diff options
| author | tv <tv@krebsco.de> | 2018-07-17 20:22:52 +0200 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2018-07-17 20:22:52 +0200 |
| commit | 3dedfb8de4dc7e741f4db5310739884fba68b5bd (patch) | |
| tree | 25e2955462d2998afe04356128f9d464d1b40b52 | |
| parent | 75aa3b118b6c74b2e87ccf7e3da53aa06fa7d569 (diff) | |
| parent | 74698c904460db569a3c6c8355c0b25a94c98800 (diff) | |
Merge remote-tracking branch 'prism/master'
55 files changed, 1028 insertions, 172 deletions
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index c5f8101ea..371a7052d 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -11,8 +11,22 @@ <stockholm/jeschli/2configs/xserver> ]; - boot.loader.systemd-boot.enable = true; +# boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot"; + boot.loader.grub = { + devices = [ "nodev" ]; + efiSupport = true; + enable = true; + extraEntries = '' + menuentry "Debian" { + insmod ext2 + insmod chain + chainloader /EFI/debian/grubx64.efi + } + ''; + version = 2; + }; jeschliFontSize = 20; @@ -56,7 +70,6 @@ sqlite # internet thunderbird - hipchat chromium google-chrome # programming languages @@ -78,6 +91,7 @@ texlive.combined.scheme-full pandoc redis + vagrant # document viewer zathura ]; @@ -92,14 +106,25 @@ services.printing.enable = true; services.printing.drivers = [ pkgs.postscript-lexmark ]; - # Enable the X11 windowing system. - services.xserver.videoDrivers = [ "nvidia" ]; + services.redis.enable = true; + + services.xserver = { + + desktopManager.session = lib.mkForce []; + + enable = true; + display = 11; + tty = 11; + + dpi = 200; + + videoDrivers = [ "nvidia" ]; + synaptics = { + enable = false; + }; + + }; -# services.xserver.windowManager.xmonad.enable = true; -# services.xserver.windowManager.xmonad.enableContribAndExtras = true; -# services.xserver.displayManager.sddm.enable = true; -# services.xserver.dpi = 100; -# fonts.fontconfig.dpi = 100; users.extraUsers.jeschli = { isNormalUser = true; diff --git a/jeschli/1systems/bln/dcso-vpn.nix b/jeschli/1systems/bln/dcso-vpn.nix new file mode 100644 index 000000000..0a5623bf0 --- /dev/null +++ b/jeschli/1systems/bln/dcso-vpn.nix @@ -0,0 +1,44 @@ +with import <stockholm/lib>; +{ ... }: + +{ + + users.extraUsers = { + dcsovpn = rec { + name = "dcsovpn"; + uid = genid "dcsovpn"; + description = "user for running dcso openvpn"; + home = "/home/${name}"; + }; + }; + + users.extraGroups.dcsovpn.gid = genid "dcsovpn"; + + services.openvpn.servers = { + dcso = { + config = '' + client + dev tun + tun-mtu 1356 + mssfix + proto udp + float + remote 217.111.55.41 1194 + nobind + user dcsovpn + group dcsovpn + persist-key + persist-tun + ca ${toString <secrets/dcsovpn/ca.pem>} + cert ${toString <secrets/dcsovpn/cert.pem>} + key ${toString <secrets/dcsovpn/cert.key>} + verb 3 + mute 20 + auth-user-pass ${toString <secrets/dcsovpn/login.txt>} + route-method exe + route-delay 2 + ''; + updateResolvConf = true; + }; + }; +} diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 49f439a06..5a6ad7652 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -1,5 +1,5 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: { imports = [ <stockholm/jeschli> @@ -8,6 +8,7 @@ <stockholm/jeschli/2configs/emacs.nix> <stockholm/jeschli/2configs/xdg.nix> <stockholm/jeschli/2configs/xserver> + <stockholm/jeschli/2configs/virtualbox.nix> ]; krebs.build.host = config.krebs.hosts.brauerei; @@ -24,9 +25,10 @@ preLVM = true; allowDiscards = true; } ]; - # networking.hostName = "nixos"; +# networking.hostName = "brauerei"; # Define your hostname. - networking.wireless.enable = true; +# networking.wireless.enable = true; + networking.networkmanager.enable = true; # Enables wireless support via wpa_supplicant. # Select internationalisation properties. # i18n = { @@ -66,12 +68,25 @@ chromium google-chrome # programming languages + elixir + elmPackages.elm exercism go gcc ghc python35 python35Packages.pip + (vagrant.override { + bundlerEnv = bundlerEnv.override { + bundler = bundler.overrideAttrs (old: { + name = "bundler-1.16.1"; + src = fetchurl { + url = "https://rubygems.org/gems/bundler-1.16.1.gem"; + sha256 = "1s2nq4qnffxg3kwrk7cnwxcvfihlhxm9absl2l6d3qckf3sy1f22"; + }; + }); + }; + }) # go tools golint gotools @@ -84,6 +99,7 @@ jetbrains.webstorm jetbrains.goland # document viewer + evince zathura # xorg xorg.xbacklight @@ -100,33 +116,29 @@ # Enable the OpenSSH daemon. services.openssh.enable = true; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; + services.xserver = { - # Enable CUPS to print documents. - # services.printing.enable = true; + # Don't install feh into systemPackages + # refs <nixpkgs/nixos/modules/services/x11/desktop-managers> + desktopManager.session = lib.mkForce []; - # Enable the X11 windowing system. - # services.xserver.enable = true; - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; + enable = true; + display = 11; + tty = 11; + + dpi = 96; - # Enable touchpad support. - # services.xserver.libinput.enable = true; +# videoDrivers = [ "nvidia" ]; + synaptics = { + enable = true; + twoFingerScroll = true; + accelFactor = "0.035"; + }; + }; - # Enable the KDE Desktop Environment. - # services.xserver.displayManager.sddm.enable = true; - # services.xserver.desktopManager.plasma5.enable = true; - # services.xserver.displayManager.sddm.enable = true; - # services.xserver.windowManager.xmonad.enable = true; - # services.xserver.windowManager.xmonad.enableContribAndExtras = true; - # - # Define a user account. Don't forget to set a password with ‘passwd’. users.extraUsers.jeschli = { # TODO: define as krebs.users isNormalUser = true; + extraGroups = ["docker" "vboxusers"]; uid = 1000; }; users.extraUsers.jamie = { diff --git a/jeschli/2configs/vim.nix b/jeschli/2configs/vim.nix index c13113f1c..586016f60 100644 --- a/jeschli/2configs/vim.nix +++ b/jeschli/2configs/vim.nix @@ -11,16 +11,24 @@ let sha256 = "08l7ricd3j5h2bj9i566byh39v9n5wj5mj75f2c8a5dsc732b2k7"; }; }; - customPlugins.vim-jsx = pkgs.vimUtils.buildVimPlugin { - name = "vim-jsx"; - src = pkgs.fetchFromGitHub { - owner = "mxw"; - repo = "vim-jsx"; - rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a"; - sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a"; - }; - }; - + customPlugins.vim-jsx = pkgs.vimUtils.buildVimPlugin { + name = "vim-jsx"; + src = pkgs.fetchFromGitHub { + owner = "mxw"; + repo = "vim-jsx"; + rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a"; + sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a"; + }; + }; + customPlugins.vim-fileline = pkgs.vimUtils.buildVimPlugin { + name = "file-line-1.0"; + src = pkgs.fetchFromGitHub { + owner = "bogado"; + repo = "file-line"; + rev = "1.0"; + sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0"; + }; + }; in { environment.systemPackages = [ (pkgs.vim_configurable.customize { @@ -33,6 +41,8 @@ in { setStatements = '' set autowrite set clipboard=unnamedplus + set listchars=trail:¶ + set mouse=a set nocompatible set path+=** set ruler @@ -40,7 +50,6 @@ in { set undofile "turn on the feature set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o set wildmenu - set listchars=trail:¶ ''; remapStatements = '' imap jk <Esc> @@ -91,13 +100,14 @@ in { { names = [ "ctrlp" "easymotion" + "elm-vim" + "vim-fileline" "molokai" "nerdtree" "snipmate" "surround" "Syntastic" "undotree" - "elm-vim" ]; } { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } diff --git a/jeschli/2configs/xserver/default.nix b/jeschli/2configs/xserver/default.nix index 748d12258..ec3977c7e 100644 --- a/jeschli/2configs/xserver/default.nix +++ b/jeschli/2configs/xserver/default.nix @@ -34,26 +34,6 @@ in { }; }; - services.xserver = { - - # Don't install feh into systemPackages - # refs <nixpkgs/nixos/modules/services/x11/desktop-managers> - desktopManager.session = mkForce []; - - enable = true; - display = 11; - tty = 11; - - dpi = 200; - - videoDrivers = [ "nvidia" ]; - synaptics = { - enable = true; - twoFingerScroll = true; - accelFactor = "0.035"; - }; - }; - systemd.services.display-manager.enable = false; systemd.services.xmonad = { diff --git a/jeschli/5pkgs/simple/xmonad-jeschli/default.nix b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix index 60dbbc50c..5aa3c2f96 100644 --- a/jeschli/5pkgs/simple/xmonad-jeschli/default.nix +++ b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix @@ -90,7 +90,7 @@ mainNoArgs = do , startupHook = do setWMName "LG3D" whenJustM (liftIO (lookupEnv "XMONAD_STARTUP_HOOK")) - (\path -> forkFile path [] Nothing) + (\path -> forkFile path [] Nothing) <+> setWMName "LG3D" , normalBorderColor = "#1c1c1c" , focusedBorderColor = "#f000b0" , handleEventHook = handleShutdownEvent @@ -130,13 +130,16 @@ spawnTermAt ws = do let env' = ("XMONAD_SPAWN_WORKSPACE", ws) : env forkFile urxvtcPath [] (Just env') + myKeys :: XConfig Layout -> Map (KeyMask, KeySym) (X ()) myKeys conf = Map.fromList $ [ ((_4 , xK_Escape ), forkFile "/run/wrappers/bin/slock" [] Nothing) , ((_4S , xK_c ), kill) - , ((_4 , xK_p ), forkFile "${pkgs.pass}/bin/passmenu" ["--type"] Nothing) - + , ((_4 , xK_p ), spawn "${pkgs.writeDash "my-dmenu" '' + export PATH=$PATH:${pkgs.dmenu}/bin + exec dmenu_run "$@" + ''}") , ((_4 , xK_x ), chooseAction spawnTermAt) , ((_4C , xK_x ), spawnRootTerm) diff --git a/krebs/1systems/onebutton/config.nix b/krebs/1systems/onebutton/config.nix index dca00a206..b87aef5a3 100644 --- a/krebs/1systems/onebutton/config.nix +++ b/krebs/1systems/onebutton/config.nix @@ -16,6 +16,36 @@ services.nixosManual.enable = false; services.journald.extraConfig = "SystemMaxUse=50M"; } + { + systemd.services.mpc-booter = let + mpc = "${pkgs.mpc_cli}/bin/mpc -h mpd.shack -p 6600"; + url = "http://lassul.us:8000/radio.ogg"; + say = pkgs.writeDash "say" '' + tmpfile=$(${pkgs.coreutils}/bin/mktemp) + echo "$@" > $tmpfile + ${pkgs.curl}/bin/curl -i -H "content-type: text/plain" -X POST -d "@$tmpfile" gobbelz.shack/say/ + rm "$tmpfile" + ''; + in { + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + serviceConfig = { + RemainAfterExit = "yes"; + Type = "oneshot"; + ExecStart = pkgs.writeDash "mpc-boot" '' + until ${mpc} stats;do + echo "waiting for mpd.shack to appear" + sleep 1 + done + ${say} "Willkommen im Shack wertes Mitglied" + + ${say} "Lassulus Super Radio wurde gestartet" + ${mpc} add ${url} + ${mpc} play + ''; + }; + }; + } ]; krebs.build.host = config.krebs.hosts.onebutton; # NixOS wants to enable GRUB by default diff --git a/krebs/1systems/onebutton/source.nix b/krebs/1systems/onebutton/source.nix index 8f25881c9..6842bfaab 100644 --- a/krebs/1systems/onebutton/source.nix +++ b/krebs/1systems/onebutton/source.nix @@ -4,7 +4,7 @@ let nixpkgs = pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs-channels"; - rev = "6c064e6b"; # only binary cache for unstable arm6 + rev = "nixos-unstable"; # only binary cache for unstable arm6 sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd"; }; in import <stockholm/krebs/source.nix> { diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index 04b1c999f..62a5f9ab5 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -63,6 +63,7 @@ in grab_repo = steps.Git( repourl=stockholm_repo, mode='full', + submodules=True, ) ''; builder = { diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix index fa51b84f0..2e63f1385 100644 --- a/krebs/2configs/reaktor-krebs.nix +++ b/krebs/2configs/reaktor-krebs.nix @@ -13,6 +13,9 @@ with import <stockholm/lib>; }; plugins = with pkgs.ReaktorPlugins; [ sed-plugin + task-add + task-delete + task-list ] ++ (attrValues (todo "agenda")) ; diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index a938f8ec9..e6eb3d287 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -174,5 +174,8 @@ in { mail = "spam@krebsco.de"; pubkey = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwuAZB3wtAvBJFYh+gWdyGaZU4mtqM2dFXmh2rORlbXeh02msu1uv07ck1VKkQ4LgvCBcBsAOeVa1NTz99eLqutwgcqMCytvRNUCibcoEWwHObsK53KhDJj+zotwlFhnPPeK9+EpOP4ngh/tprJikttos5BwBwe2K+lfiid3fmVPZcTTYa77nCwijimMvWEx6CEjq1wiXMUc4+qcEn8Swbwomz/EEQdNE2hgoC3iMW9RqduTFdIJWnjVi0KaxenX9CvQRGbVK5SSu2gwzN59D/okQOCP6+p1gL5r3QRHSLSSRiEHctVQTkpKOifrtLZGSr5zArEmLd/cOVyssHQPCX repo-sync@wolf''; }; + buildbotSlave = { + pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7cre2crQMI6O4XtIfIiGl1GUqIi060fJlOQJgG0/NH"; + }; }; } diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index fd74983fa..e2322e171 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -66,6 +66,7 @@ with import <stockholm/lib>; ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; nets = rec { diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index d7a750c6e..c5404f96d 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -520,6 +520,38 @@ with import <stockholm/lib>; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5ZmJSypW3LXIJ67DdbxMxCfLtORFkl5jEuD131S5Tr"; }; + nextgum = rec { + ci = true; + cores = 8; + nets = rec { + internet = { + ip4.addr = "144.76.26.247"; + ip6.addr = "2a01:4f8:191:12f6::2"; + aliases = [ + "nextgum.i" + ]; + }; + retiolum = { + via = internet; + ip4.addr = "10.243.0.213"; + ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3"; + aliases = [ + "nextgum.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAucCebFmS96WorD+Br4UQudmAhMlLpacErjwA/u2argBTT2nGHTR8 + aN4e0xf3IYLA+iogLIW/JuQfKLe8evEK21iZ3jleW8N7mbCulhasi/0lqWlirrpO + npJAiSNF1m7ijoylkEKxtmehze+8ojprUT2hx1ImMlHMWGxvs+TmBbZBMgxAGMJh + 6cMMDJQi+4d9XrJQ3+XUVK3MkviLA91oIAXsLdFptL6b12siUaz4StQXDJUHemBF + 3ZwlO+W2Es69ifEhmV6NaDDRcSRdChGbHTz1OU8wYaFNaxWla/iprQQ+jEUldpcN + VC18QGYRUAgZ0PCIpKurjWNehJFB3zXt+wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum"; + }; gum = rec { ci = true; diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index 2df76fb2f..db578c457 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -121,26 +121,56 @@ rec { pattern = "^.*(?P<args>http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$"; path = with pkgs; [ curl perl ]; script = pkgs.writePython3 "url-title" [ "beautifulsoup4" "lxml" ] '' + import cgi import sys import urllib.request from bs4 import BeautifulSoup try: - soup = BeautifulSoup(urllib.request.urlopen(sys.argv[1]), "lxml") - title = soup.find('title').string - - if title: - if len(title) > 512: - print('message to long, skipped') - |