diff options
| author | nin <nin@c-base.org> | 2019-09-25 19:42:41 +0200 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2019-09-25 21:36:01 +0200 |
| commit | b6443c712dc0d0782243cc60868b362f6e28031f (patch) | |
| tree | ca2ab8279f39f570527e595794b1f7a63d403d4d /nin | |
| parent | 6a62fd95c616849e7a70fd12eebfacaf12738345 (diff) | |
Revert "remove nin"
This reverts commit 789a6ecc082911f12b22cb559b57cf2f76e6f2ed.
Diffstat (limited to 'nin')
| -rw-r--r-- | nin/0tests/dummysecrets/hashedPasswords.nix | 1 | ||||
| -rw-r--r-- | nin/0tests/dummysecrets/ssh.id_ed25519 | 0 | ||||
| -rw-r--r-- | nin/1systems/axon/config.nix | 132 | ||||
| -rw-r--r-- | nin/1systems/hiawatha/config.nix | 126 | ||||
| -rw-r--r-- | nin/1systems/onondaga/config.nix | 23 | ||||
| -rw-r--r-- | nin/2configs/ableton.nix | 20 | ||||
| -rw-r--r-- | nin/2configs/copyq.nix | 38 | ||||
| -rw-r--r-- | nin/2configs/default.nix | 173 | ||||
| -rw-r--r-- | nin/2configs/games.nix | 70 | ||||
| -rw-r--r-- | nin/2configs/git.nix | 60 | ||||
| -rw-r--r-- | nin/2configs/im.nix | 19 | ||||
| -rw-r--r-- | nin/2configs/retiolum.nix | 28 | ||||
| -rw-r--r-- | nin/2configs/skype.nix | 27 | ||||
| -rw-r--r-- | nin/2configs/termite.nix | 22 | ||||
| -rw-r--r-- | nin/2configs/vim.nix | 355 | ||||
| -rw-r--r-- | nin/2configs/weechat.nix | 21 | ||||
| -rw-r--r-- | nin/default.nix | 7 | ||||
| -rw-r--r-- | nin/krops.nix | 35 |
18 files changed, 1157 insertions, 0 deletions
diff --git a/nin/0tests/dummysecrets/hashedPasswords.nix b/nin/0tests/dummysecrets/hashedPasswords.nix new file mode 100644 index 0000000..0967ef4 --- /dev/null +++ b/nin/0tests/dummysecrets/hashedPasswords.nix @@ -0,0 +1 @@ +{} diff --git a/nin/0tests/dummysecrets/ssh.id_ed25519 b/nin/0tests/dummysecrets/ssh.id_ed25519 new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/nin/0tests/dummysecrets/ssh.id_ed25519 diff --git a/nin/1systems/axon/config.nix b/nin/1systems/axon/config.nix new file mode 100644 index 0000000..5e81afd --- /dev/null +++ b/nin/1systems/axon/config.nix @@ -0,0 +1,132 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, lib, pkgs, ... }: + +with lib; + +{ + imports = [ + <stockholm/nin> + <nixpkgs/nixos/modules/installer/scan/not-detected.nix> + #../2configs/copyq.nix + <stockholm/nin/2configs/ableton.nix> + <stockholm/nin/2configs/games.nix> + <stockholm/nin/2configs/git.nix> + <stockholm/nin/2configs/retiolum.nix> + <stockholm/nin/2configs/termite.nix> + ]; + + krebs.build.host = config.krebs.hosts.axon; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/pool/root"; + fsType = "ext4"; + }; + + fileSystems."/tmp" = + { device = "tmpfs"; + fsType = "tmpfs"; + }; + + fileSystems."/boot" = + { device = "/dev/sda1"; + fsType = "ext2"; + }; + + boot.initrd.luks.devices.crypted.device = "/dev/sda2"; + boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; + + swapDevices = [ ]; + + nix.maxJobs = lib.mkDefault 4; + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + # Define on which hard drive you want to install Grub. + boot.loader.grub.device = "/dev/sda"; + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # nin config + time.timeZone = "Europe/Berlin"; + services.xserver = { + enable = true; + + displayManager.lightdm.enable = true; + }; + + networking.networkmanager.enable = true; + #networking.wireless.enable = true; + + hardware.pulseaudio = { + enable = true; + systemWide = true; + }; + + hardware.bluetooth.enable = true; + + hardware.opengl.driSupport32Bit = true; + + #nixpkgs.config.steam.java = true; + + environment.systemPackages = with pkgs; [ + atom + chromium + firefox + git + htop + keepassx + lmms + networkmanagerapplet + openvpn + python + ruby + steam + taskwarrior + thunderbird + vim + virtmanager + ]; + + nixpkgs.config = { + + allowUnfree = true; + + }; + + #services.logind.extraConfig = "HandleLidSwitch=ignore"; + + services.xserver.synaptics = { + enable = true; + }; + + services.xserver.displayManager.sessionCommands = '' + ${pkgs.xorg.xhost}/bin/xhost + local: + ''; + + services.xserver.desktopManager.xfce = let + xbindConfig = pkgs.writeText "xbindkeysrc" '' + "${pkgs.pass}/bin/passmenu --type" + Control + p + ''; + in { + enable = true; + extraSessionCommands = '' + ${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig} + ''; + }; + + # The NixOS release to be compatible with for stateful data such as databases. + system.stateVersion = "17.03"; + +} diff --git a/nin/1systems/hiawatha/config.nix b/nin/1systems/hiawatha/config.nix new file mode 100644 index 0000000..a09eed9 --- /dev/null +++ b/nin/1systems/hiawatha/config.nix @@ -0,0 +1,126 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, lib, pkgs, ... }: + +with lib; + +{ + imports = [ + <stockholm/nin> + <nixpkgs/nixos/modules/installer/scan/not-detected.nix> + #../2configs/copyq.nix + <stockholm/nin/2configs/games.nix> + <stockholm/nin/2configs/git.nix> + <stockholm/nin/2configs/retiolum.nix> + <stockholm/nin/2configs/termite.nix> + ]; + + krebs.build.host = config.krebs.hosts.hiawatha; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/b83f8830-84f3-4282-b10e-015c4b76bd9e"; + fsType = "ext4"; + }; + + fileSystems."/tmp" = + { device = "tmpfs"; + fsType = "tmpfs"; + }; + + fileSystems."/home" = + { device = "/dev/fam/home"; + }; + + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/2f319b08-2560-401d-b53c-2abd28f1a010"; + fsType = "ext2"; + }; + + boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; + boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; + + swapDevices = [ ]; + + nix.maxJobs = lib.mkDefault 4; + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + # Define on which hard drive you want to install Grub. + boot.loader.grub.device = "/dev/sda"; + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + fileSystems."/home/nin/.local/share/Steam" = { + device = "/dev/fam/steam"; + }; + + # nin config + time.timeZone = "Europe/Berlin"; + services.xserver.enable = true; + + networking.networkmanager.enable = true; + #networking.wireless.enable = true; + + hardware.pulseaudio = { + enable = true; + systemWide = true; + }; + + hardware.bluetooth.enable = true; + + hardware.opengl.driSupport32Bit = true; + + #nixpkgs.config.steam.java = true; + + environment.systemPackages = with pkgs; [ + firefox + git + lmms + networkmanagerapplet + python + steam + thunderbird + vim + virtmanager + ]; + + nixpkgs.config = { + + allowUnfree = true; + + }; + + #services.logind.extraConfig = "HandleLidSwitch=ignore"; + + services.xserver.synaptics = { + enable = true; + }; + + + services.xserver.desktopManager.xfce = let + xbindConfig = pkgs.writeText "xbindkeysrc" '' + "${pkgs.pass}/bin/passmenu --type" + Control + p + ''; + in { + enable = true; + extraSessionCommands = '' + ${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig} + ''; + }; + + # The NixOS release to be compatible with for stateful data such as databases. + system.stateVersion = "17.03"; + +} diff --git a/nin/1systems/onondaga/config.nix b/nin/1systems/onondaga/config.nix new file mode 100644 index 0000000..3cd0773 --- /dev/null +++ b/nin/1systems/onondaga/config.nix @@ -0,0 +1,23 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, lib, pkgs, ... }: + +{ + imports = [ + <stockholm/nin> + <stockholm/nin/2configs/retiolum.nix> + <stockholm/nin/2configs/weechat.nix> + <stockholm/nin/2configs/git.nix> + ]; + + krebs.build.host = config.krebs.hosts.onondaga; + + boot.isContainer = true; + networking.useDHCP = false; + + time.timeZone = "Europe/Amsterdam"; + + services.openssh.enable = true; +} diff --git a/nin/2configs/ableton.nix b/nin/2configs/ableton.nix new file mode 100644 index 0000000..343a908 --- /dev/null +++ b/nin/2configs/ableton.nix @@ -0,0 +1,20 @@ +{ config, pkgs, ... }: let + mainUser = config.users.extraUsers.nin; +in { + users.users= { + ableton = { + isNormalUser = true; + extraGroups = [ + "audio" + "video" + ]; + packages = [ + pkgs.wine + pkgs.winetricks + ]; + }; + }; + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(ableton) NOPASSWD: ALL + ''; +} diff --git a/nin/2configs/copyq.nix b/nin/2configs/copyq.nix new file mode 100644 index 0000000..0616c40 --- /dev/null +++ b/nin/2configs/copyq.nix @@ -0,0 +1,38 @@ +{ config, pkgs, ... }: +with import <stockholm/lib>; +let + copyqConfig = pkgs.writeDash "copyq-config" '' + ${pkgs.copyq}/bin/copyq config check_clipboard true + ${pkgs.copyq}/bin/copyq config check_selection true + ${pkgs.copyq}/bin/copyq config copy_clipboard true + ${pkgs.copyq}/bin/copyq config copy_selection true + + ${pkgs.copyq}/bin/copyq config activate_closes true + ${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0 + ${pkgs.copyq}/bin/copyq config clipboard_tab clipboard + ${pkgs.copyq}/bin/copyq config disable_tray true + ${pkgs.copyq}/bin/copyq config hide_tabs true + ${pkgs.copyq}/bin/copyq config hide_toolbar true + ${pkgs.copyq}/bin/copyq config item_popup_interval true + ${pkgs.copyq}/bin/copyq config maxitems 1000 + ${pkgs.copyq}/bin/copyq config move true + ${pkgs.copyq}/bin/copyq config text_wrap true + ''; +in { + systemd.user.services.copyq = { + after = [ "graphical.target" ]; + wants = [ "graphical.target" ]; + wantedBy = [ "default.target" ]; + environment = { + DISPLAY = ":0"; + }; + serviceConfig = { + SyslogIdentifier = "copyq"; + ExecStart = "${pkgs.copyq}/bin/copyq"; + ExecStartPost = copyqConfig; + Restart = "always"; + RestartSec = "2s"; + StartLimitBurst = 0; + }; + }; +} diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix new file mode 100644 index 0000000..250383c --- /dev/null +++ b/nin/2configs/default.nix @@ -0,0 +1,173 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +{ + imports = [ + ../2configs/vim.nix + <stockholm/krebs/2configs/binary-cache/nixos.nix> + <stockholm/krebs/2configs/binary-cache/prism.nix> + { + users.extraUsers = + mapAttrs (_: h: { hashedPassword = h; }) + (import <secrets/hashedPasswords.nix>); + } + { + users.users = { + root = { + openssh.authorizedKeys.keys = [ + config.krebs.users.nin.pubkey + config.krebs.users.nin_h.pubkey + ]; + }; + nin = { + name = "nin"; + uid = 1337; + home = "/home/nin"; + group = "users"; + createHome = true; + useDefaultShell = true; + extraGroups = [ + "audio" + "fuse" + ]; + openssh.authorizedKeys.keys = [ + config.krebs.users.nin.pubkey + config.krebs.users.nin_h.pubkey + ]; + }; + }; + } + { + environment.variables = { + NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; + }; + } + (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in { + environment.variables = { + CURL_CA_BUNDLE = ca-bundle; + GIT_SSL_CAINFO = ca-bundle; + SSL_CERT_FILE = ca-bundle; + }; + }) + ]; + + networking.hostName = config.krebs.build.host.name; + nix.maxJobs = config.krebs.build.host.cores; + + krebs = { + enable = true; + dns.search-domain = "r"; + build = { + user = config.krebs.users.nin; + }; + }; + + nix.useSandbox = true; + + users.mutableUsers = false; + + services.timesyncd.enable = true; + + #why is this on in the first place? + services.nscd.enable = false; + + boot.tmpOnTmpfs = true; + # see tmpfiles.d(5) + systemd.tmpfiles.rules = [ + "d /tmp 1777 root root - -" + ]; + + # multiple-definition-problem when defining environment.variables.EDITOR + environment.extraInit = '' + EDITOR=vim + ''; + + nixpkgs.config.allowUnfree = true; + + environment.shellAliases = { + gs = "git status"; + }; + + environment.systemPackages = with pkgs; [ + #stockholm + git + gnumake + jq + proot + pavucontrol + populate + p7zip + termite + unzip + unrar + hashPassword + ]; + + programs.bash = { + enableCompletion = true; + interactiveShellInit = '' + HISTCONTROL='erasedups:ignorespace' + HISTSIZE=65536 + HISTFILESIZE=$HISTSIZE + + shopt -s checkhash + shopt -s histappend histreedit histverify + shopt -s no_empty_cmd_completion + complete -d cd + ''; + promptInit = '' + if test $UID = 0; then + PS1='\[\033[1;31m\]$PWD\[\033[0m\] ' + elif test $UID = 1337; then + PS1='\[\033[1;32m\]$PWD\[\033[0m\] ' + else + PS1='\[\033[1;33m\]\u@$PWD\[\033[0m\] ' + fi + if test -n "$SSH_CLIENT"; then + PS1='\[\033[35m\]\h'" $PS1" + fi + ''; + }; + + services.openssh = { + enable = true; + hostKeys = [ + # XXX bits here make no science + { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } + ]; + }; + + services.journald.extraConfig = '' + SystemMaxUse=1G + RuntimeMaxUse=128M + ''; + + krebs.iptables = { + enable = true; + tables = { + nat.PREROUTING.rules = [ + { predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; } + { predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; } + ]; + nat.OUTPUT.rules = [ + { predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; } + ]; + filter.INPUT.policy = "DROP"; + filter.FORWARD.policy = "DROP"; + filter.INPUT.rules = [ + { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; } + { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } + { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; } + { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } + { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } + { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; } + { predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; } + { predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; } + ]; + }; + }; + + networking.dhcpcd.extraConfig = '' + noipv4ll + ''; +} diff --git a/nin/2configs/games.nix b/nin/2configs/games.nix new file mode 100644 index 0000000..15e1723 --- /dev/null +++ b/nin/2configs/games.nix @@ -0,0 +1,70 @@ +{ config, pkgs, ... }: + +let + mainUser = config.users.extraUsers.mainUser; + vdoom = pkgs.writeDash "vdoom" '' + ${pkgs.zandronum}/bin/zandronum \ + -fov 120 \ + "$@" + ''; + doom = pkgs.writeDash "doom" '' + DOOM_DIR=''${DOOM_DIR:-~/doom/} + ${vdoom} \ + -file $DOOM_DIR/lib/brutalv20.pk3 \ + "$@" + ''; + doom1 = pkgs.writeDashBin "doom1" '' + DOOM_DIR=''${DOOM_DIR:-~/doom/} + ${doom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@" + ''; + doom2 = pkgs.writeDashBin "doom2" '' + DOOM_DIR=''${DOOM_DIR:-~/doom/} + ${doom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@" + ''; + vdoom1 = pkgs.writeDashBin "vdoom1" '' + DOOM_DIR=''${DOOM_DIR:-~/doom/} + ${vdoom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@" + ''; + vdoom2 = pkgs.writeDashBin "vdoom2" '' + DOOM_DIR=''${DOOM_DIR:-~/doom/} + ${vdoom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@" + ''; + + doomservercfg = pkgs.writeText "doomserver.cfg" '' + skill 7 + #survival true + #sv_maxlives 4 + #sv_norespawn true + #sv_weapondrop true + no_jump true + #sv_noweaponspawn true + sv_sharekeys true + sv_survivalcountdowntime 1 + sv_noteamselect true + sv_updatemaster false + #sv_coop_loseinventory true + #cl_startasspectator false + #lms_spectatorview false + ''; + + vdoomserver = pkgs.writeDashBin "vdoomserver" '' + DOOM_DIR=''${DOOM_DIR:-~/doom/} + + ${pkgs.zandronum}/bin/zandronum-server \ + +exec ${doomservercfg} \ + "$@" + ''; + +in { + environment.systemPackages = with pkgs; [ + dwarf_fortress + doom1 + doom2 + vdoom1 + vdoom2 + vdoomserver + ]; + + hardware.pulseaudio.support32Bit = true; + +} diff --git a/nin/2configs/git.nix b/nin/2configs/git.nix new file mode 100644 index 0000000..aed4a9f --- /dev/null +++ b/nin/2configs/git.nix @@ -0,0 +1,60 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; + +let + + out = { + services.nginx.enable = true; + krebs.git = { + enable = true; + cgit = { + settings = { + root-title = "public repositories at ${config.krebs.build.host.name}"; + root-desc = "keep calm and engage"; + }; + }; + repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos; + rules = rules; + }; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } + ]; + }; + + repos = public-repos; + + rules = concatMap make-rules (attrValues repos); + + public-repos = mapAttrs make-public-repo { + stockholm = { + cgit.desc = "take all the computers hostage, they'll love you!"; + }; + }; + + make-public-repo = name: { cgit ? {}, ... }: { + inherit cgit name; + public = true; + }; + + make-rules = + with git // config.krebs.users; + repo: + singleton { + user = [ nin nin_h ]; + repo = [ repo ]; + perm = push "refs/*" [ non-fast-forward create delete merge ]; + } ++ + optional repo.public { + user = attrValues config.krebs.users; + repo = [ repo ]; + perm = fetch; + } ++ + optional (length (repo.collaborators or []) > 0) { + user = repo.collaborators; + repo = [ repo ]; + perm = fetch; + }; + +in out diff --git a/nin/2configs/im.nix b/nin/2configs/im.nix new file mode 100644 index 0000000..b078dbd --- /dev/null +++ b/nin/2configs/im.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: +with import <stockholm/lib>; +{ + environment.systemPackages = with pkgs; [ + (pkgs.writeDashBin "im" '' + export PATH=${makeSearchPath "bin" (with pkgs; [ + tmux + gnugrep + weechat + ])} + ssh chat@onondaga + if tmux list-sessions -F\#S | grep -q '^im''$'; then + exec tmux attach -t im + else + exec tmux new -s im weechat + fi + '') + ]; +} diff --git a/nin/2configs/retiolum.nix b/nin/2configs/retiolum.nix new file mode 100644 index 0000000..821e3cc --- /dev/null +++ b/nin/2configs/retiolum.nix @@ -0,0 +1,28 @@ +{ ... }: + +{ + + krebs.iptables = { + tables = { + filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; } + { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; } + { predicate = "-p udp --dport tinc"; target = "ACCEPT"; } + ]; + }; + }; + + krebs.tinc.retiolum = { + enable = true; + connectTo = [ + "prism" + "pigstarter" + "gum" + "flap" + ]; + }; + + nixpkgs.config.packageOverrides = pkgs: { + tinc = pkgs.tinc_pre; + }; +} diff --git a/nin/2configs/skype.nix b/nin/2configs/skype.nix new file mode 100644 index 0000000..621dfae --- /dev/null +++ b/nin/2configs/skype.nix @@ -0,0 +1,27 @@ +{ config, lib, pkgs, ... }: + +let + mainUser = config.users.extraUsers.nin; + inherit (import <stockholm/lib>) genid; + +in { + users.extraUsers = { + skype = { + name = "skype"; + uid = genid "skype"; + description = "user for running skype"; + home = "/home/skype"; + useDefaultShell = true; + extraGroups = [ "audio" "video" ]; + createHome = true; + }; + }; + + krebs.per-user.skype.packages = [ + pkgs.skype + ]; + + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(skype) NOPASSWD: ALL + ''; +} diff --git a/nin/2configs/termite.nix b/nin/2configs/termite.nix new file mode 100644 index 0000000..942446b --- /dev/null +++ b/nin/2configs/termite.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: + +{ + environment.systemPackages = [ + pkgs.termite + ]; + + krebs.per-user.nin.packages = let + termitecfg = pkgs.writeTextFile { + name = "termite-config"; + destination = "/etc/xdg/termite/config"; + text = '' + [colors] + foreground = #d0d7d0 + background = #000000 + ''; + }; + in [ + termitecfg + ]; + +} diff --git a/nin/2configs/vim.nix b/nin/2configs/vim.nix new file mode 100644 index 0000000..7b5d376 --- /dev/null +++ b/nin/2configs/vim.nix @@ -0,0 +1,355 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +let + out = { + environment.systemPackages = [ + vim + pkgs.pythonPackages.flake8 + ]; + + environment.etc.vimrc.source = vimrc; + + environment.variables.EDITOR = mkForce "vim"; + environment.variables.VIMINIT = ":so /etc/vimrc"; + }; + + vimrc = pkgs.writeText "vimrc" '' + set nocompatible + + set autoindent + set backspace=indent,eol,start + set backup + set backupdir=${dirs.backupdir}/ + set directory=${dirs.swapdir}// + set hlsearch + set incsearch + set laststatus=2 + set mouse=a + set noruler + set pastetoggle=<INS> + set runtimepath=${extra-runtimepath},$VIMRUNTIME + set shortmess+=I + set showcmd + set showmatch + set ttimeoutlen=0 + set undodir=${dirs.undodir} + set undofile + set undolevels=1000000 + set undoreload=1000000 + set viminfo='20,<1000,s100,h,n${files.viminfo} + set visualbell + set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o + set wildmenu + set wildmode=longest,full + + set et ts=2 sts=2 sw=2 + + filetype plugin indent on + + set t_Co=256 + colorscheme hack + syntax on + + au Syntax * syn match Garbage containedin=ALL /\s\+$/ + \ | syn match TabStop containedin=ALL /\t\+/ + \ | syn keyword Todo containedin=ALL TODO + + au BufRead,BufNewFile *.hs so ${hs.vim} + + au BufRead,BufNewFile *.nix so ${nix.vim} + + au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile + + "Syntastic config + let g:syntastic_python_checkers=['flake8'] + + nmap <esc>q :buffer + nmap <M-q> :buffer + + cnoremap <C-A> <Home> + + noremap <C-c> :q<cr> + vnoremap < <gv + vnoremap > >gv + + nnoremap <esc>[5^ :tabp<cr> + nnoremap <esc>[6^ :tabn<cr> + nnoremap <esc>[5@ :tabm -1<cr> + nnoremap <esc>[6@ :tabm +1<cr> + + nnoremap <f1> :tabp<cr> + nnoremap <f2> :tabn<cr> + inoremap <f1> <esc>:tabp<cr> + inoremap <f2> <esc>:tabn<cr> + + " <C-{Up,Down,Right,Left> + noremap <esc>Oa <nop> | noremap! <esc>Oa <nop> + noremap <esc>Ob <nop> | noremap! <esc>Ob <nop> + noremap <esc>Oc <nop> | noremap! <esc>Oc <nop> + noremap <esc>Od <nop> | noremap! <esc>Od <nop> + " <[C]S-{Up,Down,Right,Left> + noremap <esc>[a <nop> | noremap! <esc>[a <nop> + noremap <esc>[b <nop> | noremap! <esc>[b <nop> + noremap <esc>[c <nop> | noremap! <esc>[c <nop> + noremap <esc>[d <nop> | noremap! <esc>[d <nop> + vnoremap u <nop> + ''; + + extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ + pkgs.vimPlugins.Syntastic + pkgs.vimPlugins.undotree + pkgs.vimPlugins.airline + (pkgs.vimUtils.buildVimPlugin { + name = "file-line-1.0"; + src = pkgs.fetchgit { + url = git://github.com/bogado/file-line; + rev = "refs/tags/1.0"; + sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0"; + }; + }) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let + name = "hack"; + in { + name = "vim-color-${name}-1.0.2"; + destination = "/colors/${name}.vim"; + text = /* vim */ '' + set background=dark + hi clear + if exists("syntax_on") + syntax clear + endif + + let colors_name = ${toJSON name} + + hi Normal ctermbg=235 + hi Comment ctermfg=242 + hi Constant ctermfg=062 + hi Identifier ctermfg=068 + hi Function ctermfg=041 + hi Statement ctermfg=167 + hi PreProc ctermfg=167 + hi Type ctermfg=041 + hi Delimiter ctermfg=251 + hi Special ctermfg=062 + + hi Garbage ctermbg=088 + hi TabStop ctermbg=016 + hi Todo ctermfg=174 ctermbg=NONE + + hi NixCode ctermfg=148 + hi NixData ctermfg=149 + hi NixQuote ctermfg=150 + + hi diffNewFile ctermfg=207 + hi diffFile ctermfg=207 + hi diffLine ctermfg=207 + hi diffSubname ctermfg=207 + hi diffAdded ctermfg=010 + hi diffRemoved ctermfg=009 + ''; + }))) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let + name = "vim"; + in { + name = "vim-syntax-${name}-1.0.0"; + destination = "/syntax/${name}.vim"; + text = /* vim */ '' + ${concatMapStringsSep "\n" (s: /* vim */ '' + syn keyword vimColor${s} ${s} + \ containedin=ALLBUT,vimComment,vimLineComment + hi vimColor${s} ctermfg=${s} + '') (map (i: lpad 3 "0" (toString i)) (range 0 255))} + ''; + }))) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let + name = "showsyntax"; + in { + name = "vim-plugin-${name}-1.0.0"; + destination = "/plugin/${name}.vim"; + text = /* vim */ '' + if exists('g:loaded_showsyntax') + finish + endif + let g:loaded_showsyntax = 0 + + fu! ShowSyntax() + let id = synID(line("."), col("."), 1) + let name = synIDattr(id, "name") + let transName = synIDattr(synIDtrans(id),"name") + if name != transName + let name .= " (" . transName . ")" + endif + echo "Syntax: " . name + endfu + + command! -n=0 -bar ShowSyntax :call ShowSyntax() + ''; + }))) + ]; + + dirs = { + backupdir = "$HOME/.cache/vim/backup"; + swapdir = "$HOME/.cache/vim/swap"; + undodir = "$HOME/.cache/vim/undo"; + }; + files = { + viminfo = "$HOME/.cache/vim/info"; + }; + + mkdirs = let + dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s)); + in assert out != ""; out; + alldirs = attrValues dirs ++ map dirOf (attrValues files); + in unique (sort lessThan alldirs); + + vim = pkgs.writeDashBin "vim" '' + set -efu + (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs}) + exec ${pkgs.vim}/bin/vim "$@" + ''; + + + hs.vim = pkgs.writeText "hs.vim" '' + syn region String start=+\[[[:alnum:]]*|+ end=+|]+ + + hi link ConId Identifier + hi link VarId Identifier + hi link hsDelimiter Delimiter + ''; + + nix.vim = pkgs.writeText "nix.vim" '' + setf nix + + " Ref <nix/src/libexpr/lexer.l> + syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/ + syn match NixINT /\<[0-9]\+\>/ + syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ + syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ + syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/ + syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/ + syn region NixSTRING + \ matchgroup=NixSTRING + \ start='"' + \ skip='\\"' + \ end='"' + syn region NixIND_STRING + \ matchgroup=NixIND_STRING + \ start="'''" + \ skip="'''\('\|[$]\|\\[nrt]\)" + \ end="'''" + + syn match NixOther /[():/;=.,?\[\]]/ + + syn match NixCommentMatch /\(^\|\s\)#.*/ + syn region NixCommentRegion start="/\*" end="\*/" + + hi link NixCode Statement + hi link NixData Constant + hi link NixComment Comment + + hi link NixCommentMatch NixComment + hi link NixCommentRegion NixComment + hi link NixID Nix |