diff options
-rw-r--r--krebs/3modules/go.nix (renamed from lass/3modules/go.nix)9
-rw-r--r--krebs/5pkgs/go/default.nix (renamed from lass/5pkgs/go/default.nix)0
-rw-r--r--krebs/5pkgs/go/packages.nix (renamed from lass/5pkgs/go/packages.nix)0
-rw-r--r--shared/1systems/test-arch.nix (renamed from lass/1systems/test-arch.nix)8
-rw-r--r--shared/1systems/test-centos6.nix (renamed from lass/1systems/test-centos6.nix)4
-rw-r--r--shared/1systems/test-centos7.nix (renamed from lass/1systems/test-centos7.nix)4
40 files changed, 1055 insertions, 336 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index b4e7f9254..6d62b2e38 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -13,6 +13,7 @@ let
+ ./go.nix
diff --git a/lass/3modules/go.nix b/krebs/3modules/go.nix
index aa900f118..793d1f60d 100644
--- a/lass/3modules/go.nix
+++ b/krebs/3modules/go.nix
@@ -4,10 +4,10 @@ with builtins;
with lib;
- cfg = config.lass.go;
+ cfg = config.krebs.go;
out = {
- options.lass.go = api;
+ options.krebs.go = api;
config = mkIf cfg.enable imp;
@@ -26,6 +26,11 @@ let
imp = {
+ services.redis = {
+ enable = mkDefault true;
+ bind = mkDefault "";
+ };
users.extraUsers.go = {
name = "go";
uid = 42774411; #genid go
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 2ad4353bd..c99263fe8 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -2,35 +2,7 @@
with lib;
- testHosts = lib.genAttrs [
- "test-arch"
- "test-centos6"
- "test-centos7"
- ] (name: {
- inherit name;
- cores = 1;
- nets = {
- retiolum = {
- addrs4 = [""];
- addrs6 = ["42:0:0:0:0:0:0:7357"];
- aliases = [
- "test.retiolum"
- ];
- tinc.pubkey = ''
- MIIBCgKCAQEAy41YKF/wpHLnN370MSdnAo63QUW30aw+6O79cnaJyxoL6ZQkk4Nd
- mrX2tBIfb2hhhgm4Jecy33WVymoEL7EiRZ6gshJaYwte51Jnrac6IFQyiRGMqHY5
- TG/6IzzTOkeQrT1fw3Yfh0NRfqLBZLr0nAFoqgzIVRxvy+QO1gCU2UDKkQ/y5df1
- K+YsMipxU08dsOkPkmLdC/+vDaZiEdYljIS3Omd+ED5JmLM3MSs/ZPQ8xjkjEAy8
- QqD9/67bDoeXyg1ZxED2n0+aRKtU/CK/66Li//yev6yv38OQSEM4t/V0dr9sjLcY
- VIdkxKf96F9r3vcDf/9xw2HrqVoy+D5XYQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- });
-in {
hosts = addNames {
echelon = {
cores = 2;
@@ -241,7 +213,7 @@ in {
- } // testHosts;
+ };
users = addNames {
lass = {
pubkey = readFile ../../Zpubkeys/;
diff --git a/krebs/3modules/shared/default.nix b/krebs/3modules/shared/default.nix
index 24dd7b782..13aae886b 100644
--- a/krebs/3modules/shared/default.nix
+++ b/krebs/3modules/shared/default.nix
@@ -2,7 +2,35 @@
with lib;
+ testHosts = lib.genAttrs [
+ "test-arch"
+ "test-centos6"
+ "test-centos7"
+ ] (name: {
+ inherit name;
+ cores = 1;
+ nets = {
+ retiolum = {
+ addrs4 = [""];
+ addrs6 = ["42:0:0:0:0:0:0:7357"];
+ aliases = [
+ "test.retiolum"
+ ];
+ tinc.pubkey = ''
+ MIIBCgKCAQEAy41YKF/wpHLnN370MSdnAo63QUW30aw+6O79cnaJyxoL6ZQkk4Nd
+ mrX2tBIfb2hhhgm4Jecy33WVymoEL7EiRZ6gshJaYwte51Jnrac6IFQyiRGMqHY5
+ TG/6IzzTOkeQrT1fw3Yfh0NRfqLBZLr0nAFoqgzIVRxvy+QO1gCU2UDKkQ/y5df1
+ K+YsMipxU08dsOkPkmLdC/+vDaZiEdYljIS3Omd+ED5JmLM3MSs/ZPQ8xjkjEAy8
+ QqD9/67bDoeXyg1ZxED2n0+aRKtU/CK/66Li//yev6yv38OQSEM4t/V0dr9sjLcY
+ VIdkxKf96F9r3vcDf/9xw2HrqVoy+D5XYQIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ });
+in {
hosts = addNames {
wolf = {
#dc = "shack";
@@ -32,7 +60,7 @@ with lib;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYMXMWZIK0jjnZDM9INiYAKcwjXs2241vew54K8veCR";
- };
+ } // testHosts;
users = addNames {
shared = {
mail = "";
diff --git a/lass/5pkgs/go/default.nix b/krebs/5pkgs/go/default.nix
index 9dd166adc..9dd166adc 100644
--- a/lass/5pkgs/go/default.nix
+++ b/krebs/5pkgs/go/default.nix
diff --git a/lass/5pkgs/go/packages.nix b/krebs/5pkgs/go/packages.nix
index 9acfd7658..9acfd7658 100644
--- a/lass/5pkgs/go/packages.nix
+++ b/krebs/5pkgs/go/packages.nix
diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix
index dc0ca0274..39af4a96f 100644
--- a/lass/1systems/echelon.nix
+++ b/lass/1systems/echelon.nix
@@ -13,7 +13,7 @@ in {
- ../2configs/redis.nix
+ #../2configs/redis.nix
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index 7db3f8333..7b91fa6be 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -18,10 +18,37 @@
- ../2configs/wordpress.nix
+ #../2configs/wordpress.nix
+ {
+ #risk of rain port
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p tcp --dport 11100"; target = "ACCEPT"; }
+ ];
+ }
+ {
+ #wordpress-test
+ #imports = singleton (sitesGenerators.createWordpress "");
+ imports = [
+ ../3modules/wordpress_nginx.nix
+ ];
+ lass.wordpress."" = {
+ };
+ services.mysql = {
+ enable = true;
+ package = pkgs.mariadb;
+ rootPassword = "<secrets>/mysql_rootPassword";
+ };
+ networking.extraHosts = ''
+ '';
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; }
+ ];
+ }
]; = config.krebs.hosts.mors;
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 87334c3c2..599f4704e 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -10,6 +10,8 @@ in {
+ ../2configs/bitlbee.nix
+ ../2configs/weechat.nix
users.extraGroups = {
# ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories
@@ -87,6 +89,33 @@ in {
nixpkgs.config.allowUnfree = true;
+ {
+ #stuff for juhulian
+ users.extraUsers.juhulian = {
+ name = "juhulian";
+ uid = 1339;
+ home = "/home/juhulian";
+ group = "users";
+ createHome = true;
+ useDefaultShell = true;
+ extraGroups = [
+ ];
+ openssh.authorizedKeys.keys = [
+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBQhLGvfv4hyQ/nqJGy1YgHXPSVl6igeWTroJSvAhUFgoh+rG+zvqY0EahKXNb3sq0/OYDCTJVuucc0hgCg7T2KqTqMtTb9EEkRmCFbD7F7DWZojCrh/an6sHneqT5eFvzAPZ8E5hup7oVQnj5P5M3I9keRHBWt1rq6q0IcOEhsFvne4qJc73aLASTJkxzlo5U8ju3JQOl6474ECuSn0lb1fTrQ/SR1NgF7jV11eBldkS8SHEB+2GXjn4Yrn+QUKOnDp+B85vZmVlJSI+7XR1/U/xIbtAjGTEmNwB6cTbBv9NCG9jloDDOZG4ZvzzHYrlBXjaigtQh2/4mrHoKa5eV juhulian@juhulian"
+ ];
+ };
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
+ ];
+ }
+ {
+ environment.systemPackages = [
+ pkgs.perlPackages.Plack
+ ];
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p tcp --dport 8080"; target = "ACCEPT";}
+ ];
+ }
]; = config.krebs.hosts.prism;
diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix
index 11bc4f089..61023057b 100644
--- a/lass/2configs/base.nix
+++ b/lass/2configs/base.nix
@@ -48,7 +48,7 @@ with lib;
source = {
git.nixpkgs = {
url =;
- rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80";
+ rev = "8d1ce129361312334bf914ce0d27e463cb0bb21b";
dir.secrets = {
host = config.krebs.hosts.mors;
@@ -92,6 +92,10 @@ with lib;
+ #monitoring tools
+ htop
+ iotop
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 3be3676aa..4e46c18d2 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -5,7 +5,8 @@ let
in {
imports = [
- ./urxvt.nix
+ #./urxvt.nix
+ ./xserver
users.extraUsers.mainUser.extraGroups = [ "audio" ];
@@ -34,38 +35,39 @@ in {
+ zathura
#window manager stuff
- haskellPackages.xmobar
- haskellPackages.yeganesh
- dmenu2
- xlibs.fontschumachermisc
+ #haskellPackages.xmobar
+ #haskellPackages.yeganesh
+ #dmenu2
+ #xlibs.fontschumachermisc
- fonts.fonts = [
- pkgs.xlibs.fontschumachermisc
- ];
- services.xserver = {
- enable = true;
- windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [
- X11-xshape
- ];
- windowManager.xmonad.enable = true;
- windowManager.xmonad.enableContribAndExtras = true;
- windowManager.default = "xmonad";
- desktopManager.default = "none";
- desktopManager.xterm.enable = false;
- displayManager.slim.enable = true;
- = true;
- =;
- layout = "us";
- xkbModel = "evdev";
- xkbVariant = "altgr-intl";
- xkbOptions = "caps:backspace";
- };
+ #fonts.fonts = [
+ # pkgs.xlibs.fontschumachermisc
+ #];
+ #services.xserver = {
+ # enable = true;
+ # windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [
+ # X11-xshape
+ # ];
+ # windowManager.xmonad.enable = true;
+ # windowManager.xmonad.enableContribAndExtras = true;
+ # windowManager.default = "xmonad";
+ # desktopManager.default = "none";
+ # desktopManager.xterm.enable = false;
+ # displayManager.slim.enable = true;
+ # = true;
+ # =;
+ # layout = "us";
+ # xkbModel = "evdev";
+ # xkbVariant = "altgr-intl";
+ # xkbOptions = "caps:backspace";
+ #};
services.logind.extraConfig = ''
diff --git a/lass/2configs/bitlbee.nix b/lass/2configs/bitlbee.nix
index fa14c7fea..b23628dc5 100644
--- a/lass/2configs/bitlbee.nix
+++ b/lass/2configs/bitlbee.nix
@@ -1,16 +1,12 @@
{ config, pkgs, ... }:
- lpkgs = import ../5pkgs { inherit pkgs; };
-in {
- imports = [
- ../3modules/bitlbee.nix
- ];
- lass.bitlbee = {
+ services.bitlbee = {
enable = true;
- bitlbeePkg = lpkgs.bitlbee;
portNumber = 6666;
+ plugins = [
+ pkgs.bitlbee-facebook
+ pkgs.bitlbee-steam
+ ];
diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix
index 5a1857973..849778a7a 100644
--- a/lass/2configs/browsers.nix
+++ b/lass/2configs/browsers.nix
@@ -1,7 +1,15 @@
{ config, lib, pkgs, ... }:
- inherit (import ../4lib { inherit pkgs lib; }) simpleScript;
+ simpleScript = name: content:
+ pkgs.stdenv.mkDerivation {
+ inherit name;
+ phases = [ "installPhase" ];
+ installPhase = ''
+ mkdir -p $out/bin
+ ln -s ${pkgs.writeScript name content} $out/bin/${name}
+ '';
+ };
mainUser = config.users.extraUsers.mainUser;
createChromiumUser = name: extraGroups: packages:
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index 7e8fc03c7..16ecaefec 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with import ../../tv/4lib { inherit lib pkgs; };
+with lib;
@@ -43,19 +43,19 @@ let
collaborators = with config.krebs.users; [ tv makefu ];
} //
- import /root/src/secrets/repos.nix { inherit config lib pkgs; }
+ import <secrets/repos.nix> { inherit config lib pkgs; }
make-public-repo = name: { desc ? null, ... }: {
inherit name desc;
public = true;
hooks = {
- post-receive = git.irc-announce {
+ post-receive = pkgs.git-hooks.irc-announce {
# TODO make nick = the default
nick =;
channel = "#retiolum";
server = "cd.retiolum";
- verbose = == "echelon";
+ verbose = == "prism";
diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix
index 81a02ec7c..f4c2ac289 100644
--- a/lass/2configs/go.nix
+++ b/lass/2configs/go.nix
@@ -2,13 +2,10 @@
with lib;
- imports = [
- ../3modules/go.nix
- ];
environment.systemPackages = [
- lass.go = {
+ krebs.go = {
enable = true;
krebs.nginx = {
diff --git a/lass/2configs/mc.nix b/lass/2configs/mc.nix
index 87880ed00..b7d5a4ceb 100644
--- a/lass/2configs/mc.nix
+++ b/lass/2configs/mc.nix
@@ -159,37 +159,25 @@ let
### Images ###
- type/^GIF
+ shell/i/.gif
- type/^JPEG
+ regex/i/\.jpe?g$
- type/^PC\ bitmap
+ shell/i/.bmp
- type/^PNG
+ shell/i/.png
- type/^JNG
+ shell/i/.jng
- type/^MNG
+ shell/i/.mng
- type/^TIFF
- Include=image
- type/^PBM
- Include=image
- type/^PGM
- Include=image
- type/^PPM
- Include=image
- type/^Netpbm
+ shell/i/.tiff
@@ -283,7 +271,7 @@ let
### Documents ###
- type/^PDF
+ shell/i/.pdf
Open=zathura %f
View=zathura %f
diff --git a/lass/2configs/skype.nix b/lass/2configs/skype.nix
index 7e4618a7b..6a226441b 100644
--- a/lass/2configs/skype.nix
+++ b/lass/2configs/skype.nix
@@ -4,10 +4,6 @@ let
mainUser = config.users.extraUsers.mainUser;
in {
- imports = [
- ../3modules/per-user.nix
- ];
users.extraUsers = {
skype = {
name = "skype";
@@ -20,7 +16,7 @@ in {
- = [
+ = [
diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix
index cfcc1a2f6..18007ed61 100644
--- a/lass/2configs/weechat.nix
+++ b/lass/2configs/weechat.nix
@@ -1,22 +1,37 @@
{ config, lib, pkgs, ... }:
-with lib;
- imports = [
- ../3modules/per-user.nix
- ];
- = [
+ = [
]; = {
home = "/home/chat";
+ uid = 986764891; # genid chat
useDefaultShell = true;
createHome = true;
- openssh.authorizedKeys.keys = map readFile [
- ../../krebs/Zpubkeys/
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.lass.pubkey
+ = {
+ # description = "chat environment setup";
+ # after = [ "" ];
+ # wantedBy = [ "" ];
+ # path = with pkgs; [
+ # weechat
+ # tmux
+ # ];
+ # restartIfChanged = true;
+ # serviceConfig = {
+ # User = "chat";
+ # Restart = "always";
+ # ExecStart = "${pkgs.tmux}/bin/tmux new -s IM weechat";
+ # };
+ #};
diff --git a/lass/2configs/xserver/Xresources.nix b/lass/2configs/xserver/Xresources.nix
new file mode 100644
index 000000000..d52418897
--- /dev/null
+++ b/lass/2configs/xserver/Xresources.nix
@@ -0,0 +1,27 @@
+{ config, lib, pkgs, ... }:
+with lib;
+pkgs.writeText "Xresources" ''
+ URxvt*scrollBar: false
+ URxvt*urgentOnBell: true
+ URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-*
+ URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-*
+ ! ref
+ URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl
+ URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select
+ URxvt.url-select.launcher: browser-select
+ URxvt.url-select.underline: true
+ URxvt.keysym.M-u: perl:url-select:select_next
+ URxvt.keysym.M-Escape: perl:keyboard-select:activate
+ URxvt.keysym.M-s: perl:keyboard-select:search
+ URxvt.intensityStyles: false
+ URxvt*background: #000000
+ URxvt*foreground: #ffffff
+ !change unreadable blue
+ URxvt*color4: #268bd2
diff --git a/lass/2configs/xserver/default.nix b/lass/2configs/xserver/default.nix
new file mode 100644
index 000000000..ceccf5fee
--- /dev/null
+++ b/lass/2configs/xserver/default.nix
@@ -0,0 +1,161 @@
+{ config, lib, pkgs, ... }@args:
+with lib;
+ # TODO
+ user = config.users.users.mainUser;
+ out = {
+ services.xserver = {
+ display = 11;
+ tty = 11;
+ synaptics = {
+ enable = true;
+ twoFingerScroll = true;
+ accelFactor = "0.035";
+ };
+ #keyboard stuff
+ layout = "us";
+ xkbVariant = "altgr-intl";
+ xkbOptions = "caps:backspace";
+ };
+ fonts.fonts = [
+ pkgs.xlibs.fontschumachermisc
+ ];
+ = {
+ wantedBy = [ "" ];
+ reloadIfChanged = true;
+ serviceConfig = {
+ ExecReload = need-reload "urxvtd.service";
+ ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
+ Restart = "always";
+ RestartSec = "2s";
+ StartLimitBurst = 0;
+ User =;
+ };
+ };
+ environment.systemPackages = [
+ pkgs.gitAndTools.qgit
+ pkgs.mpv
+ pkgs.pavucontrol
+ pkgs.slock
+ pkgs.sxiv
+ pkgs.xsel
+ pkgs.zathura
+ ];
+ security.setuidPrograms = [
+ "slock"
+ ];
+ = mkForce {};
+ services.xserver.enable = true;
+ = {
+ wantedBy = [ "" ];
+ requires = [ "xserver.service" ];
+ environment = xmonad-environment;
+ serviceConfig = {
+ ExecStart = "${xmonad-start}/bin/xmonad";
+ ExecStop = "${xmonad-stop}/bin/xmonad-stop";
+ User =;
+ WorkingDirectory = user.home;
+ };
+ };
+ = {
+ after = [
+ "systemd-udev-settle.service"
+ ""
+ "acpid.service"
+ ];
+ reloadIfChanged = true;
+ environment = xserver-environment;
+ serviceConfig = {
+ ExecReload = need-reload "xserver.service";
+ ExecStart = "${xserver}/bin/xserver";
+ };
+ };
+ };
+ xmonad-environment = {
+ DISPLAY = ":${toString}";
+ XMONAD_STATE = "/tmp/xmonad.state";
+ # XXX JSON is close enough :)
+ XMONAD_WORKSPACES0_FILE = pkgs.writeText "xmonad.workspaces0" (toJSON [
+ "cr"
+ "gm"
+ "ff"
+ "IM"
+ "mail"
+ "stockholm"
+ ]);
+ };
+ xmonad-start = pkgs.writeScriptBin "xmonad" ''
+ #! ${pkgs.bash}/bin/bash
+ set -efu
+ export PATH; PATH=${makeSearchPath "bin" ([
+ pkgs.rxvt_unicode
+ pkgs.i3lock
+ pkgs.haskellPackages.yeganesh
+ pkgs.haskellPackages.xmobar
+ pkgs.dmenu
+ ] ++ config.environment.systemPackages)}:/var/setuid-wrappers
+ settle() {(
+ # Use PATH for a clean journal
+ command=''${1##*/}
+ PATH=''${1%/*}; export PATH
+ shift
+ until "$command" "$@"; do
+ ${pkgs.coreutils}/bin/sleep 1
+ done
+ )&}
+ settle ${pkgs.xorg.xhost}/bin/xhost +LOCAL:
+ settle ${pkgs.xorg.xrdb}/bin/xrdb -merge ${import ./Xresources.nix args}
+ settle ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c'
+ exec ${pkgs.xmonad-lass}/bin/xmonad
+ '';
+ xmonad-stop = pkgs.writeScriptBin "xmonad-stop" ''
+ #! /bin/sh
+ exec ${pkgs.xmonad-lass}/bin/xmonad --shutdown
+ '';
+ xserver-environment = {
+ XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
+ XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
+ LD_LIBRARY_PATH = concatStringsSep ":" (
+ [ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
+ ++ concatLists (catAttrs "libPath";
+ };
+ xserver = pkgs.writeScriptBin "xserver" ''
+ #! /bin/sh
+ set -efu
+ exec ${pkgs.xorg.xorgserver}/bin/X \
+ :${toString} \
+ vt${toString} \
+ -config ${import ./xserver.conf.nix args} \
+ -logfile /var/log/X.${toString}.log \
+ -nolisten tcp \
+ -xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb \
+ '';
+ need-reload = s: let
+ pkg = pkgs.writeScriptBin "need-reload" ''
+ #! /bin/sh
+ echo "$*"
+ '';
+ in "${pkg}/bin/need-reload ${s}";
+in out
diff --git a/lass/2configs/xserver/xserver.conf.nix b/lass/2configs/xserver/xserver.conf.nix
new file mode 100644
index 000000000..e8a997a99
--- /dev/null
+++ b/lass/2configs/xserver/xserver.conf.nix
@@ -0,0 +1,40 @@
+{ config, lib, pkgs, ... }:
+with lib;
+ cfg =;
+pkgs.stdenv.mkDerivation {
+ name = "xserver.conf";
+ xfs = optionalString (cfg.useXFS != false)
+ ''FontPath "${toString cfg.useXFS}"'';
+ inherit (cfg) config;
+ buildCommand =
+ ''
+ echo 'Section "Files"' >> $out
+ echo $xfs >> $out
+ for i in ${toString config.fonts.fonts}; do
+ if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then
+ for j in $(find $i -name fonts.dir); do
+ echo " FontPath \"$(dirname $j)\"" >> $out
+ done
+ fi
+ done
+ for i in $(find ${toString cfg.modules} -type d); do
+ if test $(echo $i/*.so* | wc -w) -ne 0; then
+ echo " ModulePath \"$i\"" >> $out
+ fi
+ done
+ echo 'EndSection' >> $out
+ echo "$config" >> $out
+ '';
diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix
index b081dc3cc..7c85af3a4 100644
--- a/lass/3modules/default.nix
+++ b/lass/3modules/default.nix
@@ -4,10 +4,10 @@ _:
- ./go.nix
+ ./wordpress_nginx.nix
diff --git a/lass/3modules/wordpress_nginx.nix b/lass/3modules/wordpress_nginx.nix
new file mode 100644
index 000000000..65170698f
--- /dev/null
+++ b/lass/3modules/wordpress_nginx.nix
@@ -0,0 +1,195 @@
+{ config, lib, pkgs, ... }:
+with lib;
+ cfg = config.lass.wordpress;
+ out = {
+ options.lass.wordpress = api;
+ config = imp;
+ };
+ api = mkOption {
+ type = with types; attrsOf (submodule ({ config, ... }: {
+ options = {
+ domain = mkOption {
+ type = str;
+ default =;
+ };
+ dbUser = mkOption {
+ type = str;
+ default = replaceStrings ["."] ["_"] config.domain;
+ };
+ dbName = mkOption {
+ type = str;
+ default = replaceStrings ["."] ["_"] config.domain;
+ };
+ folder = mkOption {
+ type = str;
+ default = "/srv/http/${config.domain}";
+ };
+ auto = mkOption {
+ type = bool;
+ default = false;
+ };
+ charset = mkOption {
+ type = str;
+ default = "utf8mb4";
+ };
+ collate = mkOption {
+ type = str;
+ default = "";
+ };
+ debug = mkOption {
+ type = bool;
+ default = false;
+ };
+ };
+ }));
+ default = {};
+ };
+ dataFolder = "/srv/http";
+ user =;
+ group =;
+ imp = {
+ krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, ... }: {
+ server-names = [
+ "${domain}"
+ "www.${domain}"
+ ];
+ locations = [
+ (nameValuePair "/" ''
+ try_files $uri $uri/ /index.php?$args;
+ '')
+ (nameValuePair "~ \.php$" ''
+ fastcgi_pass unix:${dataFolder}/${domain}/phpfpm.pool;
+ include ${pkgs.nginx}/conf/fastcgi.conf;
+ '')
+ (nameValuePair "~ /\\." ''
+ deny all;
+ '')
+ ];
+ extraConfig = ''
+ root ${dataFolder}/${domain}/;
+ index index.php;
+ access_log /tmp/nginx_acc.log;
+ error_log /tmp/nginx_err.log;
+ error_page 404 /404.html;
+ error_page 500 502 503 504 /50x.html;
+ '';
+ });
+ services.phpfpm.poolConfigs = flip mapAttrs cfg (name: { domain, ... }: ''
+ listen = ${dataFolder}/${domain}/phpfpm.pool
+ user = ${user}
+ group = ${group}
+ pm = dynamic
+ pm.max_children = 5
+ pm.start_servers = 2
+ pm.min_spare_servers = 1
+ pm.max_spare_servers = 3
+ listen.owner = ${user}
+ = ${group}
+ # errors to journal
+ php_admin_value[error_log] = 'stderr'
+ php_admin_flag[log_errors] = on
+ catch_workers_output = yes
+ '');
+ = flip mapAttrs' cfg (name: { domain, folder, charset, collate, dbName, dbUser, debug, ... }: {
+ name = "wordpressInit-${name}";
+ value = {
+ path = [
+ pkgs.mysql
+ pkgs.gawk
+ pkgs.jq
+ ];
+ requiredBy = [ "nginx.service" ];
+ serviceConfig = let
+ php.define = name: value:
+ "define(${php.newdoc name}, ${php.newdoc value});";
+ php.toString = x:
+ "'${x}'";
+ php.newdoc = s:
+ let b = "EOF${builtins.hashString "sha256" s}"; in
+ ''<<<'${b}'
+ ${s}
+ ${b}
+ '';
+ in {
+ Type = "oneshot";
+ ExecStart = pkgs.writeScript "wordpressInit" ''
+ #!/bin/sh
+ set -euf
+ wp_secrets=${shell.escape "${toString <secrets>}/${domain}/wp-secrets"}
+ db_password=$(cat ${shell.escape "${toString <secrets>}/${domain}/sql-db-pw"})
+ get_secret() {
+ echo "define('$1', $(jq -r ."$1" "$wp_secrets" | to_php_string));"
+ }
+ to_php_string() {
+ echo "base64_decode('$(base64)')"
+ }
+ {
+ cat ${toString <secrets/mysql_rootPassword>}
+ password=$(cat ${shell.escape (toString (<secrets/mysql_rootPassword>))})
+ # TODO passwordhash=$(su nobody2 -c mysql <<< "SELECT PASSWORD($(toSqlString <<< "$password"));")
+ # TODO as package pkgs.sqlHashPassword
+ # TODO not using mysql
+ passwordhash=$(su nobody2 -c 'mysql -u nobody --silent' <<< "SELECT PASSWORD('$db_password');")
+ user=${shell.escape dbUser}@localhost
+ database=${shell.escape dbName}
+ cat << EOF
+ GRANT USAGE ON *.* TO $user IDENTIFIED BY PASSWORD '$passwordhash';
+ GRANT ALL PRIVILEGES ON $database.* TO $user;
+ } | mysql -u root -p
+ # TODO nix2php for wp-config.php
+ cat > ${folder}/wp-config.php << EOF
+ <?php
+ define('DB_PASSWORD', '$db_password');
+ define('DB_HOST', 'localhost');
+ ${concatStringsSep "\n" (mapAttrsToList (name: value:
+ "define('${name}', $(printf '%s' ${shell.escape value} | to_php_string));"
+ ) {
+ DB_NAME = dbName;
+ DB_USER = dbUser;
+ DB_CHARSET = charset;
+ DB_COLLATE = collate;
+ })}
+ ${concatMapStringsSep "\n" (key: "$(get_secret ${shell.escape key})") [
+ ]}
+ \$table_prefix = 'wp_';
+ define('WP_DEBUG', ${toJSON debug});
+ if ( !defined('ABSPATH') )
+ define('ABSPATH', dirname(__FILE__) . '/');
+ /** Sets up WordPress vars and included files. */
+ require_once(ABSPATH . 'wp-settings.php');
+ '';
+ };
+ };
+ });
+ users.users.nobody2 = {
+ uid = 125816384; # genid nobody2
+ useDefaultShell = true;
+ };
+ };
+in out
diff --git a/lass/4lib/default.nix b/lass/4lib/default.nix
index 6a8a28972..a751a2995 100644
--- a/lass/4lib/default.nix
+++ b/lass/4lib/default.nix
@@ -1,19 +1,9 @@
-{ lib, pkgs, ... }:
+{ lib, ... }:
with lib;
- simpleScript = name: content:
- pkgs.stdenv.mkDerivation {
- inherit name;
- phases = [ "installPhase" ];
- installPhase = ''
- mkdir -p $out/bin
- ln -s ${pkgs.writeScript name content} $out/bin/${name}
- '';
- };
getDefaultGateway = ip:
concatStringsSep "." (take 3 (splitString "." ip) ++ ["1"]);
diff --git a/lass/5pkgs/bitlbee-dev.nix b/lass/5pkgs/bitlbee-dev.nix
deleted file mode 100644
index dd129591e..000000000
--- a/lass/5pkgs/bitlbee-dev.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python }:
-stdenv.mkDerivation rec {
- name = "bitlbee-3.4.1";
- src = fetchurl {
- url = "mirror://bitlbee/src/${name}.tar.gz";
- sha256 = "1qf0ypa9ba5jvsnpg9slmaran16hcc5fnfzbb1sdch1hjhchn2jh";
- };
- buildInputs = [ gnutls glib pkgconfig libotr python ];
- buildPhase = "";
- installPhase = ''
- make install-dev
- '';
diff --git a/lass/5pkgs/bitlbee-steam.nix b/lass/5pkgs/bitlbee-steam.nix
deleted file mode 100644
index d869eaac5..000000000
--- a/lass/5pkgs/bitlbee-steam.nix
+++ /dev/null
@@ -1,31 +0,0 @@
-{ stdenv, fetchgit, autoconf, automake, bitlbee-dev, glib, libgcrypt, libtool, pkgconfig }:
-stdenv.mkDerivation rec {
- name = "bitlbee-steam-1.3.1";
- src = fetchgit {
- url = "";
- rev = "439d777c7e8d06712ffc15c3e51d61799f4c0d0c";
- sha256 = "493924da1083a3b23073c595a9e1989a7ae09a196524ad66ca99c4d8ccc20d2a";
- };
- buildInputs = [
- autoconf
- automake
- bitlbee-dev
- glib
- libgcrypt
- libtool
- pkgconfig
- ];
- configurePhase = ''
- ./
- '';
- installPhase = ''
- mkdir -p $out
- cp steam/.libs/ $out/
- cp steam/.libs/ $out/
- '';
diff --git a/lass/5pkgs/bitlbee.nix b/lass/5pkgs/bitlbee.nix
deleted file mode 100644
index 2a5a8d86d..000000000
--- a/lass/5pkgs/bitlbee.nix
+++ /dev/null
@@ -1,71 +0,0 @@
-{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python
- , bitlbee-facebook ? null
- , bitlbee-steam ? null
-with stdenv.lib;
-stdenv.mkDerivation rec {
- name = "bitlbee-3.4.1";
- src = fetchurl {
- url = "mirror://bitlbee/src/${name}.tar.gz";
- sha256 = "1qf0ypa9ba5jvsnpg9slmaran16hcc5fnfzbb1sdch1hjhchn2jh";
- };
- buildInputs = [ gnutls glib pkgconfig libotr python ]
- ++ optional doCheck check;
- configureFlags = [
- "--gcov=1"
- "--otr=1"
- "--ssl=gnutls"
- ];
- postBuild = ''
- ${if (bitlbee-steam != null) then
- ''
- mkdir -p $out/lib/bitlbee/
- find ${bitlbee-steam}
- cp ${bitlbee-steam}/* $out/lib/bitlbee/
- ''
- else
- ""
- }
- '';
- #${concatMapStringsSep "\n" ([] ++
- # (if (bitlbee-facebook != null) then
- # "cp ${bitlbee-faceook}/* $out/"
- # else
- # ""
- # ) ++
- # (if (bitlbee-steam != null) then
- # "cp ${bitlbee-steam}/* $out/"
- # else
- # ""
- # )
- #)}
- doCheck = true;
- meta = {
- description = "IRC instant messaging gateway";
- longDescription = ''
- BitlBee brings IM (instant messaging) to IRC clients. It's a
- great solution for people who have an IRC client running all the
- time and don't want to run an additional MSN/AIM/whatever
- client.
- BitlBee currently supports the following IM networks/protocols:
- XMPP/Jabber (including Google Talk), MSN Messenger, Yahoo!
- Messenger, AIM and ICQ.
- '';
- homepage =;
- license = licenses.gpl2Plus;
- maintainers = with maintainers; [ wkennington pSub ];
- platforms = platforms.gnu; # arbitrary choice
- };
diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix
index 869f808ce..2b9582912 100644
--- a/lass/5pkgs/default.nix
+++ b/lass/5pkgs/default.nix
@@ -5,14 +5,13 @@ let
rec {
- bitlbee-dev = callPackage ./bitlbee-dev.nix {};
- bitlbee-steam = callPackage ./bitlbee-steam.nix { inherit bitlbee-dev; };
- bitlbee = callPackage ./bitlbee.nix { inherit bitlbee-steam; };
firefoxPlugins = {
noscript = callPackage ./firefoxPlugins/noscript.nix {};
ublock = callPackage ./firefoxPlugins/ublock.nix {};
vimperator = callPackage ./firefoxPlugins/vimperator.nix {};
- go = callPackage ./go/default.nix {};
newsbot-js = callPackage ./newsbot-js/default.nix {};
+ xmonad-lass =
+ let src = pkgs.writeNixFromCabal "xmonad-lass.nix" ./xmonad-lass; in
+ pkgs.haskellPackages.callPackage src {};
diff --git a/lass/5pkgs/xmonad-lass/.gitignore b/lass/5pkgs/xmonad-lass/.gitignore
new file mode 100644
index 000000000..616204547
--- /dev/null
+++ b/lass/5pkgs/xmonad-lass/.gitignore
@@ -0,0 +1 @@
diff --git a/lass/5pkgs/xmonad-lass/Main.hs b/lass/5pkgs/xmonad-lass/Main.hs
new file mode 100644
index 000000000..10a3c5638
--- /dev/null
+++ b/lass/5pkgs/xmonad-lass/Main.hs
@@ -0,0 +1,190 @@
+{-# LANGUAGE DeriveDataTypeable #-} -- for XS
+{-# LANGUAGE FlexibleContexts #-} -- for xmonad'
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE ScopedTypeVariables #-}
+module Main where
+import Control.Exception
+import Text.Read (readEither)
+import XMonad
+import System.IO (hPutStrLn, stderr)
+import System.Environment (getArgs, withArgs, getEnv, getEnvironment)
+import System.Posix.Process (executeFile)
+import XMonad.Prompt (defaultXPConfig)
+import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace
+ , removeEmptyWorkspace)
+import XMonad.Actions.GridSelect
+import XMonad.Actions.CycleWS (toggleWS)
+--import XMonad.Actions.CopyWindow ( copy )
+import XMonad.Layout.NoBorders ( smartBorders )
+import qualified XMonad.StackSet as W
+import Data.Map (Map)
+import qualified Data.Map as Map
+-- TODO import XMonad.Layout.WorkspaceDir
+import XMonad.Hooks.UrgencyHook (SpawnUrgencyHook(..), withUrgencyHook)
+-- import XMonad.Layout.Tabbed
+--import XMonad.Layout.MouseResizableTile
+import XMonad.Layout.Reflect (reflectVert)
+import XMonad.Layout.FixedColumn (FixedColumn(..))
+import XMonad.Hooks.Place (placeHook, smart)
+import XMonad.Hooks.FloatNext (floatNextHook)
+import XMonad.Actions.PerWorkspaceKeys (chooseAction)
+import XMonad.Layout.PerWorkspace (onWorkspace)
+--import XMonad.Layout.BinarySpacePartition
+import XMonad.Util.EZConfig (additionalKeysP)
+import XMonad.Prompt (autoComplete, defaultXPConfig, XPConfig, mkXPrompt)
+import XMonad.Hooks.UrgencyHook (focusUrgent, withUrgencyHook, urgencyBorderColor, BorderUrgencyHook(BorderUrgencyHook))
+import XMonad.Actions.DynamicWorkspaces (addWorkspacePrompt, removeEmptyWorkspace, renameWorkspace, withWorkspace)
+import XMonad.Hooks.FloatNext (floatNext, floatNextHook)
+import XMonad.Prompt.Workspace
+import XMonad.Actions.CopyWindow (copy, kill1)
+import qualified Data.Map as M
+import XMonad.Hooks.ManageDocks (avoidStruts, manageDocks, ToggleStruts(ToggleStruts))
+--import XMonad.Actions.Submap
+import XMonad.Stockholm.Pager
+import XMonad.Stockholm.Rhombus
+import XMonad.Stockholm.Shutdown
+myTerm :: String
+myTerm = "urxvtc"
+myRootTerm :: String
+myRootTerm = "urxvtc -name root-urxvt -e su -"
+myFont :: String
+myFont = "-schumacher-*-*-*-*-*-*-*-*-*-*-*-iso10646-*"
+main :: IO ()
+main = getArgs >>= \case
+ ["--shutdown"] -> sendShutdownEvent
+ _ -> mainNoArgs
+mainNoArgs :: IO ()
+mainNoArgs = do
+ xmonad'
+ -- $ withUrgencyHookC dzenUrgencyHook { args = ["-bg", "magenta", "-fg", "magenta", "-h", "2"], duration = 500000 }
+ -- urgencyConfig { remindWhen = Every 1 }
+ -- $ withUrgencyHook borderUrgencyHook "magenta"
+ -- $ withUrgencyHookC BorderUrgencyHook { urgencyBorderColor = "magenta" } urgencyConfig { suppressWhen = Never }
+ $ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ")
+ $ defaultConfig
+ { terminal = myTerm
+ , modMask = mod4Mask
+ , layoutHook = smartBorders $ myLayoutHook
+ -- , handleEventHook = myHandleEventHooks <+> handleTimerEvent
+ --, handleEventHook = handleTimerEvent
+ , manageHook = placeHook (smart (1,0)) <+> floatNextHook
+ , startupHook = spawn "echo emit XMonadStartup"
+ , normalBorderColor = "#1c1c1c"
+ , focusedBorderColor = "#f000b0"
+ , handleEventHook = handleShutdownEvent
+ } `additionalKeysP` myKeyMap
+myLayoutHook = defLayout
+ where
+ defLayout = (avoidStruts $ Tall 1 (3/100) (1/2) ||| Full ||| Mirror (Tall 1 (3/100) (1/2))) ||| FixedColumn 2 80 80 1
+xmonad' :: (LayoutClass l Window, Read (l Window)) => XConfig l -> IO ()
+xmonad' conf = do
+ path <- getEnv "XMONAD_STATE"
+ try (readFile path) >>= \case
+ Right content -> do
+ hPutStrLn stderr ("resuming from " ++ path)
+ withArgs ("--resume" : lines content) (xmonad conf)
+ Left e -> do
+ hPutStrLn stderr (displaySomeException e)
+ xmonad conf
+displaySomeException :: SomeException -> String
+displaySomeException = displayException
+myKeyMap =
+ [ ("M4-<F11>", spawn "i3lock -i ~/lock.png -u" )
+ , ("M4-p", spawn "passmenu --type")
+ , ("M4-r", spawn "exe=$(yeganesh -x) && eval \"exec $exe\"")
+ -- , ("M4-r", io (readProcess "yeganesh" ["-x"] "" >>= putStrLn ) )
+ , ("<XF86AudioRaiseVolume>", spawn "pactl -- set-sink-volume 0 +4%")
+ , ("<XF86AudioLowerVolume>", spawn "pactl -- set-sink-volume 0 -4%")
+ , ("<XF86Launch1>", gridselectWorkspace myWSConfig W.view)
+ , ("M4-a", focusUrgent)
+ , ("M4-S-r", renameWorkspace defaultXPConfig)
+ , ("M4-S-a", addWorkspacePrompt defaultXPConfig)
+ , ("M4-S-<Backspace>", removeEmptyWorkspace)
+ , ("M4-S-c", kill1)
+ , ("M4-<Esc>", toggleWS)
+ , ("M4-S-<Enter>", spawn myTerm)
+ , ("M4-x", floatNext True >> spawn myTerm)
+ , ("M4-f", floatNext True)
+ , ("M4-b", sendMessage ToggleStruts)
+ , ("M4-v", withWorkspace myXPConfig (windows . W.view))
+ , ("M4-S-v", withWorkspace myXPConfig (windows . W.shift))
+ , ("M4-C-v", withWorkspace myXPConfig (windows . copy))
+ -- , (_4 , xK_q ) & \k -> (k, goToSelected myCNConfig { gs_navigate = makeGSNav k } )
+ -- , (_4S, xK_q ) & \k -> (k, bringSelected myCNConfig { gs_navigate = makeGSNav k } )
+ -- , (_4C, xK_q ) & \k -> (k, withSelectedWindow ( \a -> get >>= \s -> put s { windowset = copyWindow a (W.tag $ W.workspace $ W.current $ windowset s) (windowset s) } ) myCNConfig { gs_navigate = makeGSNav k } )
+ --, ("M4-<F1>", perWorkspaceAction workspaceConfigs)
+ , ("M4-S-q", return ())
+ ]
+myGSConfig = defaultGSConfig
+ { gs_cellheight = 50
+ , gs_cellpadding = 2
+ , gs_navigate = navNSearch
+ , gs_font = myFont
+ }
+myXPConfig :: XPConfig
+myXPConfig = defaultXPConfig
+ { autoComplete = Just 5000
+ }
+myWSConfig = myGSConfig
+ { gs_cellwidth = 50
+ }
+pagerConfig :: PagerConfig
+pagerConfig = defaultPagerConfig
+ { pc_font = myFont
+ , pc_cellwidth = 64
+ --, pc_cellheight = 36 -- TODO automatically keep screen aspect
+ --, pc_borderwidth = 1
+ --, pc_matchcolor = "#f0b000"
+ , pc_matchmethod = MatchPrefix
+ --, pc_colors = pagerWorkspaceColors
+ , pc_windowColors = windowColors
+ }
+ where
+ windowColors _ _ _ True _ = ("#ef4242","#ff2323")
+ windowColors wsf m c u wf = do
+ let def = defaultWindowColors wsf m c u wf
+ if m == False && wf == True
+ then ("#402020", snd def)
+ else def
+wGSConfig :: GSConfig Window
+wGSConfig = defaultGSConfig
+ { gs_cellheight = 20
+ , gs_cellwidth = 192
+ , gs_cellpadding = 5
+ , gs_font = myFont
+ , gs_navigate = navNSearch
+ }
+(&) :: a -> (a -> c) -> c
+(&) = flip ($)
+allWorkspaceNames :: W.StackSet i l a sid sd -> X [i]
+allWorkspaceNames ws =
+ return $ map W.tag (W.hidden ws) ++ [W.tag $ W.workspace $ W.current ws]
diff --git a/lass/5pkgs/xmonad-lass/Makefile b/lass/5pkgs/xmonad-lass/Makefile
new file mode 100644
index 000000000..cbb0776e6
--- /dev/null
+++ b/lass/5pkgs/xmonad-lass/Makefile
@@ -0,0 +1,6 @@
+.PHONY: ghci
+ghci: shell.nix
+ nix-shell --command 'exec ghci -Wall'
+shell.nix: xmonad.cabal
+ cabal2nix --shell . > $@
diff --git a/lass/5pkgs/xmonad-lass/Util/PerWorkspaceConfig.hs b/lass/5pkgs/xmonad-lass/Util/PerWorkspaceConfig.hs
new file mode 100644
index 000000000..bba7c8c60
--- /dev/null
+++ b/lass/5pkgs/xmonad-lass/Util/PerWorkspaceConfig.hs
@@ -0,0 +1,52 @@
+module Util.PerWorkspaceConfig
+ ( WorkspaceConfig (..)
+ , WorkspaceConfigs
+ , switchToWorkspace
+ , defaultWorkspaceConfig
+ , perWorkspaceAction
+ , perWorkspaceTermAction
+-- , myLayoutHack
+ )
+import XMonad
+import XMonad.Core (LayoutClass)
+import Control.Monad (when)
+import qualified Data.Map as M
+import qualified XMonad.StackSet as W
+data WorkspaceConfig l =
+ WorkspaceConfig
+ { switchAction :: X ()
+ , startAction :: X ()
+ , keyAction :: X ()
+ , termAction :: X ()
+ }
+type WorkspaceConfigs l = M.Map WorkspaceId (WorkspaceConfig l)
+defaultWorkspaceConfig = WorkspaceConfig
+ { switchAction = return ()
+ , startAction = return ()
+ , keyAction = return ()
+ , termAction = spawn "urxvtc"
+ }
+whenLookup wsId cfg a =
+ when (M.member wsId cfg) (a $ cfg M.! wsId)
+switchToWorkspace :: WorkspaceConfigs l -> WorkspaceId -> X ()
+switchToWorkspace cfg wsId = do
+ windows $ W.greedyView wsId
+ wins <- gets (W.integrate' . W.stack . W.workspace . W.current . windowset)
+ when (null wins) $ whenLookup wsId cfg startAction
+ whenLookup wsId cfg switchAction
+perWorkspaceAction :: WorkspaceConfigs l -> X ()
+perWorkspaceAction cfg = withWindowSet $ \s -> whenLookup (W.currentTag s) cfg keyAction
+perWorkspaceTermAction :: WorkspaceConfigs l -> X ()
+perWorkspaceTermAction cfg = withWindowSet $ \s -> case M.lookup (W.currentTag s) cfg of
+ Just x -> termAction x
+ _ -> termAction defaultWorkspaceConfig
diff --git a/lass/5pkgs/xmonad-lass/xmonad.cabal b/lass/5pkgs/xmonad-lass/xmonad.cabal
new file mode 100644
index 000000000..37809b599
--- /dev/null
+++ b/lass/5pkgs/xmonad-lass/xmonad.cabal
@@ -0,0 +1,17 @@
+Author: lass
+Build-Type: Simple
+Cabal-Version: >= 1.2
+License: MIT
+Name: xmonad-lass
+Version: 0
+Executable xmonad
+ Build-Depends:
+ base,
+ containers,
+ unix,
+ xmonad,
+ xmonad-contrib,
+ xmonad-stockholm
+ GHC-Options: -Wall -O3 -threaded -rtsopts
+ Main-Is: Main.hs
diff --git a/lass/1systems/test-arch.nix b/shared/1systems/test-arch.nix
index 0ab9da2f3..ece209490 100644
--- a/lass/1systems/test-arch.nix
+++ b/shared/1systems/test-arch.nix
@@ -1,10 +1,6 @@
-{ config, lib, pkgs, ... }:
+{ config, pkgs, ... }:
- inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
- inherit (lib) head;
-in {
imports = [
diff --git a/lass/1systems/test-centos6.nix b/shared/1systems/test-centos6.nix
index 7270c2262..a8b5f9b9c 100644
--- a/lass/1systems/test-centos6.nix
+++ b/shared/1systems/test-centos6.nix
@@ -1,10 +1,10 @@
{ config, lib, pkgs, ... }:
- inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
inherit (lib) head;
ip = "";
+ gw = "";
in {
imports = [
@@ -16,7 +16,7 @@ in {
prefixLength = 24;
- networking.defaultGateway = getDefaultGateway ip;
+ networking.defaultGateway = gw;
networking.nameservers = [
diff --git a/lass/1systems/test-centos7.nix b/shared/1systems/test-centos7.nix
index 91bd3e0fe..51e99600c 100644
--- a/lass/1systems/test-centos7.nix
+++ b/shared/1systems/test-centos7.nix
@@ -1,10 +1,10 @@
{ config, lib, pkgs, ... }:
- inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
inherit (lib) head;
ip = "";
+ gw = "";
in {
imports = [
@@ -16,7 +16,7 @@ in {
prefixLength = 24;
- networking.defaultGateway = getDefaultGateway ip;
+ networking.defaultGateway = gw;
networking.nameservers = [
diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix
index 60d1e8ce8..4fe3388c8 100644
--- a/shared/1systems/wolf.nix
+++ b/shared/1systems/wolf.nix
@@ -1,9 +1,8 @@
{ config, lib, pkgs, ... }:
-with lib;
imports = [
+ ../2configs/base.nix
@@ -13,34 +12,6 @@ with lib; = config.krebs.users.shared; = "wolf";
- krebs.enable = true;
- krebs.retiolum = {
- enable = true;
- connectTo = [
- # TODO remove connectTo cd, this was only used for bootstrapping
- "cd"
- "gum"
- "pigstarter"
- ];
- };
- = {
- git.nixpkgs = {
- url =;
- rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80";
- };
- dir.secrets = {
- host =;
- path = "${getEnv "HOME"}/secrets/krebs/wolf";
- };
- = {
- host =;
- path = "${getEnv "HOME"}/stockholm";
- };
- };
- networking.hostName =;
boot.kernel.sysctl = {
# Enable IPv6 Privacy Extensions
"net.ipv6.conf.all.use_tempaddr" = 2;
@@ -63,45 +34,5 @@ with lib;
{ device = "/dev/disk/by-label/swap"; }
- nix.maxJobs = 1;
- nix.trustedBinaryCaches = [
- ""
- ""
- ""
- ];
- nix.useChroot = true;
- nixpkgs.config.packageOverrides = pkgs: {
- nano = pkgs.vim;
- };
- environment.systemPackages = with pkgs; [
- git
- rxvt_unicode.terminfo
- ];
time.timeZone = "Europe/Berlin";
- programs.ssh.startAgent = false;
- services.openssh = {
- enable = true;
- hostKeys = [
- { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
- ];
- };
- services.cron.enable = false;
- services.nscd.enable = false;
- services.ntp.enable = false;
- users.mutableUsers = false;
- users.extraUsers.root.openssh.authorizedKeys.keys = [
- # TODO
- config.krebs.users.lass.pubkey
- config.krebs.users.makefu.pubkey
- ];
- # The NixOS release to be compatible with for stateful data such as databases.
- system.stateVersion = "15.09";
diff --git a/shared/2configs/base.nix b/shared/2configs/base.nix
new file mode 100644
index 000000000..c9f4ffa8d
--- /dev/null
+++ b/shared/2configs/base.nix
@@ -0,0 +1,74 @@
+{ config, lib, pkgs, ... }:
+with lib;
+ krebs.enable = true;
+ krebs.retiolum = {
+ enable = true;
+ connectTo = [
+ # TODO remove connectTo cd, this was only used for bootstrapping
+ "cd"
+ "gum"
+ "pigstarter"
+ ];
+ };
+ = {
+ git.nixpkgs = {
+ url =;
+ rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80";
+ };
+ dir.secrets = {
+ host =;
+ path = "${getEnv "HOME"}/secrets/krebs/wolf";
+ };
+ = {
+ host =;
+ path = "${getEnv "HOME"}/stockholm";
+ };
+ };
+ networking.hostName =;
+ nix.maxJobs = 1;
+ nix.trustedBinaryCaches = [
+ ""
+ ""
+ ""
+ ];
+ nix.useChroot = true;
+ nixpkgs.config.packageOverrides = pkgs: {
+ nano = pkgs.vim;
+ };
+ environment.systemPackages = with pkgs; [
+ git
+ rxvt_unicode.terminfo
+ ];
+ programs.ssh.startAgent = false;
+ services.openssh = {
+ enable = true;
+ hostKeys = [
+ { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
+ ];
+ };
+ services.cron.enable = false;
+ services.nscd.enable = false;
+ services.ntp.enable = false;
+ users.mutableUsers = false;
+ users.extraUsers.root.openssh.authorizedKeys.keys = [
+ # TODO
+ config.krebs.users.lass.pubkey
+ config.krebs.users.makefu.pubkey
+ ];
+ # The NixOS release to be compatible with for stateful data such as databases.
+ system.stateVersion = "15.09";
diff --git a/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix b/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix
new file mode 100644
index 000000000..b5ec722a0
--- /dev/null
+++ b/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix
@@ -0,0 +1,47 @@
+ boot.loader.grub = {
+ device = "/dev/sda";
+ splashImage = null;
+ };
+ boot.initrd.availableKernelModules = [
+ "ata_piix"
+ "vmw_pvscsi"
+ ];
+ fileSystems."/" = {
+ device = "/dev/VolGroup/lv_root";
+ fsType = "ext4";
+ };
+ fileSystems."/boot" = {
+ device = "/dev/sda1";
+ fsType = "ext4";
+ };
+ swapDevices = [
+ { device = "/dev/VolGroup/lv_swap"; }
+ ];
+ users.extraGroups = {
+ # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories
+ # Loaded: loaded (/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/example/systemd/system/systemd-tmpfiles-setup.service)
+ # Active: failed (Result: exit-code) since Mon 2015-03-16 10:29:18 UTC; 4s ago
+ # Docs: man:tmpfiles.d(5)
+ # man:systemd-tmpfiles(8)
+ # Process: 19272 ExecStart=/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev (code=exited, status=1/FAILURE)
+ # Main PID: 19272 (code=exited, status=1/FAILURE)
+ #
+ # Mar 16 10:29:17 cd systemd-tmpfiles[19272]: [/usr/lib/tmpfiles.d/legacy.conf:26] Unknown group 'lock'.
+ # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal configured, ignoring.
+ # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal/7b35116927d74ea58785e00b47ac0f0d configured, ignoring.
+ # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service: main process exited, code=exited, status=1/FAILURE
+ # Mar 16 10:29:18 cd systemd[1]: Failed to start Create Volatile Files and Directories.
+ # Mar 16 10:29:18 cd systemd[1]: Unit systemd-tmpfiles-setup.service entered failed state.
+ # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service failed.
+ # warning: error(s) occured while switching to the new configuration
+ lock.gid = 10001;
+ };
diff --git a/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix b/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix
new file mode 100644
index 000000000..168d1d97b
--- /dev/null
+++ b/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix
@@ -0,0 +1,47 @@
+ boot.loader.grub = {
+ device = "/dev/sda";
+ splashImage = null;
+ };
+ boot.initrd.availableKernelModules = [
+ "ata_piix"
+ "vmw_pvscsi"
+ ];
+ fileSystems."/" = {
+ device = "/dev/centos/root";
+ fsType = "xfs";
+ };
+ fileSystems."/boot" = {
+ device = "/dev/sda1";
+ fsType = "xfs";
+ };
+ swapDevices = [
+ { device = "/dev/centos/swap"; }
+ ];
+ users.extraGroups = {
+ # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories
+ # Loaded: loaded (/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/example/systemd/system/systemd-tmpfiles-setup.service)
+ # Active: failed (Result: exit-code) since Mon 2015-03-16 10:29:18 UTC; 4s ago
+ # Docs: man:tmpfiles.d(5)
+ # man:systemd-tmpfiles(8)
+ # Process: 19272 ExecStart=/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev (code=exited, status=1/FAILURE)
+ # Main PID: 19272 (code=exited, status=1/FAILURE)
+ #
+ # Mar 16 10:29:17 cd systemd-tmpfiles[19272]: [/usr/lib/tmpfiles.d/legacy.conf:26] Unknown group 'lock'.
+ # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal configured, ignoring.
+ # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal/7b35116927d74ea58785e00b47ac0f0d configured, ignoring.
+ # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service: main process exited, code=exited, status=1/FAILURE
+ # Mar 16 10:29:18 cd systemd[1]: Failed to start Create Volatile Files and Directories.
+ # Mar 16 10:29:18 cd systemd[1]: Unit systemd-tmpfiles-setup.service entered failed state.
+ # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service failed.
+ # warning: error(s) occured while switching to the new configuration
+ lock.gid = 10001;
+ };
[cgit] Unable to lock slot /tmp/cgit/04100000.lock: Permission denied (13)