summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2016-06-23 17:04:07 +0200
committermakefu <github@syntax-fehler.de>2016-06-23 17:04:07 +0200
commit271a59b1d6222f7336fac427631ee5bb569a000e (patch)
tree804b845cebb530001e79b16ddcb70d2d12d8c7f5 /lass/2configs
parentd5e0dcccd074d7e63cfa7fff35782cb92c101270 (diff)
parenta8dcedbb99151ce396d58573f339fa34d7537fa1 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/baseX.nix11
-rw-r--r--lass/2configs/buildbot-standalone.nix61
-rw-r--r--lass/2configs/c-base.nix (renamed from lass/2configs/cbase.nix)0
-rw-r--r--lass/2configs/default.nix7
-rw-r--r--lass/2configs/exim-smarthost.nix1
-rw-r--r--lass/2configs/mail.nix7
-rw-r--r--lass/2configs/nixpkgs.nix2
-rw-r--r--lass/2configs/power-action.nix41
-rw-r--r--lass/2configs/pulse.nix96
-rw-r--r--lass/2configs/radio.nix10
-rw-r--r--lass/2configs/vim.nix463
-rw-r--r--lass/2configs/websites/fritz.nix14
12 files changed, 546 insertions, 167 deletions
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 7e969b3ed..6d26ff89a 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -8,7 +8,13 @@ in {
#./urxvt.nix
./xserver
./mpv.nix
+ #./pulse.nix
+ ./power-action.nix
];
+ hardware.pulseaudio = {
+ enable = true;
+ systemWide = true;
+ };
users.extraUsers.mainUser.extraGroups = [ "audio" ];
@@ -16,11 +22,6 @@ in {
virtualisation.libvirtd.enable = true;
- hardware.pulseaudio = {
- enable = true;
- systemWide = true;
- };
-
programs.ssh.startAgent = false;
security.setuidPrograms = [ "slock" ];
diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix
index b70cf9da8..7d3c236a6 100644
--- a/lass/2configs/buildbot-standalone.nix
+++ b/lass/2configs/buildbot-standalone.nix
@@ -1,6 +1,14 @@
{ lib, config, pkgs, ... }:
-{
- krebs.buildbot.master = let
+
+with config.krebs.lib;
+
+let
+ sshWrapper = pkgs.writeDash "ssh-wrapper" ''
+ ${pkgs.openssh}/bin/ssh -i ${shell.escape config.lass.build-ssh-privkey.path} "$@"
+ '';
+
+in {
+ config.krebs.buildbot.master = let
stockholm-mirror-url = http://cgit.prism/stockholm ;
in {
slaves = {
@@ -44,11 +52,15 @@
grab_repo = steps.Git(repourl=stockholm_repo, mode='incremental')
# TODO: get nixpkgs/stockholm paths from krebs
- env = {"LOGNAME": "lass", "NIX_REMOTE": "daemon", "dummy_secrets": "true"}
+ env = {
+ "LOGNAME": "lass",
+ "NIX_REMOTE": "daemon",
+ "dummy_secrets": "true",
+ }
# prepare nix-shell
# the dependencies which are used by the test script
- deps = [ "gnumake", "jq", "nix", "rsync" ]
+ deps = [ "gnumake", "jq", "nix", "rsync", "proot" ]
# TODO: --pure , prepare ENV in nix-shell command:
# SSL_CERT_FILE,LOGNAME,NIX_REMOTE
nixshell = ["nix-shell",
@@ -68,12 +80,12 @@
for i in [ "mors", "uriel", "shodan", "helios", "cloudkrebs", "echelon", "dishfire", "prism" ]:
addShell(f,name="build-{}".format(i),env=env,
command=nixshell + \
- ["nix-build \
- --show-trace --no-out-link \
- -I nixos-config=./lass/1systems/{}.nix \
- -I secrets=./lass/2configs/tests/dummy-secrets \
- -I stockholm=. \
- -A config.system.build.toplevel".format(i)])
+ ["make \
+ test \
+ ssh=${sshWrapper} \
+ target=build@localhost:${config.users.users.build.home}/testbuild \
+ method=build \
+ system={}".format(i)])
bu.append(util.BuilderConfig(name="build-all",
slavenames=slavenames,
@@ -115,7 +127,7 @@
};
};
- krebs.buildbot.slave = {
+ config.krebs.buildbot.slave = {
enable = true;
masterhost = "localhost";
username = "testslave";
@@ -125,7 +137,7 @@
NIX_PATH="nixpkgs=/var/src/nixpkgs";
};
};
- krebs.iptables = {
+ config.krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 8010"; target = "ACCEPT"; }
@@ -133,4 +145,29 @@
];
};
};
+
+ #ssh workaround for make test
+ options.lass.build-ssh-privkey = mkOption {
+ type = types.secret-file;
+ default = {
+ path = "${config.users.users.buildbotSlave.home}/ssh.privkey";
+ owner = { inherit (config.users.users.buildbotSlave ) name uid;};
+ source-path = toString <secrets> + "/build.ssh.key";
+ };
+ };
+ config.krebs.secret.files = {
+ build-ssh-privkey = config.lass.build-ssh-privkey;
+ };
+ config.users.users = {
+ build = {
+ name = "build";
+ uid = genid "build";
+ home = "/home/build";
+ useDefaultShell = true;
+ createHome = true;
+ openssh.authorizedKeys.keys = [
+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP lass@mors"
+ ];
+ };
+ };
}
diff --git a/lass/2configs/cbase.nix b/lass/2configs/c-base.nix
index 9d13bc30d..9d13bc30d 100644
--- a/lass/2configs/cbase.nix
+++ b/lass/2configs/c-base.nix
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index deb3c46c2..9e0e37e48 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -59,12 +59,13 @@ with config.krebs.lib;
user = config.krebs.users.lass;
source = mapAttrs (_: mkDefault) ({
nixos-config = "symlink:stockholm/lass/1systems/${config.krebs.build.host.name}.nix";
- secrets =
- if getEnv "dummy_secrets" == "true"
+ secrets = if getEnv "dummy_secrets" == "true"
then toString <stockholm/lass/2configs/tests/dummy-secrets>
else "/home/lass/secrets/${config.krebs.build.host.name}";
#secrets-common = "/home/lass/secrets/common";
- stockholm = "/home/lass/stockholm";
+ stockholm = if getEnv "dummy_secrets" == "true"
+ then "/var/lib/buildbot/slave/build-all/build"
+ else "/home/lass/stockholm";
} // optionalAttrs config.krebs.build.host.secure {
#secrets-master = "/home/lass/secrets/master";
});
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index e9527fec5..1ba99c8cb 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -29,6 +29,7 @@ with config.krebs.lib;
{ from = "finanzamt@lassul.us"; to = lass.mail; }
{ from = "dominik@apanowicz.de"; to = "dma@ubikmedia.eu"; }
{ from = "netzclub@lassul.us"; to = lass.mail; }
+ { from = "nebenan@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 72d6f987f..7c050005b 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -10,8 +10,9 @@ let
account default: prism
'';
- msmtp = pkgs.writeDashBin "msmtp" ''
- exec ${pkgs.msmtp}/bin/msmtp -C ${msmtprc} $@
+ msmtp = pkgs.writeBashBin "msmtp" ''
+ ${pkgs.coreutils}/bin/tee >(${pkgs.notmuch}/bin/notmuch insert +sent) | \
+ ${pkgs.msmtp}/bin/msmtp -C ${msmtprc} $@
'';
muttrc = pkgs.writeText "muttrc" ''
@@ -42,7 +43,7 @@ let
set nm_record = yes
set nm_record_tags = "-inbox me archive"
set virtual_spoolfile=yes # enable virtual folders
- set sendmail="msmtp" # enables parsing of outgoing mail
+ set sendmail="${msmtp}/bin/msmtp" # enables parsing of outgoing mail
set use_from=yes
set envelope_from=yes
diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index c893011a3..c6d8a5f8c 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
{
krebs.build.source.nixpkgs = {
url = https://github.com/lassulus/nixpkgs;
- rev = "f215f9e91e07473e61c9302aaa312c7350e98f0e";
+ rev = "7d932301fe1d98a1ef1872a7124e8809279def74";
};
}
diff --git a/lass/2configs/power-action.nix b/lass/2configs/power-action.nix
new file mode 100644
index 000000000..0ff8547c7
--- /dev/null
+++ b/lass/2configs/power-action.nix
@@ -0,0 +1,41 @@
+{ config, pkgs, ... }:
+
+let
+ suspend = pkgs.writeDash "suspend" ''
+ ${pkgs.systemd}/bin/systemctl suspend
+ '';
+
+ speak = text:
+ pkgs.writeDash "speak" ''
+ ${pkgs.espeak}/bin/espeak -v +whisper -s 110 "${text}"
+ '';
+
+in {
+ lass.power-action = {
+ enable = true;
+ plans.low-battery = {
+ upperLimit = 30;
+ lowerLimit = 25;
+ charging = false;
+ action = pkgs.writeDash "warn-low-battery" ''
+ ${speak "power level low"}
+ '';
+ };
+ plans.suspend = {
+ upperLimit = 10;
+ lowerLimit = 0;
+ charging = false;
+ action = pkgs.writeDash "suspend-wrapper" ''
+ /var/setuid-wrappers/sudo ${suspend}
+ '';
+ };
+ };
+
+ users.users.power-action.extraGroups = [
+ "audio"
+ ];
+
+ security.sudo.extraConfig = ''
+ ${config.lass.power-action.user.name} ALL= (root) NOPASSWD: ${suspend}
+ '';
+}
diff --git a/lass/2configs/pulse.nix b/lass/2configs/pulse.nix
new file mode 100644
index 000000000..3be482191
--- /dev/null
+++ b/lass/2configs/pulse.nix
@@ -0,0 +1,96 @@
+{ config, lib, pkgs, ... }:
+
+with config.krebs.lib;
+let
+ pkg = pkgs.pulseaudioLight;
+ runDir = "/run/pulse";
+
+ alsaConf = pkgs.writeText "asound.conf" ''
+ ctl_type.pulse {
+ libs.native = ${pkgs.alsaPlugins}/lib/alsa-lib/libasound_module_ctl_pulse.so;
+ }
+ pcm_type.pulse {
+ libs.native = ${pkgs.alsaPlugins}/lib/alsa-lib/libasound_module_pcm_pulse.so;
+ }
+ ctl.!default {
+ type pulse
+ }
+ pcm.!default {
+ type pulse
+ }
+ '';
+
+ clientConf = pkgs.writeText "client.conf" ''
+ autospawn=no
+ default-server = unix:${runDir}/socket
+ '';
+
+ daemonConf = pkgs.writeText "daemon.conf" ''
+ exit-idle-time=0
+ flat-volumes = no
+ default-fragments = 4
+ default-fragment-size-msec = 25
+ '';
+
+ configFile = pkgs.writeText "default.pa" ''
+ .include ${pkg}/etc/pulse/default.pa
+ load-module ${toString [
+ "module-native-protocol-unix"
+ "auth-anonymous=1"
+ "socket=${runDir}/socket"
+ ]}
+ '';
+in
+
+{
+ environment = {
+ etc = {
+ "asound.conf".source = alsaConf;
+ # XXX mkForce is not strong enough (and neither is mkOverride) to create
+ # /etc/pulse/client.conf, see pulseaudio-hack below for a solution.
+ #"pulse/client.conf" = mkForce { source = clientConf; };
+ #"pulse/client.conf".source = mkForce clientConf;
+ "pulse/default.pa".source = configFile;
+ "pulse/daemon.pa".source = daemonConf;
+ };
+ systemPackages = [
+ pkg
+ ] ++ optionals config.services.xserver.enable [
+ pkgs.pavucontrol
+ ];
+ };
+
+ # Allow PulseAudio to get realtime priority using rtkit.
+ security.rtkit.enable = true;
+
+ system.activationScripts.pulseaudio-hack = ''
+ ln -fns ${clientConf} /etc/pulse/client.conf
+ '';
+
+ systemd.services.pulse = {
+ wantedBy = [ "sound.target" ];
+ before = [ "sound.target" ];
+ environment = {
+ PULSE_RUNTIME_PATH = "${runDir}/home";
+ };
+ serviceConfig = {
+ ExecStart = "${pkg}/bin/pulseaudio";
+ ExecStartPre = pkgs.writeDash "pulse-start" ''
+ install -o pulse -g audio -m 0750 -d ${runDir}
+ install -o pulse -g audio -m 0700 -d ${runDir}/home
+ '';
+ PermissionsStartOnly = "true";
+ User = "pulse";
+ };
+ };
+
+ users = {
+ groups.pulse.gid = config.users.users.pulse.uid;
+ users.pulse = {
+ uid = genid "pulse";
+ group = "pulse";
+ extraGroups = [ "audio" ];
+ home = "${runDir}/home";
+ };
+ };
+}
diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index 12a4ddf26..59678dbff 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -54,10 +54,6 @@ in {
mpc_cli
];
- security.sudo.extraConfig = ''
- ${mainUser.name} ALL=(${name}) NOPASSWD: ALL
- '';
-
services.mpd = {
enable = true;
group = "radio";
@@ -66,7 +62,7 @@ in {
audio_output {
type "shout"
encoding "ogg"
- name "my cool stream"
+ name "the_playlist"
host "localhost"
port "8000"
mount "/radio.ogg"
@@ -83,7 +79,7 @@ in {
# Optional Parameters
user "source"
# description "here is my long description"
- # genre "jazz"
+ genre "good music"
} # end of audio_output
'';
@@ -138,7 +134,7 @@ in {
restartIfChanged = true;
serviceConfig = {
- ExecStart = "${autoAdd} 100";
+ ExecStart = "${autoAdd} 150";
};
};
diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix
index 8295d9d49..9eed08635 100644
--- a/lass/2configs/vim.nix
+++ b/lass/2configs/vim.nix
@@ -1,158 +1,351 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
+with config.krebs.lib;
let
- customPlugins = {
- mustang2 = pkgs.vimUtils.buildVimPlugin {
- name = "Mustang2";
- src = pkgs.fetchFromGitHub {
- owner = "croaker";
- repo = "mustang-vim";
- rev = "6533d7d21bf27cae94d9c2caa575f627f003dfd5";
- sha256 = "0zlmcrr04j3dkiivrhqi90f618lmnnnpvbz1b9msfs78cmgw9w67";
- };
- };
- unimpaired = pkgs.vimUtils.buildVimPlugin {
- name = "unimpaired-vim";
- src = pkgs.fetchFromGitHub {
- owner = "tpope";
- repo = "vim-unimpaired";
- rev = "11dc568dbfd7a56866a4354c737515769f08e9fe";
- sha256 = "1an941j5ckas8l3vkfhchdzjwcray16229rhv3a1d4pbxifwshi8";
- };
- };
- brogrammer = pkgs.vimUtils.buildVimPlugin {
- name = "brogrammer";
- src = pkgs.fetchFromGitHub {
- owner = "marciomazza";
- repo = "vim-brogrammer-theme";
- rev = "3e412d8e8909d8d89eb5a4cbe955b5bc0833a3c3";
- sha256 = "0am1qk8ls74z5ipgf9viacayq08y9i9vd7sxxiivwgsjh2ancbv6";
- };
- };
- file-line = pkgs.vimUtils.buildVimPlugin {
- name = "file-line";
- src = pkgs.fetchFromGitHub {
- owner = "bogado";
- repo = "file-line";
- rev = "f9ffa1879ad84ce4a386110446f395bc1795b72a";
- sha256 = "173n47w9zd01rcyrrmm194v79xq7d1ggzr19n1lsxrqfgr2c1rvk";
- };
- };
+ out = {
+ environment.systemPackages = [
+ vim
+ ];
+
+ environment.etc.vimrc.source = vimrc;
+
+ environment.variables.EDITOR = mkForce "vim";
+ environment.variables.VIMINIT = ":so /etc/vimrc";
};
-in {
+ extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [
+ pkgs.vimPlugins.Gundo
+ pkgs.vimPlugins.Syntastic
+ pkgs.vimPlugins.undotree
+ (pkgs.vimUtils.buildVimPlugin {
+ name = "file-line-1.0";
+ src = pkgs.fetchgit {
+ url = git://github.com/bogado/file-line;
+ rev = "refs/tags/1.0";
+ sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0";
+ };
+ })
+ ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
+ name = "hack";
+ in {
+ name = "vim-color-${name}-1.0.2";
+ destination = "/colors/${name}.vim";
+ text = /* vim */ ''
+ set background=dark
+ hi clear
+ if exists("syntax_on")
+ syntax clear
+ endif
+
+ let colors_name = ${toJSON name}
+
+ hi Normal ctermbg=235
+ hi Comment ctermfg=242
+ hi Constant ctermfg=062
+ hi Identifier ctermfg=068
+ hi Function ctermfg=041
+ hi Statement ctermfg=167
+ hi PreProc ctermfg=167
+ hi Type ctermfg=041
+ hi Delimiter ctermfg=251
+ hi Special ctermfg=062
- environment.systemPackages = [
- (pkgs.vim_configurable.customize {
+ hi Garbage ctermbg=088
+ hi TabStop ctermbg=016
+ hi Todo ctermfg=174 ctermbg=NONE
+
+ hi NixCode ctermfg=148
+ hi NixData ctermfg=149
+ hi NixQuote ctermfg=150
+
+ hi diffNewFile ctermfg=207
+ hi diffFile ctermfg=207
+ hi diffLine ctermfg=207
+ hi diffSubname ctermfg=207
+ hi diffAdded ctermfg=010
+ hi diffRemoved ctermfg=009
+ '';
+ })))
+ ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "vim";
+ in {
+ name = "vim-syntax-${name}-1.0.0";
+ destination = "/syntax/${name}.vim";
+ text = /* vim */ ''
+ ${concatMapStringsSep "\n" (s: /* vim */ ''
+ syn keyword vimColor${s} ${s}
+ \ containedin=ALLBUT,vimComment,vimLineComment
+ hi vimColor${s} ctermfg=${s}
+ '') (map (i: lpad 3 "0" (toString i)) (range 0 255))}
+ '';
+ })))
+ ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
+ name = "showsyntax";
+ in {
+ name = "vim-plugin-${name}-1.0.0";
+ destination = "/plugin/${name}.vim";
+ text = /* vim */ ''
+ if exists('g:loaded_showsyntax')
+ finish
+ endif
+ let g:loaded_showsyntax = 0
- vimrcConfig.customRC = ''
- set nocompatible
- set t_Co=16
- syntax on
- " TODO autoload colorscheme file
- set background=dark
- colorscheme brogrammer
- filetype off
- filetype plugin indent on
+ fu! ShowSyntax()
+ let id = synID(line("."), col("."), 1)
+ let name = synIDattr(id, "name")
+ let transName = synIDattr(synIDtrans(id),"name")
+ if name != transName
+ let name .= " (" . transName . ")"
+ endif
+ echo "Syntax: " . name
+ endfu
- imap <F1> <nop>
+ command! -n=0 -bar ShowSyntax :call ShowSyntax()
+ '';
+ })))
+ ];
- set mouse=a
- set ruler
- set showmatch
- set backspace=2
- set visualbell
- set encoding=utf8
- set showcmd
- set wildmenu
+ dirs = {
+ backupdir = "$HOME/.cache/vim/backup";
+ swapdir = "$HOME/.cache/vim/swap";
+ undodir = "$HOME/.cache/vim/undo";
+ };
+ files = {
+ viminfo = "$HOME/.cache/vim/info";
+ };
- set title
- set titleold=
- set titlestring=%t%(\ %M%)%(\ (%{expand(\"%:p:h\")})%)%(\ %a%)\ -\ %{v:servername}
+ mkdirs = let
+ dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s));
+ in assert out != ""; out;
+ alldirs = attrValues dirs ++ map dirOf (attrValues files);
+ in unique (sort lessThan alldirs);
- set autoindent
+ vim = pkgs.writeDashBin "vim" ''
+ set -efu
+ (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
+ exec ${pkgs.neovim}/bin/nvim "$@"
+ '';
- set ttyfast
+ vimrc = pkgs.writeText "vimrc" ''
+ set nocompatible
- set pastetoggle=<INS>
+ set autoindent
+ set backspace=indent,eol,start
+ set backup
+ set backupdir=${dirs.backupdir}/
+ set directory=${dirs.swapdir}//
+ set hlsearch
+ set incsearch
+ set mouse=a
+ set noruler
+ set pastetoggle=<INS>
+ set runtimepath=${extra-runtimepath},$VIMRUNTIME
+ set shortmess+=I
+ set showcmd
+ set showmatch
+ set ttimeoutlen=0
+ set undodir=${dirs.undodir}
+ set undofile
+ set undolevels=1000000
+ set undoreload=1000000
+ set viminfo='20,<1000,s100,h,n${files.viminfo}
+ set visualbell
+ set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
+ set wildmenu
+ set wildmode=longest,full
+ set et ts=2 sts=2 sw=2
- " Force Saving Files that Require Root Permission
- command! W silent w !sudo tee "%" >/dev/null
+ filetype plugin indent on
- nnoremap <C-c> :q<Return>
- vnoremap < <gv
- vnoremap > >gv
+ set t_Co=256
+ colorscheme hack
+ syntax on
- nmap <esc>q :buffer
+ au Syntax * syn match Garbage containedin=ALL /\s\+$/
+ \ | syn match TabStop containedin=ALL /\t\+/
+ \ | syn keyword Todo containedin=ALL TODO
+ au BufRead,BufNewFile *.hs so ${hs.vim}
- "Tabwidth
- set ts=2 sts=2 sw=2 et
+ au BufRead,BufNewFile *.nix so ${nix.vim}
- " create Backup/tmp/undo dirs
- function! InitBackupDir()
- let l:parent = $HOME . '/.vim/'
- let l:backup = l:parent . 'backups/'
- let l:tmpdir = l:parent . 'tmp/'
- let l:undodi = l:parent . 'undo/'
+ au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile
- if !isdirectory(l:parent)
- call mkdir(l:parent)
- endif
- if !isdirectory(l:backup)
- call mkdir(l:backup)
- endif
- if !isdirectory(l:tmpdir)
- call mkdir(l:tmpdir)
- endif
- if !isdirectory(l:undodi)
- call mkdir(l:undodi)
- endif
- endfunction
- call InitBackupDir()
-
- " Backups & Files
- set backup
- set backupdir=~/.vim/backups
- set directory=~/.vim/tmp//
- set viminfo='20,<1000,s100,h,n~/.vim/tmp/info
- set undodir=$HOME/.vim/undo
- set undofile
-
- " highlight whitespaces
- highlight ExtraWhitespace ctermbg=red guibg=red
- match ExtraWhitespace /\s\+$/
- autocmd BufWinEnter * match ExtraWhitespace /\s\+$/
- autocmd InsertEnter * match ExtraWhitespace /\s\+\%#\@<!$/
- autocmd InsertLeave * match ExtraWhitespace /\s\+$/
- autocmd BufWinLeave * call clearmatches()
-
- "ft specific stuff
- autocmd BufRead *.js,*.json set ts=2 sts=2 sw=2 et
- autocmd BufRead *.hs set ts=4 sts=4 sw=4 et
-
- "esc timeout
- set timeoutlen=1000 ttimeoutlen=0
-
- "foldfunctions
- inoremap <F9> <C-O>za
- nnoremap <F9> za
- onoremap <F9> <C-C>za
- vnoremap <F9> zf
- '';
-
- vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
- vimrcConfig.vam.pluginDictionaries = [
- { names = [
- "brogrammer"
- "file-line"
- "Gundo"
- ]; }
- { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
+ "Syntastic config
+ let g:syntastic_python_checkers=['flake8']
+
+ nmap <esc>q :buffer
+ nmap <M-q> :buffer
+
+ cnoremap <C-A> <Home>
+
+ noremap <C-c> :q<cr>
+ vnoremap < <gv
+ vnoremap > >gv
+
+ nnoremap <esc>[5^ :tabp<cr>
+ nnoremap <esc>[6^ :tabn<cr>
+ nnoremap <esc>[5@ :tabm -1<cr>
+ nnoremap <esc>[6@ :tabm +1<cr>
+
+ nnoremap <f1> :tabp<cr>
+ nnoremap <f2> :tabn<cr>
+ inoremap <f1> <esc>:tabp<cr>
+ inoremap <f2> <esc>:tabn<cr>
+
+ " <C-{Up,Down,Right,Left>
+ noremap <esc>Oa <nop> | noremap! <esc>Oa <nop>
+ noremap <esc>Ob <nop> | noremap! <esc>Ob <nop>
+ noremap <esc>Oc <nop> | noremap! <esc>Oc <nop>
+ noremap <esc>Od <nop> | noremap! <esc>Od <nop>
+ " <[C]S-{Up,Down,Right,Left>
+ noremap <esc>[a <nop> | noremap! <esc>[a <nop>
+ noremap <esc>[b <nop> | noremap! <esc>[b <nop>
+ noremap <esc>[c <nop> | noremap! <esc>[c <nop>
+ noremap <esc>[d <nop> | noremap! <esc>[d <nop>
+ vnoremap u <nop>
+ '';
+
+ hs.vim = pkgs.writeText "hs.vim" ''
+ syn region String start=+\[[[:alnum:]]*|+ end=+|]+
+
+ hi link ConId Identifier
+ hi link VarId Identifier
+ hi link hsDelimiter Delimiter
+ '';
+
+ nix.vim = pkgs.writeText "nix.vim" ''
+ setf nix
+
+ " Ref <nix/src/libexpr/lexer.l>
+ syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/
+ syn match NixINT /\<[0-9]\+\>/
+ syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
+ syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
+ syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/
+ syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/
+ syn region NixSTRING
+ \ matchgroup=NixSTRING
+ \ start='"'
+ \ skip='\\"'
+ \ end='"'
+ syn region NixIND_STRING
+ \ matchgroup=NixIND_STRING
+ \ start="'''"
+ \ skip="'''\('\|[$]\|\\[nrt]\)"
+ \ end="'''"
+
+ syn match NixOther /[():/;=.,?\[\]]/
+
+ syn match NixCommentMatch /\(^\|\s\)#.*/
+ syn region NixCommentRegion start="/\*" end="\*/"
+
+ hi link NixCode Statement
+ hi link NixData Constant
+ hi link NixComment Comment
+
+ hi link NixCommentMatch NixComment
+ hi link NixCommentRegion NixComment
+ hi link NixID NixCode
+ hi link NixINT NixData
+ hi link NixPATH NixData
+ hi link NixHPATH NixData
+ hi link NixSPATH NixData
+ hi link NixURI NixData
+ hi link NixSTRING NixData
+ hi link NixIND_STRING NixData
+
+ hi link NixEnter NixCode
+ hi link NixOther NixCode
+ hi link NixQuote NixData
+
+ syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
+ syn cluster nix_ind_strings contains=NixIND_STRING
+ syn cluster nix_strings contains=NixSTRING
+
+ ${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let
+ startAlts = filter isString [
+ ''/\* ${lang} \*/''
+ extraStart
];
+ sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*'';
+ in /* vim */ ''
+ syn include @nix_${lang}_syntax syntax/${lang}.vim
+ unlet b:current_syntax
- })
- ];
-}
+ syn match nix_${lang}_sigil
+ \ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X
+ \ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
+ \ transparent
+
+ syn region nix_${lang}_region_STRING
+ \ matchgroup=NixSTRING
+ \ start='"'
+ \ skip='\\"'
+ \ end='"'
+ \ contained
+ \ contains=@nix_${lang}_syntax
+ \ transparent
+
+ syn region nix_${lang}_region_IND_STRING
+ \ matchgroup=NixIND_STRING
+ \ start="'''"
+ \ skip="'''\('\|[$]\|\\[nrt]\)"
+ \ end="'''"
+ \ contained
+ \ contains=@nix_${lang}_syntax
+ \ transparent
+
+ syn cluster nix_ind_strings
+ \ add=nix_${lang}_region_IND_STRING
+
+ syn cluster nix_strings
+ \ add=nix_${lang}_region_STRING
+
+ syn cluster nix_has_dollar_curly
+ \ add=@nix_${lang}_syntax
+ '') {
+ c = {};
+ cabal = {};
+ haskell = {};
+ sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
+ vim.extraStart =
+ ''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
+ })}
+
+ " Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
+ syn clear shVarAssign
+
+ syn region nixINSIDE_DOLLAR_CURLY
+ \ matchgroup=NixEnter
+ \ start="[$]{"
+ \ end="}"
+ \ contains=TOP
+ \ containedin=@nix_has_dollar_curly
+ \ transparent
+
+ syn region nix_inside_curly
+ \ matchgroup=NixEnter
+ \ start="{"
+ \ end="}"
+ \ contains=TOP
+ \ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
+ \ transparent
+
+ syn match NixQuote /'''\([''$']\|\\.\)/he=s+2
+ \ containedin=@nix_ind_strings
+ \ contained
+
+ syn match NixQuote /\\./he=s+1
+ \ containedin=@nix_strings
+ \ contained
+
+ syn sync fromstart
+
+ let b:current_syntax = "nix"
+
+ set isk=@,48-57,_,192-255,-,'
+ '';
+in
+out
diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix
index c2b8ff116..39f0cce06 100644
--- a/lass/2configs/websites/fritz.nix
+++ b/lass/2configs/websites/fritz.nix
@@ -1,10 +1,10 @@
{ config, pkgs, lib, ... }:
+with lib;
let
inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; })
genid
head
- nameValuePair
;
inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})
ssl
@@ -58,6 +58,18 @@ in {
"ttf_kleinaspach_de"
];
+ #password protect some dirs
+ krebs.nginx.servers."biostase.de".locations = [
+ (nameValuePair "/old_biostase.de" ''
+ auth_basic "Administrator Login";
+ auth_basic_user_file /srv/http/biostase.de/old_biostase.de/.htpasswd;
+ '')
+ (nameValuePair "/mysqldumper" ''
+ auth_basic "Administrator Login";
+ auth_basic_user_file /srv/http/biostase.de/mysqldumper/.h