "$skip_count" -le 2 ]; then + skip_count=$((skip_count+1)) + ${pkgs.attr}/bin/setfattr -n user.skip_count -v "$skip_count" "$music_dir"/"$current_track" + echo skipping: "$track_infos" skip_count: "$skip_count" + else + mkdir -p "$music_dir"/.graveyard/ + mv "$music_dir"/"$current_track" "$music_dir"/.graveyard/ + echo killing: "$track_infos" + fi ${pkgs.mpc_cli}/bin/mpc -q next ''; + good_track = pkgs.writeBashBin "good_track" '' + set -eu + + music_dir=${escapeShellArg music_dir} + current_track=$(${pkgs.mpc_cli}/bin/mpc current -f %file%) + track_infos=$(${print_current}/bin/print_current) + if [[ "$current_track" =~ ^the_playlist/music/.* ]]; then + ${pkgs.attr}/bin/setfattr -n user.skip_count -v 0 "$music_dir"/"$current_track" + else + mv "$music_dir"/"$current_track" "$music_dir"/the_playlist/music/ || : + fi + echo good: "$track_infos" + ''; + + track_youtube_link = pkgs.writeDash "track_youtube_link" '' + ${pkgs.mpc_cli}/bin/mpc current -f %file% \ + | ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@https://www.youtube.com/watch?v=\1@' + ''; + print_current = pkgs.writeDashBin "print_current" '' echo "$(${pkgs.mpc_cli}/bin/mpc current -f %file%) \ - $(${pkgs.mpc_cli}/bin/mpc current -f %file% \ - | ${pkgs.gnused}/bin/sed 's@.*\(.\{11\}\)\.ogg@http://www.youtube.com/watch?v=\1@')" + $(${track_youtube_link})" + ''; + + print_current_json = pkgs.writeDashBin "print_current_json" '' + ${pkgs.jq}/bin/jq -n -c \ + --arg name "$(${pkgs.mpc_cli}/bin/mpc current)" \ + --arg filename "$(${pkgs.mpc_cli}/bin/mpc current -f %file%)" \ + --arg youtube "$(${track_youtube_link})" '{ + name: $name, + filename: $filename, + youtube: $youtube + }' + ''; + + write_to_irc = pkgs.writeDash "write_to_irc" '' + ${pkgs.curl}/bin/curl -fsSv --unix-socket /home/radio/reaktor.sock http://z/ \ + -H content-type:application/json \ + -d "$(${pkgs.jq}/bin/jq -n \ + --arg text "$1" '{ + command:"PRIVMSG", + params:["#the_playlist",$text] + }' + )" ''; in { @@ -48,8 +104,10 @@ in { krebs.per-user.${name}.packages = with pkgs; [ add_random + good_track skip_track print_current + print_current_json ncmpcpp mpc_cli ]; @@ -57,7 +115,7 @@ in { services.mpd = { enable = true; group = "radio"; - musicDirectory = "/home/radio/music"; + musicDirectory = "${music_dir}"; extraConfig = '' log_level "default" auto_update "yes" @@ -115,6 +173,7 @@ in { tables = { filter.INPUT.rules = [ { predicate = "-p tcp --dport 8000"; target = "ACCEPT"; } + { predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; } ]; }; }; @@ -164,6 +223,7 @@ in { done | while read track; do echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE" echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE" + ${write_to_irc} "playing: $track" done ''; in { @@ -175,14 +235,20 @@ in { serviceConfig = { ExecStart = recentlyPlayed; + User = "radio"; }; }; + # allow reaktor2 to modify files + systemd.services."reaktor2-the_playlist".serviceConfig.DynamicUser = mkForce false; + krebs.reaktor2.the_playlist = { hostname = "irc.freenode.org"; port = "6697"; useTLS = true; nick = "the_playlist"; + username = "radio"; + API.listen = "unix:/home/radio/reaktor.sock"; plugins = [ { plugin = "register"; @@ -199,12 +265,19 @@ in { workdir = config.krebs.reaktor2.the_playlist.stateDir; hooks.PRIVMSG = [ { - #activate = "match"; - pattern = "^\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$"; + activate = "match"; + pattern = "^(?:.*\\s)?\\s*the_playlist:\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$"; command = 1; arguments = [2]; commands = { skip.filename = "${skip_track}/bin/skip_track"; + next.filename = "${skip_track}/bin/skip_track"; + bad.filename = "${skip_track}/bin/skip_track"; + + good.filename = "${good_track}/bin/good_track"; + nice.filename = "${good_track}/bin/good_track"; + like.filename = "${good_track}/bin/good_track"; + current.filename = "${print_current}/bin/print_current"; suggest.filename = pkgs.writeDash "suggest" '' echo "$@" >> playlist_suggest @@ -217,6 +290,42 @@ in { ]; }; + krebs.htgen.radio = { + port = 8001; + user = { + name = "radio"; + }; + script = '' + case "$Method $Request_URI" in + "GET /current") + printf 'HTTP/1.1 200 OK\r\n' + printf 'Connection: close\r\n' + printf '\r\n' + ${print_current_json}/bin/print_current_json + exit + ;; + "POST /skip") + printf 'HTTP/1.1 200 OK\r\n' + printf 'Connection: close\r\n' + printf '\r\n' + msg=$(${skip_track}/bin/skip_track) + ${write_to_irc} "$msg" + echo "$msg" + exit + ;; + "POST /good") + printf 'HTTP/1.1 200 OK\r\n' + printf 'Connection: close\r\n' + printf '\r\n' + msg=$(${good_track}/bin/good_track) + ${write_to_irc} "$msg" + echo "$msg" + exit + ;; + esac + ''; + }; + services.nginx = { enable = true; virtualHosts."radio.lassul.us" = { @@ -258,9 +367,9 @@ in { alias ${html}; ''; }; - krebs.syncthing.folders."the_playlist" = { + services.syncthing.declarative.folders."the_playlist" = { path = "/home/radio/music/the_playlist"; - peers = [ "mors" "phone" "prism" "xerxes" ]; + devices = [ "mors" "phone" "prism" "xerxes" ]; }; krebs.permown."/home/radio/music/the_playlist" = { owner = "radio"; diff --git a/lass/2configs/sync/decsync.nix b/lass/2configs/sync/decsync.nix index c3f6511c2..9caefdd2d 100644 --- a/lass/2configs/sync/decsync.nix +++ b/lass/2configs/sync/decsync.nix @@ -1,7 +1,7 @@ { - krebs.syncthing.folders.decsync = { + services.syncthing.declarative.folders.decsync = { path = "/home/lass/decsync"; - peers = [ "mors" "blue" "green" "phone" ]; + devices = [ "mors" "blue" "green" "phone" ]; }; krebs.permown."/home/lass/decsync" = { owner = "lass"; diff --git a/lass/2configs/sync/weechat.nix b/lass/2configs/sync/weechat.nix index 30c7b262b..ccbfc75a1 100644 --- a/lass/2configs/sync/weechat.nix +++ b/lass/2configs/sync/weechat.nix @@ -1,5 +1,5 @@ { - krebs.syncthing.folders."/home/lass/.weechat".peers = [ "blue" "green" "mors" ]; + services.syncthing.declarative.folders."/home/lass/.weechat".devices = [ "blue" "green" "mors" ]; krebs.permown."/home/lass/.weechat" = { owner = "lass"; group = "syncthing"; diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index d4df17b9a..5397c2ca6 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -7,18 +7,20 @@ in { enable = true; group = "syncthing"; configDir = "/var/lib/syncthing"; + declarative = { + key = toString <secrets/syncthing.key>; + cert = toString <secrets/syncthing.cert>; + devices = mk_peers all_peers; + folders."/home/lass/sync" = { + devices = attrNames (filterAttrs (n: v: n != "phone") own_peers); + # ignorePerms = false; + }; + }; }; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport 22000"; target = "ACCEPT";} { predicate = "-p udp --dport 21027"; target = "ACCEPT";} ]; - krebs.syncthing = { - enable = true; - cert = toString <secrets/syncthing.cert>; - key = toString <secrets/syncthing.key>; - peers = mk_peers all_peers; - folders."/home/lass/sync".peers = attrNames (filterAttrs (n: v: n != "phone") own_peers); - }; system.activationScripts.syncthing-home = '' ${pkgs.coreutils}/bin/chmod a+x /home/lass diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 80ed12edc..bd113567f 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -270,14 +270,14 @@ in { }; boot.kernel.sysctl."fs.inotify.max_user_watches" = "1048576"; - krebs.syncthing.folders = { + services.syncthing.declarative.folders = { domsen-backups = { path = "/backups/domsen"; - peers = [ "domsen-backup" ]; + devices = [ "domsen-backup" ]; }; domsen-backup-srv-http = { path = "/srv/http"; - peers = [ "domsen-backup" ]; + devices = [ "domsen-backup" ]; }; }; diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 901fecfb2..baeac213b 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -13,6 +13,8 @@ in { ]; security.acme = { + email = "acme@lassul.us"; + acceptTerms = true; certs."lassul.us" = { allowKeysForGroup = true; group = "lasscert"; @@ -72,11 +74,6 @@ in { security.acme.certs."cgit.lassul.us" = { email = "lassulus@lassul.us"; webroot = "/var/lib/acme/acme-challenge"; - plugins = [ - "account_key.json" - "fullchain.pem" - "key.pem" - ]; group = "nginx"; user = "nginx"; }; diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 90dcb9d9c..057c7c74a 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -4,6 +4,7 @@ _: ./dnsmasq.nix ./ejabberd ./folderPerms.nix + ./hass.nix ./hosts.nix ./mysql-backup.nix ./news.nix diff --git a/lass/3modules/hass.nix b/lass/3modules/hass.nix new file mode 100644 index 000000000..30158e78a --- /dev/null +++ b/lass/3modules/hass.nix @@ -0,0 +1,34 @@ +{ config, lib, pkgs, ... }: +with import <stockholm/lib>; +let + + cfg = config.lass.hass; + +in { + options.lass.hass = { + config = mkOption { + default = {}; + type = with lib.types; let + valueType = nullOr (oneOf [ + bool + int + float + str + (attrsOf valueType) + (listOf valueType) + ]) // { + description = "Yaml value"; + emptyValue.value = {}; + }; + in valueType; + }; + }; + + config = + assert versionOlder version "20.09"; + mkIf (cfg.config != {}) + { + services.home-assistant.config = cfg.config; + }; +} + diff --git a/lass/5pkgs/bruellwuerfel/default.nix b/lass/5pkgs/bruellwuerfel/default.nix new file mode 100644 index 000000000..cb8f08fa8 --- /dev/null +++ b/lass/5pkgs/bruellwuerfel/default.nix @@ -0,0 +1,26 @@ +{ yarn2nix-moretea, fetchFromGitHub, nodePackages, nodejs }: let + #src = ~/src/bruellwuerfel; + src = fetchFromGitHub { + owner = "krebs"; + repo = "bruellwuerfel"; + rev = "57e20e630f732ce4e15b495ec5f9bf72a121b959"; + sha256 = "08zwwl24sq21r497a03lqpy2x10az8frrsh6d38xm92snd1yf85b"; + }; + +in yarn2nix-moretea.mkYarnModules rec { + pname = "bruellwuerfel"; + version = "1.0"; + name = "${pname}-${version}"; + packageJSON = "${src}/package.json"; + yarnLock = "${src}/yarn.lock"; + postBuild = '' + cp -r ${src}/{src,tsconfig.json} $out/ + cd $out + ${nodePackages.typescript}/bin/tsc || : + mkdir -p $out/bin + echo '#!/bin/sh' > $out/bin/bruellwuerfel + echo "export NODE_PATH=$out/dist" >> $out/bin/bruellwuerfel + echo "${nodejs}/bin/node $out/dist/index.js" >> $out/bin/bruellwuerfel + chmod +x $out/bin/bruellwuerfel + ''; +} diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix index c0aef513f..e1c45598f 100644 --- a/lass/5pkgs/custom/xmonad-lass/default.nix +++ b/lass/5pkgs/custom/xmonad-lass/default.nix @@ -1,16 +1,10 @@ { config, pkgs, ... }: -pkgs.writeHaskellPackage "xmonad-lass" { - executables.xmonad = { - extra-depends = [ - "containers" - "extra" - "unix" - "X11" - "xmonad" - "xmonad-contrib" - "xmonad-stockholm" - ]; - text = /* haskell */ '' +pkgs.writers.writeHaskellBin "xmonad" { + libraries = with pkgs.haskellPackages; [ + extra + xmonad-stockholm + ]; +} /* haskell */ '' {-# LANGUAGE LambdaCase #-} @@ -62,7 +56,7 @@ instance UrgencyHook LibNotifyUrgencyHook where safeSpawn "${pkgs.libnotify}/bin/notify-send" [show name, "workspace " ++ idx] myTerm :: FilePath -myTerm = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtc" +myTerm = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtc" myFont :: String myFont = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1" @@ -150,10 +144,7 @@ myKeyMap = , ("M4-<F2>", windows copyToAll) - , ("M4-<F4>", spawn "${pkgs.writeDash "nm-dmenu" '' - export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin - exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@" - ''}") + , ("M4-<F4>", spawn "${pkgs.nm-dmenu}/bin/nm-dmenu") , ("M4-<Insert>", spawn "${pkgs.writeDash "paste" '' ${pkgs.coreutils}/bin/sleep 0.1 ${pkgs.xclip}/bin/xclip -o | ${pkgs.xdotool}/bin/xdotool type -f - @@ -223,6 +214,4 @@ gridConfig = def allWorkspaceNames :: W.StackSet i l a sid sd -> X [i] allWorkspaceNames ws = return $ map W.tag (W.hidden ws ++ (map W.workspace $ W.visible ws)) ++ [W.tag $ W.workspace $ W.current ws] - ''; - }; -} +'' diff --git a/lass/5pkgs/emot-menu/default.nix b/lass/5pkgs/emot-menu/default.nix index d5d84e456..440e160d0 100644 --- a/lass/5pkgs/emot-menu/default.nix +++ b/lass/5pkgs/emot-menu/default.nix @@ -18,6 +18,9 @@ ζ | zeta (╯°□°)╯ ┻━┻ | table flip (」゜ロ゜)」 | why woot +(_゜_゜_) | gloom I see you +༼ ༎ຶ ෴ ༎ຶ༽ | sad +(\/) (°,,,,°) (\/) | krebs ''; in diff --git a/lass/5pkgs/fzfmenu/default.nix b/lass/5pkgs/fzfmenu/default.nix index bdae8ceed..64e95d233 100644 --- a/lass/5pkgs/fzfmenu/default.nix +++ b/lass/5pkgs/fzfmenu/default.nix @@ -32,14 +32,24 @@ pkgs.writeDashBin "fzfmenu" '' done INPUT=$(${pkgs.coreutils}/bin/cat) OUTPUT="$(${pkgs.coreutils}/bin/mktemp)" - ${pkgs.rxvt_unicode}/bin/urxvt \ - -name fzfmenu -title fzfmenu \ - -e ${pkgs.dash}/bin/dash -c \ - "echo \"$INPUT\" | ${pkgs.fzf}/bin/fzf \ - --history=/dev/null \ - --print-query \ - --prompt=\"$PROMPT\" \ - > \"$OUTPUT\"" 2>/dev/null + if [ -z ''${TERM+x} ]; then #check if we can print fzf in the shell + ${pkgs.rxvt_unicode}/bin/urxvt \ + -name fzfmenu -title fzfmenu \ + -e ${pkgs.dash}/bin/dash -c \ + "echo \"$INPUT\" | ${pkgs.fzf}/bin/fzf \ + --history=/dev/null \ + --print-query \ + --prompt=\"$PROMPT\" \ + --reverse \ + > \"$OUTPUT\"" 2>/dev/null + else + echo "$INPUT" | ${pkgs.fzf}/bin/fzf \ + --history=/dev/null \ + --print-query \ + --prompt="$PROMPT" \ + --reverse \ + > "$OUTPUT" + fi ${pkgs.coreutils}/bin/tail -1 "$OUTPUT" ${pkgs.coreutils}/bin/rm "$OUTPUT" '' diff --git a/lass/5pkgs/nm-dmenu/default.nix b/lass/5pkgs/nm-dmenu/default.nix new file mode 100644 index 000000000..cb47bded3 --- /dev/null +++ b/lass/5pkgs/nm-dmenu/default.nix @@ -0,0 +1,6 @@ +{ pkgs, ... }: + +pkgs.writeDashBin "nm-dmenu" '' + export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin + exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@" +'' diff --git a/lass/5pkgs/review-mail-queue/default.nix b/lass/5pkgs/review-mail-queue/default.nix new file mode 100644 index 000000000..c8c66706c --- /dev/null +++ b/lass/5pkgs/review-mail-queue/default.nix @@ -0,0 +1,39 @@ +{ pkgs }: let + + review = pkgs.writers.writeBash "review-mail" '' + mail="$1" + ${pkgs.exim}/bin/exim -Mvc "$mail" | grep -E 'Subject:|To:' + ${pkgs.exim}/bin/exim -Mvl "$mail" + while :; do + read -p 'delete?' key + case "$key" in + v*) + ${pkgs.exim}/bin/exim -Mvc "$mail" + ;; + d*) + ${pkgs.exim}/bin/exim -Mrm "$mail" + break + ;; + r*) + ${pkgs.exim}/bin/exim -Mt "$mail" + break + ;; + n*) + break + ;; + esac + done + echo '-------------------' + echo '-------------------' + echo '-------------------' + echo '-------------------' + echo '-------------------' + ''; + +in pkgs.writers.writeBashBin "review-mail" '' + for mail in $(${pkgs.exim}/bin/exim -bp \ + | ${pkgs.gnugrep}/bin/grep frozen \ + | ${pkgs.gawk}/bin/awk '{print $3}'); do + ${review} "$mail" + done +'' diff --git a/lib/default.nix b/lib/default.nix index 14e6e27a3..5a948bbf3 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -49,6 +49,8 @@ let indent = replaceChars ["\n"] ["\n "]; + stripAttr = converge (filterAttrsRecursive (n: v: v != {} && v != null)); + mapNixDir = f: x: { list = foldl' mergeAttrs {} (map (mapNixDir1 f) x); path = mapNixDir1 f x; diff --git a/nin/0tests/dummysecrets/hashedPasswords.nix b/nin/0tests/dummysecrets/hashedPasswords.nix deleted file mode 100644 index 0967ef424..000000000 --- a/nin/0tests/dummysecrets/hashedPasswords.nix +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/nin/0tests/dummysecrets/ssh.id_ed25519 b/nin/0tests/dummysecrets/ssh.id_ed25519 deleted file mode 100644 index e69de29bb..000000000 --- a/nin/0tests/dummysecrets/ssh.id_ed25519 +++ /dev/null diff --git a/nin/1systems/axon/config.nix b/nin/1systems/axon/config.nix deleted file mode 100644 index 5e81afdbd..000000000 --- a/nin/1systems/axon/config.nix +++ /dev/null @@ -1,132 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: - -with lib; - -{ - imports = [ - <stockholm/nin> - <nixpkgs/nixos/modules/installer/scan/not-detected.nix> - #../2configs/copyq.nix - <stockholm/nin/2configs/ableton.nix> - <stockholm/nin/2configs/games.nix> - <stockholm/nin/2configs/git.nix> - <stockholm/nin/2configs/retiolum.nix> - <stockholm/nin/2configs/termite.nix> - ]; - - krebs.build.host = config.krebs.hosts.axon; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/pool/root"; - fsType = "ext4"; - }; - - fileSystems."/tmp" = - { device = "tmpfs"; - fsType = "tmpfs"; - }; - - fileSystems."/boot" = - { device = "/dev/sda1"; - fsType = "ext2"; - }; - - boot.initrd.luks.devices.crypted.device = "/dev/sda2"; - boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; - - swapDevices = [ ]; - - nix.maxJobs = lib.mkDefault 4; - # Use the GRUB 2 boot loader. - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - # Define on which hard drive you want to install Grub. - boot.loader.grub.device = "/dev/sda"; - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # nin config - time.timeZone = "Europe/Berlin"; - services.xserver = { - enable = true; - - displayManager.lightdm.enable = true; - }; - - networking.networkmanager.enable = true; - #networking.wireless.enable = true; - - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - - hardware.bluetooth.enable = true; - - hardware.opengl.driSupport32Bit = true; - - #nixpkgs.config.steam.java = true; - - environment.systemPackages = with pkgs; [ - atom - chromium - firefox - git - htop - keepassx - lmms - networkmanagerapplet - openvpn - python - ruby - steam - taskwarrior - thunderbird - vim - virtmanager - ]; - - nixpkgs.config = { - - allowUnfree = true; - - }; - - #services.logind.extraConfig = "HandleLidSwitch=ignore"; - - services.xserver.synaptics = { - enable = true; - }; - - services.xserver.displayManager.sessionCommands = '' - ${pkgs.xorg.xhost}/bin/xhost + local: - ''; - - services.xserver.desktopManager.xfce = let - xbindConfig = pkgs.writeText "xbindkeysrc" '' - "${pkgs.pass}/bin/passmenu --type" - Control + p - ''; - in { - enable = true; - extraSessionCommands = '' - ${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig} - ''; - }; - - # The NixOS release to be compatible with for stateful data such as databases. - system.stateVersion = "17.03"; - -} diff --git a/nin/1systems/hiawatha/config.nix b/nin/1systems/hiawatha/config.nix deleted file mode 100644 index a09eed958..000000000 --- a/nin/1systems/hiawatha/config.nix +++ /dev/null @@ -1,126 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: - -with lib; - -{ - imports = [ - <stockholm/nin> - <nixpkgs/nixos/modules/installer/scan/not-detected.nix> - #../2configs/copyq.nix - <stockholm/nin/2configs/games.nix> - <stockholm/nin/2configs/git.nix> - <stockholm/nin/2configs/retiolum.nix> - <stockholm/nin/2configs/termite.nix> - ]; - - krebs.build.host = config.krebs.hosts.hiawatha; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/b83f8830-84f3-4282-b10e-015c4b76bd9e"; - fsType = "ext4"; - }; - - fileSystems."/tmp" = - { device = "tmpfs"; - fsType = "tmpfs"; - }; - - fileSystems."/home" = - { device = "/dev/fam/home"; - }; - - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/2f319b08-2560-401d-b53c-2abd28f1a010"; - fsType = "ext2"; - }; - - boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; - boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; - - swapDevices = [ ]; - - nix.maxJobs = lib.mkDefault 4; - # Use the GRUB 2 boot loader. - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - # Define on which hard drive you want to install Grub. - boot.loader.grub.device = "/dev/sda"; - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - fileSystems."/home/nin/.local/share/Steam" = { - device = "/dev/fam/steam"; - }; - - # nin config - time.timeZone = "Europe/Berlin"; - services.xserver.enable = true; - - networking.networkmanager.enable = true; - #networking.wireless.enable = true; - - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - - hardware.bluetooth.enable = true; - - hardware.opengl.driSupport32Bit = true; - - #nixpkgs.config.steam.java = true; - - environment.systemPackages = with pkgs; [ - firefox - git - lmms - networkmanagerapplet - python - steam - thunderbird - vim - virtmanager - ]; - - nixpkgs.config = { - - allowUnfree = true; - - }; - - #services.logind.extraConfig = "HandleLidSwitch=ignore"; - - services.xserver.synaptics = { - enable = true; - }; - - - services.xserver.desktopManager.xfce = let - xbindConfig = pkgs.writeText "xbindkeysrc" '' - "${pkgs.pass}/bin/passmenu --type" - Control + p - ''; - in { - enable = true; - extraSessionCommands = '' - ${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig} - ''; - }; - - # The NixOS release to be compatible with for stateful data such as databases. - system.stateVersion = "17.03"; - -} diff --git a/nin/1systems/onondaga/config.nix b/nin/1systems/onondaga/config.nix deleted file mode 100644 index 3cd0773ae..000000000 --- a/nin/1systems/onondaga/config.nix +++ /dev/null @@ -1,23 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: - -{ - imports = [ - <stockholm/nin> - <stockholm/nin/2configs/retiolum.nix> - <stockholm/nin/2configs/weechat.nix> - <stockholm/nin/2configs/git.nix> - ]; - - krebs.build.host = config.krebs.hosts.onondaga; - - boot.isContainer = true; - networking.useDHCP = false; - - time.timeZone = "Europe/Amsterdam"; - - services.openssh.enable = true; -} diff --git a/nin/2configs/ableton.nix b/nin/2configs/ableton.nix deleted file mode 100644 index 343a9089d..000000000 --- a/nin/2configs/ableton.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ config, pkgs, ... }: let - mainUser = config.users.extraUsers.nin; -in { - users.users= { - ableton = { - isNormalUser = true; - extraGroups = [ - "audio" - "video" - ]; - packages = [ - pkgs.wine - pkgs.winetricks - ]; - }; - }; - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(ableton) NOPASSWD: ALL - ''; -} diff --git a/nin/2configs/copyq.nix b/nin/2configs/copyq.nix deleted file mode 100644 index 0616c4025..000000000 --- a/nin/2configs/copyq.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ config, pkgs, ... }: -with import <stockholm/lib>; -let - copyqConfig = pkgs.writeDash "copyq-config" '' - ${pkgs.copyq}/bin/copyq config check_clipboard true - ${pkgs.copyq}/bin/copyq config check_selection true - ${pkgs.copyq}/bin/copyq config copy_clipboard true - ${pkgs.copyq}/bin/copyq config copy_selection true - - ${pkgs.copyq}/bin/copyq config activate_closes true - ${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0 - ${pkgs.copyq}/bin/copyq config clipboard_tab clipboard - ${pkgs.copyq}/bin/copyq config disable_tray true - ${pkgs.copyq}/bin/copyq config hide_tabs true - ${pkgs.copyq}/bin/copyq config hide_toolbar true - ${pkgs.copyq}/bin/copyq config item_popup_interval true - ${pkgs.copyq}/bin/copyq config maxitems 1000 - ${pkgs.copyq}/bin/copyq config move true - ${pkgs.copyq}/bin/copyq config text_wrap true - ''; -in { - systemd.user.services.copyq = { - after = [ "graphical.target" ]; - wants = [ "graphical.target" ]; - wantedBy = [ "default.target" ]; - environment = { - DISPLAY = ":0"; - }; - serviceConfig = { - SyslogIdentifier = "copyq"; - ExecStart = "${pkgs.copyq}/bin/copyq"; - ExecStartPost = copyqConfig; - Restart = "always"; - RestartSec = "2s"; - StartLimitBurst = 0; - }; - }; -} diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix deleted file mode 100644 index 250383ca8..000000000 --- a/nin/2configs/default.nix +++ /dev/null @@ -1,173 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; -{ - imports = [ - ../2configs/vim.nix - <stockholm/krebs/2configs/binary-cache/nixos.nix> - <stockholm/krebs/2configs/binary-cache/prism.nix> - { - users.extraUsers = - mapAttrs (_: h: { hashedPassword = h; }) - (import <secrets/hashedPasswords.nix>); - } - { - users.users = { - root = { - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - config.krebs.users.nin_h.pubkey - ]; - }; - nin = { - name = "nin"; - uid = 1337; - home = "/home/nin"; - group = "users"; - createHome = true; - useDefaultShell = true; - extraGroups = [ - "audio" - "fuse" - ]; - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - config.krebs.users.nin_h.pubkey - ]; - }; - }; - } - { - environment.variables = { - NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; - }; - } - (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in { - environment.variables = { - CURL_CA_BUNDLE = ca-bundle; - GIT_SSL_CAINFO = ca-bundle; - SSL_CERT_FILE = ca-bundle; - }; - }) - ]; - - networking.hostName = config.krebs.build.host.name; - nix.maxJobs = config.krebs.build.host.cores; - - krebs = { - enable = true; - dns.search-domain = "r"; - build = { - user = config.krebs.users.nin; - }; - }; - - nix.useSandbox = true; - - users.mutableUsers = false; - - services.timesyncd.enable = true; - - #why is this on in the first place? - services.nscd.enable = false; - - boot.tmpOnTmpfs = true; - # see tmpfiles.d(5) - systemd.tmpfiles.rules = [ - "d /tmp 1777 root root - -" - ]; - - # multiple-definition-problem when defining environment.variables.EDITOR - environment.extraInit = '' - EDITOR=vim - ''; - - nixpkgs.config.allowUnfree = true; - - environment.shellAliases = { - gs = "git status"; - }; - - environment.systemPackages = with pkgs; [ - #stockholm - git - gnumake - jq - proot - pavucontrol - populate - p7zip - termite - unzip - unrar - hashPassword - ]; - - programs.bash = { - enableCompletion = true; - interactiveShellInit = '' - HISTCONTROL='erasedups:ignorespace' - HISTSIZE=65536 - HISTFILESIZE=$HISTSIZE - - shopt -s checkhash - shopt -s histappend histreedit histverify - shopt -s no_empty_cmd_completion - complete -d cd - ''; - promptInit = '' - if test $UID = 0; then - PS1='\[\033[1;31m\]$PWD\[\033[0m\] ' - elif test $UID = 1337; then - PS1='\[\033[1;32m\]$PWD\[\033[0m\] ' - else - PS1='\[\033[1;33m\]\u@$PWD\[\033[0m\] ' - fi - if test -n "$SSH_CLIENT"; then - PS1='\[\033[35m\]\h'" $PS1" - fi - ''; - }; - - services.openssh = { - enable = true; - hostKeys = [ - # XXX bits here make no science - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - - krebs.iptables = { - enable = true; - tables = { - nat.PREROUTING.rules = [ - { predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; } - { predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; } - ]; - nat.OUTPUT.rules = [ - { predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; } - ]; - filter.INPUT.policy = "DROP"; - filter.FORWARD.policy = "DROP"; - filter.INPUT.rules = [ - { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; } - { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } - { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; } - { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } - { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } - { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; } - { predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; } - { predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; } - ]; - }; - }; - - networking.dhcpcd.extraConfig = '' - noipv4ll - ''; -} diff --git a/nin/2configs/games.nix b/nin/2configs/games.nix deleted file mode 100644 index 15e17238d..000000000 --- a/nin/2configs/games.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ config, pkgs, ... }: - -let - mainUser = config.users.extraUsers.mainUser; - vdoom = pkgs.writeDash "vdoom" '' - ${pkgs.zandronum}/bin/zandronum \ - -fov 120 \ - "$@" - ''; - doom = pkgs.writeDash "doom" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${vdoom} \ - -file $DOOM_DIR/lib/brutalv20.pk3 \ - "$@" - ''; - doom1 = pkgs.writeDashBin "doom1" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${doom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@" - ''; - doom2 = pkgs.writeDashBin "doom2" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${doom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@" - ''; - vdoom1 = pkgs.writeDashBin "vdoom1" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${vdoom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@" - ''; - vdoom2 = pkgs.writeDashBin "vdoom2" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${vdoom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@" - ''; - - doomservercfg = pkgs.writeText "doomserver.cfg" '' - skill 7 - #survival true - #sv_maxlives 4 - #sv_norespawn true - #sv_weapondrop true - no_jump true - #sv_noweaponspawn true - sv_sharekeys true - sv_survivalcountdowntime 1 - sv_noteamselect true - sv_updatemaster false - #sv_coop_loseinventory true - #cl_startasspectator false - #lms_spectatorview false - ''; - - vdoomserver = pkgs.writeDashBin "vdoomserver" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - - ${pkgs.zandronum}/bin/zandronum-server \ - +exec ${doomservercfg} \ - "$@" - ''; - -in { - environment.systemPackages = with pkgs; [ - dwarf_fortress - doom1 - doom2 - vdoom1 - vdoom2 - vdoomserver - ]; - - hardware.pulseaudio.support32Bit = true; - -} diff --git a/nin/2configs/git.nix b/nin/2configs/git.nix deleted file mode 100644 index aed4a9f48..000000000 --- a/nin/2configs/git.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; - -let - - out = { - services.nginx.enable = true; - krebs.git = { - enable = true; - cgit = { - settings = { - root-title = "public repositories at ${config.krebs.build.host.name}"; - root-desc = "keep calm and engage"; - }; - }; - repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos; - rules = rules; - }; - - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } - ]; - }; - - repos = public-repos; - - rules = concatMap make-rules (attrValues repos); - - public-repos = mapAttrs make-public-repo { - stockholm = { - cgit.desc = "take all the computers hostage, they'll love you!"; - }; - }; - - make-public-repo = name: { cgit ? {}, ... }: { - inherit cgit name; - public = true; - }; - - make-rules = - with git // config.krebs.users; - repo: - singleton { - user = [ nin nin_h ]; - repo = [ repo ]; - perm = push "refs/*" [ non-fast-forward create delete merge ]; - } ++ - optional repo.public { - user = attrValues config.krebs.users; - repo = [ repo ]; - perm = fetch; - } ++ - optional (length (repo.collaborators or []) > 0) { - user = repo.collaborators; - repo = [ repo ]; - perm = fetch; - }; - -in out diff --git a/nin/2configs/im.nix b/nin/2configs/im.nix deleted file mode 100644 index b078dbd53..000000000 --- a/nin/2configs/im.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, lib, pkgs, ... }: -with import <stockholm/lib>; -{ - environment.systemPackages = with pkgs; [ - (pkgs.writeDashBin "im" '' - export PATH=${makeSearchPath "bin" (with pkgs; [ - tmux - gnugrep - weechat - ])} - ssh chat@onondaga - if tmux list-sessions -F\#S | grep -q '^im''$'; then - exec tmux attach -t im - else - exec tmux new -s im weechat - fi - '') - ]; -} diff --git a/nin/2configs/retiolum.nix b/nin/2configs/retiolum.nix deleted file mode 100644 index 821e3cc00..000000000 --- a/nin/2configs/retiolum.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ ... }: - -{ - - krebs.iptables = { - tables = { - filter.INPUT.rules = [ - { predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; } - { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; } - { predicate = "-p udp --dport tinc"; target = "ACCEPT"; } - ]; - }; - }; - - krebs.tinc.retiolum = { - enable = true; - connectTo = [ - "prism" - "pigstarter" - "gum" - "flap" - ]; - }; - - nixpkgs.config.packageOverrides = pkgs: { - tinc = pkgs.tinc_pre; - }; -} diff --git a/nin/2configs/skype.nix b/nin/2configs/skype.nix deleted file mode 100644 index 621dfae82..000000000 --- a/nin/2configs/skype.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - mainUser = config.users.extraUsers.nin; - inherit (import <stockholm/lib>) genid; - -in { - users.extraUsers = { - skype = { - name = "skype"; - uid = genid "skype"; - description = "user for running skype"; - home = "/home/skype"; - useDefaultShell = true; - extraGroups = [ "audio" "video" ]; - createHome = true; - }; - }; - - krebs.per-user.skype.packages = [ - pkgs.skype - ]; - - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(skype) NOPASSWD: ALL - ''; -} diff --git a/nin/2configs/termite.nix b/nin/2configs/termite.nix deleted file mode 100644 index 942446b01..000000000 --- a/nin/2configs/termite.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = [ - pkgs.termite - ]; - - krebs.per-user.nin.packages = let - termitecfg = pkgs.writeTextFile { - name = "termite-config"; - destination = "/etc/xdg/termite/config"; - text = '' - [colors] - foreground = #d0d7d0 - background = #000000 - ''; - }; - in [ - termitecfg - ]; - -} diff --git a/nin/2configs/vim.nix b/nin/2configs/vim.nix deleted file mode 100644 index 7b5d37611..000000000 --- a/nin/2configs/vim.nix +++ /dev/null @@ -1,355 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; -let - out = { - environment.systemPackages = [ - vim - pkgs.pythonPackages.flake8 - ]; - - environment.etc.vimrc.source = vimrc; - - environment.variables.EDITOR = mkForce "vim"; - environment.variables.VIMINIT = ":so /etc/vimrc"; - }; - - vimrc = pkgs.writeText "vimrc" '' - set nocompatible - - set autoindent - set backspace=indent,eol,start - set backup - set backupdir=${dirs.backupdir}/ - set directory=${dirs.swapdir}// - set hlsearch - set incsearch - set laststatus=2 - set mouse=a - set noruler - set pastetoggle=<INS> - set runtimepath=${extra-runtimepath},$VIMRUNTIME - set shortmess+=I - set showcmd - set showmatch - set ttimeoutlen=0 - set undodir=${dirs.undodir} - set undofile - set undolevels=1000000 - set undoreload=1000000 - set viminfo='20,<1000,s100,h,n${files.viminfo} - set visualbell - set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o - set wildmenu - set wildmode=longest,full - - set et ts=2 sts=2 sw=2 - - filetype plugin indent on - - set t_Co=256 - colorscheme hack - syntax on - - au Syntax * syn match Garbage containedin=ALL /\s\+$/ - \ | syn match TabStop containedin=ALL /\t\+/ - \ | syn keyword Todo containedin=ALL TODO - - au BufRead,BufNewFile *.hs so ${hs.vim} - - au BufRead,BufNewFile *.nix so ${nix.vim} - - au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile - - "Syntastic config - let g:syntastic_python_checkers=['flake8'] - - nmap <esc>q :buffer - nmap <M-q> :buffer - - cnoremap <C-A> <Home> - - noremap <C-c> :q<cr> - vnoremap < <gv - vnoremap > >gv - - nnoremap <esc>[5^ :tabp<cr> - nnoremap <esc>[6^ :tabn<cr> - nnoremap <esc>[5@ :tabm -1<cr> - nnoremap <esc>[6@ :tabm +1<cr> - - nnoremap <f1> :tabp<cr> - nnoremap <f2> :tabn<cr> - inoremap <f1> <esc>:tabp<cr> - inoremap <f2> <esc>:tabn<cr> - - " <C-{Up,Down,Right,Left> - noremap <esc>Oa <nop> | noremap! <esc>Oa <nop> - noremap <esc>Ob <nop> | noremap! <esc>Ob <nop> - noremap <esc>Oc <nop> | noremap! <esc>Oc <nop> - noremap <esc>Od <nop> | noremap! <esc>Od <nop> - " <[C]S-{Up,Down,Right,Left> - noremap <esc>[a <nop> | noremap! <esc>[a <nop> - noremap <esc>[b <nop> | noremap! <esc>[b <nop> - noremap <esc>[c <nop> | noremap! <esc>[c <nop> - noremap <esc>[d <nop> | noremap! <esc>[d <nop> - vnoremap u <nop> - ''; - - extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ - pkgs.vimPlugins.Syntastic - pkgs.vimPlugins.undotree - pkgs.vimPlugins.airline - (pkgs.vimUtils.buildVimPlugin { - name = "file-line-1.0"; - src = pkgs.fetchgit { - url = git://github.com/bogado/file-line; - rev = "refs/tags/1.0"; - sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0"; - }; - }) - ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let - name = "hack"; - in { - name = "vim-color-${name}-1.0.2"; - destination = "/colors/${name}.vim"; - text = /* vim */ '' - set background=dark - hi clear - if exists("syntax_on") - syntax clear - endif - - let colors_name = ${toJSON name} - - hi Normal ctermbg=235 - hi Comment ctermfg=242 - hi Constant ctermfg=062 - hi Identifier ctermfg=068 - hi Function ctermfg=041 - hi Statement ctermfg=167 - hi PreProc ctermfg=167 - hi Type ctermfg=041 - hi Delimiter ctermfg=251 - hi Special ctermfg=062 - - hi Garbage ctermbg=088 - hi TabStop ctermbg=016 - hi Todo ctermfg=174 ctermbg=NONE - - hi NixCode ctermfg=148 - hi NixData ctermfg=149 - hi NixQuote ctermfg=150 - - hi diffNewFile ctermfg=207 - hi diffFile ctermfg=207 - hi diffLine ctermfg=207 - hi diffSubname ctermfg=207 - hi diffAdded ctermfg=010 - hi diffRemoved ctermfg=009 - ''; - }))) - ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let - name = "vim"; - in { - name = "vim-syntax-${name}-1.0.0"; - destination = "/syntax/${name}.vim"; - text = /* vim */ '' - ${concatMapStringsSep "\n" (s: /* vim */ '' - syn keyword vimColor${s} ${s} - \ containedin=ALLBUT,vimComment,vimLineComment - hi vimColor${s} ctermfg=${s} - '') (map (i: lpad 3 "0" (toString i)) (range 0 255))} - ''; - }))) - ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let - name = "showsyntax"; - in { - name = "vim-plugin-${name}-1.0.0"; - destination = "/plugin/${name}.vim"; - text = /* vim */ '' - if exists('g:loaded_showsyntax') - finish - endif - let g:loaded_showsyntax = 0 - - fu! ShowSyntax() - let id = synID(line("."), col("."), 1) - let name = synIDattr(id, "name") - let transName = synIDattr(synIDtrans(id),"name") - if name != transName - let name .= " (" . transName . ")" - endif - echo "Syntax: " . name - endfu - - command! -n=0 -bar ShowSyntax :call ShowSyntax() - ''; - }))) - ]; - - dirs = { - backupdir = "$HOME/.cache/vim/backup"; - swapdir = "$HOME/.cache/vim/swap"; - undodir = "$HOME/.cache/vim/undo"; - }; - files = { - viminfo = "$HOME/.cache/vim/info"; - }; - - mkdirs = let - dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s)); - in assert out != ""; out; - alldirs = attrValues dirs ++ map dirOf (attrValues files); - in unique (sort lessThan alldirs); - - vim = pkgs.writeDashBin "vim" '' - set -efu - (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs}) - exec ${pkgs.vim}/bin/vim "$@" - ''; - - - hs.vim = pkgs.writeText "hs.vim" '' - syn region String start=+\[[[:alnum:]]*|+ end=+|]+ - - hi link ConId Identifier - hi link VarId Identifier - hi link hsDelimiter Delimiter - ''; - - nix.vim = pkgs.writeText "nix.vim" '' - setf nix - - " Ref <nix/src/libexpr/lexer.l> - syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/ - syn match NixINT /\<[0-9]\+\>/ - syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ - syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ - syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/ - syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/ - syn region NixSTRING - \ matchgroup=NixSTRING - \ start='"' - \ skip='\\"' - \ end='"' - syn region NixIND_STRING - \ matchgroup=NixIND_STRING - \ start="'''" - \ skip="'''\('\|[$]\|\\[nrt]\)" - \ end="'''" - - syn match NixOther /[():/;=.,?\[\]]/ - - syn match NixCommentMatch /\(^\|\s\)#.*/ - syn region NixCommentRegion start="/\*" end="\*/" - - hi link NixCode Statement - hi link NixData Constant - hi link NixComment Comment - - hi link NixCommentMatch NixComment - hi link NixCommentRegion NixComment - hi link NixID NixCode - hi link NixINT NixData - hi link NixPATH NixData - hi link NixHPATH NixData - hi link NixSPATH NixData - hi link NixURI NixData - hi link NixSTRING NixData - hi link NixIND_STRING NixData - - hi link NixEnter NixCode - hi link NixOther NixCode - hi link NixQuote NixData - - syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings - syn cluster nix_ind_strings contains=NixIND_STRING - syn cluster nix_strings contains=NixSTRING - - ${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let - startAlts = filter isString [ - ''/\* ${lang} \*/'' - extraStart - ]; - sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*''; - in /* vim */ '' - syn include @nix_${lang}_syntax syntax/${lang}.vim - unlet b:current_syntax - - syn match nix_${lang}_sigil - \ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X - \ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING - \ transparent - - syn region nix_${lang}_region_STRING - \ matchgroup=NixSTRING - \ start='"' - \ skip='\\"' - \ end='"' - \ contained - \ contains=@nix_${lang}_syntax - \ transparent - - syn region nix_${lang}_region_IND_STRING - \ matchgroup=NixIND_STRING - \ start="'''" - \ skip="'''\('\|[$]\|\\[nrt]\)" - \ end="'''" - \ contained - \ contains=@nix_${lang}_syntax - \ transparent - - syn cluster nix_ind_strings - \ add=nix_${lang}_region_IND_STRING - - syn cluster nix_strings - \ add=nix_${lang}_region_STRING - - syn cluster nix_has_dollar_curly - \ add=@nix_${lang}_syntax - '') { - c = {}; - cabal = {}; - haskell = {}; - sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"''; - vim.extraStart = - ''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"''; - })} - - " Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY. - syn clear shVarAssign - - syn region nixINSIDE_DOLLAR_CURLY - \ matchgroup=NixEnter - \ start="[$]{" - \ end="}" - \ contains=TOP - \ containedin=@nix_has_dollar_curly - \ transparent - - syn region nix_inside_curly - \ matchgroup=NixEnter - \ start="{" - \ end="}" - \ contains=TOP - \ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly - \ transparent - - syn match NixQuote /'''\([''$']\|\\.\)/he=s+2 - \ containedin=@nix_ind_strings - \ contained - - syn match NixQuote /\\./he=s+1 - \ containedin=@nix_strings - \ contained - - syn sync fromstart - - let b:current_syntax = "nix" - - set isk=@,48-57,_,192-255,-,' - set bg=dark - ''; -in -out diff --git a/nin/2configs/weechat.nix b/nin/2configs/weechat.nix deleted file mode 100644 index 6c0fb313e..000000000 --- a/nin/2configs/weechat.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (import <stockholm/lib>) genid; -in { - krebs.per-user.chat.packages = with pkgs; [ - mosh - weechat - tmux - ]; - - users.extraUsers.chat = { - home = "/home/chat"; - uid = genid "chat"; - useDefaultShell = true; - createHome = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - ]; - }; -} diff --git a/nin/default.nix b/nin/default.nix deleted file mode 100644 index c31d6d949..000000000 --- a/nin/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -_: -{ - imports = [ - ../krebs - ./2configs - ]; -} diff --git a/nin/krops.nix b/nin/krops.nix deleted file mode 100644 index 52aeb8470..000000000 --- a/nin/krops.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ name }: let - inherit (import ../krebs/krops.nix { inherit name; }) - krebs-source - lib - pkgs - ; - - source = { test }: lib.evalSource [ - (krebs-source { test = test; }) - { - nixos-config.symlink = "stockholm/nin/1systems/${name}/config.nix"; - secrets = if test then { - file = toString ./0tests/dummysecrets; - } else { - pass = { - dir = "${lib.getEnv "HOME"}/.password-store"; - name = "hosts/${name}"; - }; - }; - } - ]; - -in { - # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy) - deploy = pkgs.krops.writeDeploy "${name}-deploy" { - source = source { test = false; }; - target = "root@${name}/var/src"; - }; - - # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) - test = { target }: pkgs.krops.writeTest "${name}-test" { - inherit target; - source = source { test = true; }; - }; -} diff --git a/submodules/krops b/submodules/krops -Subproject ed9fc6658226b1525bc008205d76276f0054c6c +Subproject f1b7112ac3cbe090e96f2c82c525b6db69b8203 diff --git a/tv/5pkgs/haskell/xmonad-tv/src/Paths.hs b/tv/5pkgs/haskell/xmonad-tv/src/Paths.hs index 3a879b5d0..dd21511b4 100644 --- a/tv/5pkgs/haskell/xmonad-tv/src/Paths.hs +++ b/tv/5pkgs/haskell/xmonad-tv/src/Paths.hs @@ -12,6 +12,9 @@ pactl = findExecutable "pactl" passmenu :: FilePath passmenu = findExecutable "passmenu" +pavucontrol :: FilePath +pavucontrol = findExecutable "pavucontrol" + slock :: FilePath slock = findExecutable "slock" diff --git a/tv/5pkgs/haskell/xmonad-tv/src/main.hs b/tv/5pkgs/haskell/xmonad-tv/src/main.hs index c528017d7..400c87ab9 100644 --- a/tv/5pkgs/haskell/xmonad-tv/src/main.hs +++ b/tv/5pkgs/haskell/xmonad-tv/src/main.hs @@ -160,6 +160,7 @@ myKeys conf = Map.fromList $ , ((0, xF86XK_AudioLowerVolume), audioLowerVolume) , ((0, xF86XK_AudioRaiseVolume), audioRaiseVolume) , ((0, xF86XK_AudioMute), audioMute) + , ((_4, xF86XK_AudioMute), pavucontrol []) , ((_4, xK_Prior), forkFile Paths.xcalib ["-invert", "-alter"] Nothing) ] @@ -175,6 +176,8 @@ myKeys conf = Map.fromList $ _4SM = _4 .|. _S .|. _M pactl args = forkFile Paths.pactl args Nothing + pavucontrol args = forkFile Paths.pavucontrol args Nothing + audioLowerVolume = pactl ["--", "set-sink-volume", "@DEFAULT_SINK@", "-5%"] audioRaiseVolume = pactl ["--", "set-sink-volume", "@DEFAULT_SINK@", "+5%"] audioMute = pactl ["--", "set-sink-mute", "@DEFAULT_SINK@", "toggle"] |