summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-05-09 11:07:27 +0200
committertv <tv@krebsco.de>2018-05-09 11:07:27 +0200
commit3f3c12dcd06ba211a484aabf011880a83e5832fd (patch)
treee713b5f6e9084c3ff5cf185a1aafc12437822ea8
parentedafe24e94252e2be936a760ce47485c8e4fa0af (diff)
parentaf75b96fbe412527c4bf9129de850bcab3e7c7cb (diff)
Merge remote-tracking branch 'prism/master' (despite bad style)
-rw-r--r--jeschli/1systems/bln/config.nix45
-rw-r--r--jeschli/1systems/bln/hardware-configuration.nix2
-rw-r--r--jeschli/1systems/brauerei/config.nix30
-rw-r--r--jeschli/2configs/emacs.nix27
-rw-r--r--jeschli/2configs/xdg.nix14
-rw-r--r--jeschli/2configs/xserver/Xmodmap.nix27
-rw-r--r--jeschli/2configs/xserver/Xresources.nix56
-rw-r--r--jeschli/2configs/xserver/default.nix144
-rw-r--r--jeschli/2configs/xserver/xserver.conf.nix40
-rw-r--r--jeschli/2configs/zsh.nix4
-rw-r--r--jeschli/5pkgs/default.nix11
-rw-r--r--jeschli/5pkgs/simple/default.nix24
-rw-r--r--jeschli/5pkgs/simple/xmonad-jeschli/default.nix296
-rw-r--r--jeschli/default.nix6
-rw-r--r--krebs/1systems/hope/config.nix41
-rw-r--r--krebs/1systems/hope/source.nix3
-rw-r--r--krebs/1systems/hotdog/config.nix1
-rw-r--r--krebs/1systems/onebutton/config.nix22
-rw-r--r--krebs/2configs/news-spam.nix3
-rw-r--r--krebs/2configs/news.nix2
-rw-r--r--krebs/2configs/shack/worlddomination.nix85
-rw-r--r--krebs/3modules/krebs/default.nix32
-rw-r--r--krebs/3modules/lass/default.nix95
-rw-r--r--krebs/3modules/lass/pgp/icarus.pgp51
-rw-r--r--krebs/3modules/makefu/default.nix1
-rw-r--r--krebs/3modules/newsbot-js.nix1
-rw-r--r--krebs/kops.nix2
-rw-r--r--lass/1systems/cabal/config.nix2
-rw-r--r--lass/1systems/daedalus/config.nix2
-rw-r--r--lass/1systems/echelon/config.nix50
-rw-r--r--lass/1systems/helios/config.nix38
-rw-r--r--lass/1systems/icarus/config.nix12
-rw-r--r--lass/1systems/littleT/config.nix2
-rw-r--r--lass/1systems/mors/config.nix11
-rw-r--r--lass/1systems/prism/config.nix96
-rw-r--r--lass/1systems/red/config.nix31
-rw-r--r--lass/1systems/red/source.nix (renamed from lass/1systems/echelon/source.nix)3
-rw-r--r--lass/1systems/shodan/config.nix2
-rw-r--r--lass/1systems/skynet/config.nix1
-rw-r--r--lass/1systems/xerxes/source.nix6
-rw-r--r--lass/2configs/AP.nix77
-rw-r--r--lass/2configs/backup.nix20
-rw-r--r--lass/2configs/backups.nix173
-rw-r--r--lass/2configs/baseX.nix2
-rw-r--r--lass/2configs/bitcoin.nix10
-rw-r--r--lass/2configs/dcso-dev.nix1
-rw-r--r--lass/2configs/default.nix3
-rw-r--r--lass/2configs/dns-stuff.nix16
-rw-r--r--lass/2configs/exim-smarthost.nix1
-rw-r--r--lass/2configs/gc.nix2
-rw-r--r--lass/2configs/git.nix14
-rw-r--r--lass/2configs/go.nix19
-rw-r--r--lass/2configs/mail.nix5
-rw-r--r--lass/2configs/monitoring/client.nix26
-rw-r--r--lass/2configs/monitoring/monit-alarms.nix44
-rw-r--r--lass/2configs/monitoring/node-exporter.nix6
-rw-r--r--lass/2configs/monitoring/prometheus-server.nix50
-rw-r--r--lass/2configs/monitoring/server.nix87
-rw-r--r--lass/2configs/repo-sync.nix1
-rw-r--r--lass/2configs/websites/lassulus.nix56
-rw-r--r--lass/2configs/websites/util.nix69
-rw-r--r--lass/2configs/zsh.nix4
-rw-r--r--lass/3modules/default.nix1
-rw-r--r--lass/3modules/nichtparasoup.nix48
-rw-r--r--lass/5pkgs/custom/xmonad-lass/default.nix2
-rw-r--r--lass/5pkgs/nichtparasoup/default.nix15
-rw-r--r--lass/5pkgs/nichtparasoup/exception.patch13
-rw-r--r--lib/types.nix8
-rw-r--r--makefu/1systems/gum/config.nix1
-rw-r--r--makefu/1systems/gum/source.nix1
-rw-r--r--makefu/1systems/omo/config.nix5
-rw-r--r--makefu/1systems/wbob/config.nix3
-rw-r--r--makefu/2configs/hw/network-manager.nix3
-rw-r--r--makefu/2configs/nginx/euer.mon.nix26
-rw-r--r--makefu/2configs/tools/core-gui.nix4
-rw-r--r--makefu/source.nix51
-rw-r--r--nin/2configs/vim.nix1
77 files changed, 1404 insertions, 785 deletions
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index c9a7a34e2..c5f8101ea 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -1,13 +1,15 @@
{ config, lib, pkgs, ... }:
# bln config file
{
- imports =
- [ <stockholm/jeschli>
- <stockholm/jeschli/2configs/virtualbox.nix>
- <stockholm/jeschli/2configs/urxvt.nix>
- <stockholm/jeschli/2configs/emacs.nix>
- ./hardware-configuration.nix
- ];
+ imports = [
+ ./hardware-configuration.nix
+ <stockholm/jeschli>
+ <stockholm/jeschli/2configs/virtualbox.nix>
+ <stockholm/jeschli/2configs/urxvt.nix>
+ <stockholm/jeschli/2configs/emacs.nix>
+ <stockholm/jeschli/2configs/xdg.nix>
+ <stockholm/jeschli/2configs/xserver>
+ ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
@@ -91,18 +93,17 @@
services.printing.drivers = [ pkgs.postscript-lexmark ];
# Enable the X11 windowing system.
- services.xserver.enable = true;
services.xserver.videoDrivers = [ "nvidia" ];
- services.xserver.windowManager.xmonad.enable = true;
- services.xserver.windowManager.xmonad.enableContribAndExtras = true;
- services.xserver.displayManager.sddm.enable = true;
- services.xserver.dpi = 100;
- fonts.fontconfig.dpi = 100;
+# services.xserver.windowManager.xmonad.enable = true;
+# services.xserver.windowManager.xmonad.enableContribAndExtras = true;
+# services.xserver.displayManager.sddm.enable = true;
+# services.xserver.dpi = 100;
+# fonts.fontconfig.dpi = 100;
users.extraUsers.jeschli = {
isNormalUser = true;
- extraGroups = ["docker" "vboxusers"];
+ extraGroups = ["docker" "vboxusers" "audio"];
uid = 1000;
};
@@ -122,15 +123,17 @@
# DCSO Certificates
security.pki.certificateFiles = [
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "14vz9c0fk6li0a26vx0s5ha6y3yivnshx9pjlh9vmnpkbph5a7rh"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "0r1dd48a850cv7whk4g2maik550rd0vsrsl73r6x0ivzz7ap1xz5"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "0b5cdchdkvllnr0kz35d8jrmrf9cjw0kd98mmvzr0x6nkc8hwpdy"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "0rn57zv1ry9vj4p2248mxmafmqqmdhbrfx1plszrxsphshbk2hfz"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "0w88qaqhwxzvdkx40kzj2gka1yi85ipppjdkxah4mscwfhlryrnk"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; })
+ (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "006j61q2z44z6d92638iin6r46r4cj82ipwm37784h34i5x4mp0d"; })
+ (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "1nkd1rjcn02q9xxjg7sw79lbwy08i7hb4v4pn98djknvcmplpz5m"; })
+ (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "094m12npglnnv1nf1ijcv70p8l15l00id44qq7rwynhcgxi5539i"; })
+
+ (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "1anfncdf5xsp219kryncv21ra87flpzcjwcc85hzvlwbxhid3g4x"; })
+ (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "035kkfizyl5dndj7rhvmy91rr75lakqbqgjx4dpiw0kqq369mz8r"; })
+ (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "14fpzx1qjs9ws9sz0y7pb6j40336xlckkqcm2rc5j86yn7r22lp7"; })
+ (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "1yjl3kyw4chc8vw7bnqac2h9vn8dxryw7lr7i03lqi9sdvs4108s"; })
];
+
hardware.bluetooth.enable = true;
krebs.build.host = config.krebs.hosts.bln;
}
diff --git a/jeschli/1systems/bln/hardware-configuration.nix b/jeschli/1systems/bln/hardware-configuration.nix
index b774bfc19..35f0b3bca 100644
--- a/jeschli/1systems/bln/hardware-configuration.nix
+++ b/jeschli/1systems/bln/hardware-configuration.nix
@@ -30,4 +30,6 @@
nix.maxJobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = "powersave";
+
+ hardware.pulseaudio.enable = true;
}
diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix
index 1203720a5..49f439a06 100644
--- a/jeschli/1systems/brauerei/config.nix
+++ b/jeschli/1systems/brauerei/config.nix
@@ -6,6 +6,8 @@
./hardware-configuration.nix
<stockholm/jeschli/2configs/urxvt.nix>
<stockholm/jeschli/2configs/emacs.nix>
+ <stockholm/jeschli/2configs/xdg.nix>
+ <stockholm/jeschli/2configs/xserver>
];
krebs.build.host = config.krebs.hosts.brauerei;
@@ -57,7 +59,6 @@
terminator
tmux
wget
- # rxvt_unicode
# editors
emacs
# internet
@@ -65,6 +66,7 @@
chromium
google-chrome
# programming languages
+ exercism
go
gcc
ghc
@@ -73,6 +75,9 @@
# go tools
golint
gotools
+ # rust
+ cargo
+ rustc
# dev tools
gnumake
jetbrains.pycharm-professional
@@ -105,8 +110,8 @@
# services.printing.enable = true;
# Enable the X11 windowing system.
- services.xserver.enable = true;
- services.xserver.layout = "us";
+ # services.xserver.enable = true;
+ # services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
# Enable touchpad support.
@@ -115,18 +120,18 @@
# Enable the KDE Desktop Environment.
# services.xserver.displayManager.sddm.enable = true;
# services.xserver.desktopManager.plasma5.enable = true;
- services.xserver.displayManager.sddm.enable = true;
- services.xserver.windowManager.xmonad.enable = true;
- services.xserver.windowManager.xmonad.enableContribAndExtras = true;
-#
+ # services.xserver.displayManager.sddm.enable = true;
+ # services.xserver.windowManager.xmonad.enable = true;
+ # services.xserver.windowManager.xmonad.enableContribAndExtras = true;
+ #
# Define a user account. Don't forget to set a password with ‘passwd’.
- users.extraUsers.jeschli = {
+ users.extraUsers.jeschli = { # TODO: define as krebs.users
isNormalUser = true;
uid = 1000;
};
users.extraUsers.jamie = {
isNormalUser = true;
- uid = 1001;
+ uid = 1001; # TODO genid
};
users.users.root.openssh.authorizedKeys.keys = [
@@ -139,4 +144,11 @@
# should.
system.stateVersion = "17.09"; # Did you read the comment?
+ hardware.trackpoint = {
+ enable = true;
+ sensitivity = 220;
+ speed = 0;
+ emulateWheel = true;
+ };
+
}
diff --git a/jeschli/2configs/emacs.nix b/jeschli/2configs/emacs.nix
index d9e6c854a..4c52432d3 100644
--- a/jeschli/2configs/emacs.nix
+++ b/jeschli/2configs/emacs.nix
@@ -31,6 +31,7 @@ let
(scroll-bar-mode -1) ; Disable scroll bar
(setq inhibit-startup-screen t) ; Disable startup screen with graphics
(setq-default indent-tabs-mode nil) ; Use spaces instead of tabs
+ (setq default-tab-width 2) ; Two spaces is a tab
(setq tab-width 2) ; Four spaces is a tab
(setq visible-bell nil) ; Disable annoying visual bell graphic
(setq ring-bell-function 'ignore) ; Disable super annoying audio bell
@@ -45,30 +46,26 @@ let
(setq org-agenda-files (quote ("~/projects/notes")))
)
'';
- emacsFile = ''
+ recentFiles = ''
+ (recentf-mode 1)
+ (setq recentf-max-menu-items 25)
+ (global-set-key "\C-x\ \C-r" 'recentf-open-files)
+ '';
+ dotEmacs = pkgs.writeText "dot-emacs" ''
${packageRepos}
+ ${orgMode}
+ ${recentFiles}
${windowCosmetics}
- (custom-set-variables
- ;; custom-set-variables was added by Custom.
- ;; If you edit it by hand, you could mess it up, so be careful.
- ;; Your init file should contain only one such instance.
- ;; If there is more than one, they won't work right.
- '(inhibit-startup-screen t)
- '(org-agenda-files nil)
- '(package-selected-packages
- (quote
- (smex ox-jira org-plus-contrib org-mime org-jira neotree molokai-theme let-alist helm-fuzzy-find go-guru go-autocomplete flymake-go exec-path-from-shell evil-org cl-lib-highlight bbdb atom-one-dark-theme))))
- ${orgMode}
'';
- dotEmacs = pkgs.writeText "dot-emacs" emacsFile;
- emacs = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [
+ emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [
epkgs.melpaStablePackages.magit
epkgs.melpaPackages.mmm-mode
epkgs.melpaPackages.nix-mode
epkgs.melpaPackages.go-mode
+ epkgs.melpaPackages.google-this
]);
myEmacs = pkgs.writeDashBin "my-emacs" ''
- exec ${emacs}/bin/emacs -q -l ${dotEmacs} "$@"
+ exec ${emacsWithCustomPackages}/bin/emacs -q -l ${dotEmacs} "$@"
'';
in {
environment.systemPackages = [
diff --git a/jeschli/2configs/xdg.nix b/jeschli/2configs/xdg.nix
new file mode 100644
index 000000000..18bac9b38
--- /dev/null
+++ b/jeschli/2configs/xdg.nix
@@ -0,0 +1,14 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+
+{
+ environment.variables.XDG_RUNTIME_DIR = "/run/xdg/$LOGNAME";
+
+ systemd.tmpfiles.rules = let
+ forUsers = flip map users;
+ isUser = { name, group, ... }:
+ name == "root" || hasSuffix "users" group;
+ users = filter isUser (mapAttrsToList (_: id) config.users.users);
+ in forUsers (u: "d /run/xdg/${u.name} 0700 ${u.name} ${u.group} -");
+}
diff --git a/jeschli/2configs/xserver/Xmodmap.nix b/jeschli/2configs/xserver/Xmodmap.nix
new file mode 100644
index 000000000..d2b1b2604
--- /dev/null
+++ b/jeschli/2configs/xserver/Xmodmap.nix
@@ -0,0 +1,27 @@
+{ config, pkgs, ... }:
+
+with import <stockholm/lib>;
+
+pkgs.writeText "Xmodmap" ''
+ !keycode 66 = Caps_Lock
+ !remove Lock = Caps_Lock
+ clear Lock
+
+ ! caps lock
+ keycode 66 = Mode_switch
+
+ keycode 13 = 4 dollar EuroSign cent
+ keycode 30 = u U udiaeresis Udiaeresis
+ keycode 32 = o O odiaeresis Odiaeresis
+ keycode 38 = a A adiaeresis Adiaeresis
+ keycode 39 = s S ssharp
+
+ keycode 33 = p P Greek_pi Greek_PI
+ keycode 46 = l L Greek_lambda Greek_LAMBDA
+
+ keycode 54 = c C cacute Cacute
+
+ ! BULLET OPERATOR
+ keycode 17 = 8 asterisk U2219
+ keycode 27 = r R r U211D
+''
diff --git a/jeschli/2configs/xserver/Xresources.nix b/jeschli/2configs/xserver/Xresources.nix
new file mode 100644
index 000000000..e8154912c
--- /dev/null
+++ b/jeschli/2configs/xserver/Xresources.nix
@@ -0,0 +1,56 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+
+pkgs.writeText "Xresources" /* xdefaults */ ''
+ Xcursor.theme: aero-large-drop
+ Xcursor.size: 128
+ Xft.dpi: 144
+
+ URxvt*cutchars: "\\`\"'&()*,;<=>?@[]^{|}‘’"
+ URxvt*eightBitInput: false
+ URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
+ URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
+ URxvt*scrollBar: false
+ URxvt*background: #050505
+ URxvt*foreground: #d0d7d0
+ URxvt*cursorColor: #f042b0
+ URxvt*cursorColor2: #f0b000
+ URxvt*cursorBlink: off
+ URxvt*jumpScroll: true
+ URxvt*allowSendEvents: false
+ URxvt*charClass: 33:48,37:48,45-47:48,64:48,38:48,61:48,63:48
+ URxvt*cutNewline: False
+ URxvt*cutToBeginningOfLine: False
+
+ URxvt*color0: #232342
+ URxvt*color3: #c07000
+ URxvt*color4: #4040c0
+ URxvt*color7: #c0c0c0
+ URxvt*color8: #707070
+ URxvt*color9: #ff6060
+ URxvt*color10: #70ff70
+ URxvt*color11: #ffff70
+ URxvt*color12: #7070ff
+ URxvt*color13: #ff50ff
+ URxvt*color14: #70ffff
+ URxvt*color15: #ffffff
+
+ URxvt*iso14755: False
+
+ URxvt*urgentOnBell: True
+ URxvt*visualBell: True
+
+ ! ref https://github.com/muennich/urxvt-perls
+ URxvt*perl-ext: default,url-select
+ URxvt*keysym.M-u: perl:url-select:select_next
+ URxvt*url-select.underline: true
+ URxvt*colorUL: #4682B4
+ URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl
+ URxvt*saveLines: 10000
+
+ root-urxvt*background: #230000
+ root-urxvt*foreground: #e0c0c0
+ root-urxvt*BorderColor: #400000
+ root-urxvt*color0: #800000
+''
diff --git a/jeschli/2configs/xserver/default.nix b/jeschli/2configs/xserver/default.nix
new file mode 100644
index 000000000..748d12258
--- /dev/null
+++ b/jeschli/2configs/xserver/default.nix
@@ -0,0 +1,144 @@
+{ config, pkgs, ... }@args:
+with import <stockholm/lib>;
+let
+ cfg = {
+ cacheDir = cfg.dataDir;
+ configDir = "/var/empty";
+ dataDir = "/run/xdg/${cfg.user.name}/xmonad";
+ user = config.krebs.users.jeschli;
+ };
+in {
+
+ environment.systemPackages = [
+ pkgs.font-size
+ pkgs.gitAndTools.qgit
+ pkgs.mpv
+ pkgs.sxiv
+ pkgs.xdotool
+ pkgs.xsel
+ pkgs.zathura
+ ];
+
+ fonts.fonts = [
+ pkgs.xlibs.fontschumachermisc
+ ];
+
+ # TODO dedicated group, i.e. with a single user [per-user-setuid]
+ # TODO krebs.setuid.slock.path vs /run/wrappers/bin
+ krebs.setuid.slock = {
+ filename = "${pkgs.slock}/bin/slock";