summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/backups.nix135
-rw-r--r--lass/2configs/baseX.nix6
-rw-r--r--lass/2configs/browsers.nix23
-rw-r--r--lass/2configs/buildbot-standalone.nix55
-rw-r--r--lass/2configs/default.nix (renamed from lass/2configs/base.nix)31
-rw-r--r--lass/2configs/downloading.nix3
-rw-r--r--lass/2configs/exim-retiolum.nix10
-rw-r--r--lass/2configs/exim-smarthost.nix49
-rw-r--r--lass/2configs/fastpoke-pages.nix101
-rw-r--r--lass/2configs/fetchWallpaper.nix2
-rw-r--r--lass/2configs/games.nix2
-rw-r--r--lass/2configs/git.nix2
-rw-r--r--lass/2configs/krebs-pass.nix21
-rw-r--r--lass/2configs/mail.nix110
-rw-r--r--lass/2configs/mpv.nix49
-rw-r--r--lass/2configs/newsbot-js.nix1
-rw-r--r--lass/2configs/pass.nix3
-rw-r--r--lass/2configs/programs.nix1
-rw-r--r--lass/2configs/radio.nix133
-rw-r--r--lass/2configs/vim.nix5
-rw-r--r--lass/2configs/websites/domsen.nix94
-rw-r--r--lass/2configs/websites/fritz.nix77
-rw-r--r--lass/2configs/websites/wohnprojekt-rhh.de.nix17
-rw-r--r--lass/2configs/weechat.nix1
-rw-r--r--lass/2configs/xserver/default.nix21
25 files changed, 735 insertions, 217 deletions
diff --git a/lass/2configs/backups.nix b/lass/2configs/backups.nix
new file mode 100644
index 000000000..7d3046d43
--- /dev/null
+++ b/lass/2configs/backups.nix
@@ -0,0 +1,135 @@
+{ config, lib, ... }:
+with config.krebs.lib;
+{
+
+ krebs.backup.plans = {
+ } // mapAttrs (_: recursiveUpdate {
+ snapshots = {
+ daily = { format = "%Y-%m-%d"; retain = 7; };
+ weekly = { format = "%YW%W"; retain = 4; };
+ monthly = { format = "%Y-%m"; retain = 12; };
+ yearly = { format = "%Y"; };
+ };
+ }) {
+ dishfire-http-prism = {
+ method = "pull";
+ src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; };
+ dst = { host = config.krebs.hosts.prism; path = "/bku/dishfire-http"; };
+ startAt = "03:00";
+ };
+ dishfire-http-mors = {
+ method = "pull";
+ src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; };
+ dst = { host = config.krebs.hosts.mors; path = "/bku/dishfire-http"; };
+ startAt = "03:05";
+ };
+ dishfire-http-uriel = {
+ method = "pull";
+ src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; };
+ dst = { host = config.krebs.hosts.uriel; path = "/bku/dishfire-http"; };
+ startAt = "03:10";
+ };
+ dishfire-sql-prism = {
+ method = "pull";
+ src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; };
+ dst = { host = config.krebs.hosts.prism; path = "/bku/dishfire-sql"; };
+ startAt = "03:15";
+ };
+ dishfire-sql-mors = {
+ method = "pull";
+ src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; };
+ dst = { host = config.krebs.hosts.mors; path = "/bku/dishfire-sql"; };
+ startAt = "03:20";
+ };
+ dishfire-sql-uriel = {
+ method = "pull";
+ src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; };
+ dst = { host = config.krebs.hosts.uriel; path = "/bku/dishfire-sql"; };
+ startAt = "03:25";
+ };
+ prism-bitlbee-mors = {
+ method = "pull";
+ src = { host = config.krebs.hosts.prism; path = "/var/lib/bitlbee"; };
+ dst = { host = config.krebs.hosts.mors; path = "/bku/prism-bitlbee"; };
+ startAt = "03:25";
+ };
+ prism-bitlbee-uriel = {
+ method = "pull";
+ src = { host = config.krebs.hosts.prism; path = "/var/lib/bitlbee"; };
+ dst = { host = config.krebs.hosts.uriel; path = "/bku/prism-bitlbee"; };
+ startAt = "03:25";
+ };
+ prism-chat-mors = {
+ method = "pull";
+ src = { host = config.krebs.hosts.prism; path = "/home/chat"; };
+ dst = { host = config.krebs.hosts.mors; path = "/bku/prism-chat"; };
+ startAt = "03:30";
+ };
+ prism-chat-uriel = {
+ method = "pull";
+ src = { host = config.krebs.hosts.prism; path = "/home/chat"; };
+ dst = { host = config.krebs.hosts.uriel; path = "/bku/prism-chat"; };
+ startAt = "03:35";
+ };
+ prism-sql-mors = {
+ method = "pull";
+ src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; };
+ dst = { host = config.krebs.hosts.mors; path = "/bku/prism-sql_dumps"; };
+ startAt = "03:40";
+ };
+ prism-sql-uriel = {
+ method = "pull";
+ src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; };
+ dst = { host = config.krebs.hosts.uriel; path = "/bku/prism-sql_dumps"; };
+ startAt = "03:45";
+ };
+ prism-http-mors = {
+ method = "pull";
+ src = { host = config.krebs.hosts.prism; path = "/srv/http"; };
+ dst = { host = config.krebs.hosts.mors; path = "/bku/prism-http"; };
+ startAt = "03:50";
+ };
+ prism-http-uriel = {
+ method = "pull";
+ src = { host = config.krebs.hosts.prism; path = "/srv/http"; };
+ dst = { host = config.krebs.hosts.uriel; path = "/bku/prism-http"; };
+ startAt = "03:55";
+ };
+ uriel-home-mors = {
+ method = "pull";
+ src = { host = config.krebs.hosts.uriel; path = "/home"; };
+ dst = { host = config.krebs.hosts.mors; path = "/bku/uriel-home"; };
+ startAt = "04:00";
+ };
+ mors-home-uriel = {
+ method = "push";
+ src = { host = config.krebs.hosts.mors; path = "/home"; };
+ dst = { host = config.krebs.hosts.uriel; path = "/bku/mors-home"; };
+ startAt = "05:00";
+ };
+ dishfire-http-helios = {
+ method = "pull";
+ src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; };
+ dst = { host = config.krebs.hosts.helios; path = "/bku/dishfire-http"; };
+ startAt = "12:00";
+ };
+ dishfire-sql-helios = {
+ method = "pull";
+ src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; };
+ dst = { host = config.krebs.hosts.helios; path = "/bku/dishfire-sql"; };
+ startAt = "12:15";
+ };
+ prism-sql-helios = {
+ method = "pull";
+ src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; };
+ dst = { host = config.krebs.hosts.helios; path = "/bku/prism-sql_dumps"; };
+ startAt = "12:30";
+ };
+ prism-http-helios = {
+ method = "pull";
+ src = { host = config.krebs.hosts.prism; path = "/srv/http"; };
+ dst = { host = config.krebs.hosts.helios; path = "/bku/prism-http"; };
+ startAt = "12:45";
+ };
+ };
+}
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 6c52240af..f918db156 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -4,9 +4,10 @@ let
mainUser = config.users.extraUsers.mainUser;
in {
imports = [
- ./base.nix
+ ./default.nix
#./urxvt.nix
./xserver
+ ./mpv.nix
];
users.extraUsers.mainUser.extraGroups = [ "audio" ];
@@ -33,17 +34,18 @@ in {
dmenu
gitAndTools.qgit
+ nmap
much
pavucontrol
powertop
push
slock
sxiv
+ xclip
xorg.xbacklight
xsel
zathura
- mpv
mpv-poll
yt-next
#window manager stuff
diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix
index 47a16d4cb..e230fff43 100644
--- a/lass/2configs/browsers.nix
+++ b/lass/2configs/browsers.nix
@@ -14,7 +14,7 @@ let
useDefaultShell = true;
createHome = true;
};
- lass.per-user.${name}.packages = packages;
+ krebs.per-user.${name}.packages = packages;
security.sudo.extraConfig = ''
${mainUser.name} ALL=(${name}) NOPASSWD: ALL
'';
@@ -35,7 +35,7 @@ let
useDefaultShell = true;
createHome = true;
};
- lass.per-user.${name}.packages = packages;
+ krebs.per-user.${name}.packages = packages;
security.sudo.extraConfig = ''
${mainUser.name} ALL=(${name}) NOPASSWD: ALL
'';
@@ -59,20 +59,9 @@ in {
imports = [
( createFirefoxUser "ff" [ "audio" ] [ pkgs.firefox ] )
- ( createChromiumUser "cr" [ "audio" ] [ pkgs.chromium ] )
- ( createChromiumUser "wk" [ "audio" ] [ pkgs.chromium ] )
- ( createChromiumUser "fb" [ "audio" ] [ pkgs.chromium ] )
- ( createChromiumUser "gm" [ "audio" ] [ pkgs.chromium ] )
- ( createChromiumUser "flash" [ "audio" ] [ pkgs.flash ] )
+ ( createChromiumUser "cr" [ "video" "audio" ] [ pkgs.chromium ] )
+ ( createChromiumUser "wk" [ "video" "audio" ] [ pkgs.chromium ] )
+ ( createChromiumUser "fb" [ "video" "audio" ] [ pkgs.chromium ] )
+ ( createChromiumUser "gm" [ "video" "audio" ] [ pkgs.chromium ] )
];
-
- nixpkgs.config.packageOverrides = pkgs : {
- flash = pkgs.chromium.override {
- # pulseSupport = true;
- enablePepperFlash = true;
- };
- #chromium = pkgs.chromium.override {
- # pulseSupport = true;
- #};
- };
}
diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix
index 8c71553fe..604d0728d 100644
--- a/lass/2configs/buildbot-standalone.nix
+++ b/lass/2configs/buildbot-standalone.nix
@@ -1,15 +1,16 @@
{ lib, config, pkgs, ... }:
{
- #networking.firewall.allowedTCPPorts = [ 8010 9989 ];
- krebs.buildbot.master = {
+ krebs.buildbot.master = let
+ stockholm-mirror-url = http://cgit.prism/stockholm ;
+ in {
slaves = {
testslave = "lasspass";
};
change_source.stockholm = ''
- stockholm_repo = 'http://cgit.mors/stockholm'
+ stockholm_repo = '${stockholm-mirror-url}'
cs.append(changes.GitPoller(
stockholm_repo,
- workdir='stockholm-poller', branch='master',
+ workdir='stockholm-poller', branches=True,
project='stockholm',
pollinterval=120))
'';
@@ -20,10 +21,12 @@
builderNames=["fast-tests"]))
'';
fast-tests-scheduler = ''
- # test the master real quick
+ # test everything real quick
sched.append(schedulers.SingleBranchScheduler(
- change_filter=util.ChangeFilter(branch="master"),
- name="fast-master-test",
+ ## all branches
+ change_filter=util.ChangeFilter(branch_re=".*"),
+ # treeStableTimer=10,
+ name="fast-all-branches",
builderNames=["fast-tests"]))
'';
};
@@ -38,7 +41,10 @@
deps = [ "gnumake", "jq","nix","rsync" ]
# TODO: --pure , prepare ENV in nix-shell command:
# SSL_CERT_FILE,LOGNAME,NIX_REMOTE
- nixshell = ["nix-shell", "-I", "stockholm=.", "-p" ] + deps + [ "--run" ]
+ nixshell = ["nix-shell",
+ "-I", "stockholm=.",
+ "-I", "nixpkgs=/var/src/nixpkgs",
+ "-p" ] + deps + [ "--run" ]
# prepare addShell function
def addShell(factory,**kwargs):
@@ -48,13 +54,26 @@
fast-tests = ''
f = util.BuildFactory()
f.addStep(grab_repo)
- addShell(f,name="mors-eval",env=env,
- command=nixshell + ["make -s eval get=krebs.deploy filter=json system=mors"])
+ for i in [ "prism", "mors", "echelon" ]:
+ addShell(f,name="populate-{}".format(i),env=env,
+ command=nixshell + \
+ ["{}( make system={} eval.config.krebs.build.populate \
+ | jq -er .)".format("!" if "failing" in i else "",i)])
+
+ addShell(f,name="build-test-minimal",env=env,
+ command=nixshell + \
+ ["nix-instantiate \
+ --show-trace --eval --strict --json \
+ -I nixos-config=./shared/1systems/test-minimal-deploy.nix \
+ -I secrets=. \
+ -A config.system.build.toplevel"]
+ )
bu.append(util.BuilderConfig(name="fast-tests",
slavenames=slavenames,
factory=f))
- '';
+
+ '';
};
enable = true;
web.enable = true;
@@ -72,7 +91,17 @@
masterhost = "localhost";
username = "testslave";
password = "lasspass";
- packages = with pkgs;[ git nix ];
- extraEnviron = { NIX_PATH="nixpkgs=${toString <nixpkgs>}"; };
+ packages = with pkgs;[ git nix gnumake jq rsync ];
+ extraEnviron = {
+ NIX_PATH="nixpkgs=/var/src/nixpkgs:nixos-config=./shared/1systems/wolf.nix";
+ };
+ };
+ krebs.iptables = {
+ tables = {
+ filter.INPUT.rules = [
+ { predicate = "-p tcp --dport 8010"; target = "ACCEPT"; }
+ { predicate = "-p tcp --dport 9989"; target = "ACCEPT"; }
+ ];
+ };
};
}
diff --git a/lass/2configs/base.nix b/lass/2configs/default.nix
index 8017d4270..ee320b9c9 100644
--- a/lass/2configs/base.nix
+++ b/lass/2configs/default.nix
@@ -7,10 +7,11 @@ with config.krebs.lib;
../2configs/zsh.nix
../2configs/mc.nix
../2configs/retiolum.nix
+ ./backups.nix
{
users.extraUsers =
mapAttrs (_: h: { hashedPassword = h; })
- (import /root/secrets/hashedPasswords.nix);
+ (import <secrets/hashedPasswords.nix>);
}
{
users.extraUsers = {
@@ -18,7 +19,7 @@ with config.krebs.lib;
openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
config.krebs.users.lass-uriel.pubkey
- config.krebs.users.lass-helios.pubkey
+ config.krebs.users.lass-shodan.pubkey
];
};
mainUser = {
@@ -33,6 +34,7 @@ with config.krebs.lib;
openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
config.krebs.users.lass-uriel.pubkey
+ config.krebs.users.lass-shodan.pubkey
];
};
};
@@ -45,7 +47,6 @@ with config.krebs.lib;
krebs = {
enable = true;
search-domain = "retiolum";
- exim-retiolum.enable = true;
build = {
user = config.krebs.users.lass;
source = mapAttrs (_: mkDefault) ({
@@ -55,7 +56,7 @@ with config.krebs.lib;
stockholm = "/home/lass/stockholm";
nixpkgs = {
url = https://github.com/NixOS/nixpkgs;
- rev = "40c586b7ce2c559374df435f46d673baf711c543";
+ rev = "d541e0dc1c05f5514bf30f8039e687adddb45616";
dev = "/home/lass/src/nixpkgs";
};
} // optionalAttrs config.krebs.build.host.secure {
@@ -85,9 +86,12 @@ with config.krebs.lib;
MANPAGER=most
'';
+ nixpkgs.config.allowUnfree = true;
+
environment.systemPackages = with pkgs; [
#stockholm
git
+ gnumake
jq
parallel
proot
@@ -102,12 +106,20 @@ with config.krebs.lib;
#network
iptables
+ iftop
#stuff for dl
aria2
#neat utils
krebspaste
+ psmisc
+ untilport
+
+ #unpack stuff
+ p7zip
+ unzip
+ unrar
];
programs.bash = {
@@ -145,10 +157,6 @@ with config.krebs.lib;
'';
};
- security.setuidPrograms = [
- "sendmail"
- ];
-
services.openssh = {
enable = true;
hostKeys = [
@@ -165,6 +173,13 @@ with config.krebs.lib;
krebs.iptables = {
enable = true;
tables = {
+ nat.PREROUTING.rules = [
+ { predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; }
+ { predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; }
+ ];
+ nat.OUTPUT.rules = [
+ { predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; }
+ ];
filter.INPUT.policy = "DROP";
filter.FORWARD.policy = "DROP";
filter.INPUT.rules = [
diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix
index 115cb8b61..3639a743a 100644
--- a/lass/2configs/downloading.nix
+++ b/lass/2configs/downloading.nix
@@ -3,7 +3,7 @@
with config.krebs.lib;
let
- rpc-password = import <secrets/transmission-pw.nix>;
+ rpc-password = import <secrets/transmission-pw>;
in {
imports = [
../3modules/folderPerms.nix
@@ -20,6 +20,7 @@ in {
];
openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
+ config.krebs.users.lass-uriel.pubkey
];
};
diff --git a/lass/2configs/exim-retiolum.nix b/lass/2configs/exim-retiolum.nix
new file mode 100644
index 000000000..c07b6c15a
--- /dev/null
+++ b/lass/2configs/exim-retiolum.nix
@@ -0,0 +1,10 @@
+{ config, lib, pkgs, ... }:
+
+with config.krebs.lib;
+
+{
+ krebs.exim-retiolum.enable = true;
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; }
+ ];
+}
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
new file mode 100644
index 000000000..84a57205b
--- /dev/null
+++ b/lass/2configs/exim-smarthost.nix
@@ -0,0 +1,49 @@
+{ config, lib, pkgs, ... }:
+
+with config.krebs.lib;
+
+{
+ krebs.exim-smarthost = {
+ enable = true;
+ dkim = [
+ { domain = "lassul.us"; }
+ ];
+ sender_domains = [
+ "lassul.us"
+ "aidsballs.de"
+ ];
+ relay_from_hosts = map (host: host.nets.retiolum.ip4.addr) [
+ config.krebs.hosts.mors
+ config.krebs.hosts.uriel
+ config.krebs.hosts.helios
+ ];
+ internet-aliases = with config.krebs.users; [
+ { from = "postmaster@lassul.us"; to = lass.mail; } # RFC 822
+ { from = "lass@lassul.us"; to = lass.mail; }
+ { from = "lassulus@lassul.us"; to = lass.mail; }
+ { from = "test@lassul.us"; to = lass.mail; }
+ { from = "outlook@lassul.us"; to = lass.mail; }
+ { from = "steuer@aidsballs.de"; to = lass.mail; }
+ { from = "lass@aidsballs.de"; to = lass.mail; }
+ { from = "wordpress@ubikmedia.de"; to = lass.mail; }
+ ];
+ system-aliases = [
+ { from = "mailer-daemon"; to = "postmaster"; }
+ { from = "postmaster"; to = "root"; }
+ { from = "nobody"; to = "root"; }
+ { from = "hostmaster"; to = "root"; }
+ { from = "usenet"; to = "root"; }
+ { from = "news"; to = "root"; }
+ { from = "webmaster"; to = "root"; }
+ { from = "www"; to = "root"; }
+ { from = "ftp"; to = "root"; }
+ { from = "abuse"; to = "root"; }
+ { from = "noc"; to = "root"; }
+ { from = "security"; to = "root"; }
+ { from = "root"; to = "lass"; }
+ ];
+ };
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p tcp --dport smtp"; target = "ACCEPT"; }
+ ];
+}
diff --git a/lass/2configs/fastpoke-pages.nix b/lass/2configs/fastpoke-pages.nix
deleted file mode 100644
index bf6ea8952..000000000
--- a/lass/2configs/fastpoke-pages.nix
+++ /dev/null
@@ -1,101 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with config.krebs.lib;
-
-let
- createStaticPage = domain:
- {
- krebs.nginx.servers."${domain}" = {
- server-names = [
- "${domain}"
- "www.${domain}"
- ];
- locations = [
- (nameValuePair "/" ''
- root /var/lib/http/${domain};
- '')
- ];
- };
- #networking.extraHosts = ''
- # 10.243.206.102 ${domain}
- #'';
- users.extraUsers = {
- ${domain} = {
- name = domain;
- home = "/var/lib/http/${domain}";
- createHome = true;
- };
- };
- };
-
-in {
- imports = map createStaticPage [
- "habsys.de"
- "pixelpocket.de"
- "karlaskop.de"
- "ubikmedia.de"
- "apanowicz.de"
- ];
-
- krebs.iptables = {
- tables = {
- filter.INPUT.rules = [
- { predicate = "-p tcp --dport http"; target = "ACCEPT"; }
- ];
- };
- };
-
-
- krebs.nginx = {
- enable = true;
- servers = {
- #"habsys.de" = {
- # server-names = [
- # "habsys.de"
- # "www.habsys.de"
- # ];
- # locations = [
- # (nameValuePair "/" ''
- # root /var/lib/http/habsys.de;
- # '')
- # ];
- #};
-
- #"karlaskop.de" = {
- # server-names = [
- # "karlaskop.de"
- # "www.karlaskop.de"
- # ];
- # locations = [
- # (nameValuePair "/" ''
- # root /var/lib/http/karlaskop.de;
- # '')
- # ];
- #};
-
- #"pixelpocket.de" = {
- # server-names = [
- # "pixelpocket.de"
- # "www.karlaskop.de"
- # ];
- # locations = [
- # (nameValuePair "/" ''
- # root /var/lib/http/karlaskop.de;
- # '')
- # ];
- #};
-
- };
- };
-
- #services.postgresql = {
- # enable = true;
- #};
-
- #config.services.vsftpd = {
- # enable = true;
- # userlistEnable = true;
- # userlistFile = pkgs.writeFile "vsftpd-userlist" ''
- # '';
- #};
-}
diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix
index 9c27706cb..f3b65e816 100644
--- a/lass/2configs/fetchWallpaper.nix
+++ b/lass/2configs/fetchWallpaper.nix
@@ -5,7 +5,7 @@ let
in {
krebs.fetchWallpaper = {
enable = true;
- url = "echelon/wallpaper.png";
+ url = "cloudkrebs/wallpaper.png";
};
}
diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix
index 6043a8759..0eec97922 100644
--- a/lass/2configs/games.nix
+++ b/lass/2configs/games.nix
@@ -13,7 +13,7 @@ in {
name = "games";
description = "user playing games";
home = "/home/games";
- extraGroups = [ "audio" "video" "input" ];
+ extraGroups = [ "audio" "video" "input" "loot" ];
createHome = true;
useDefaultShell = true;
};
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index 0aab298c7..5cbe46351 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -35,6 +35,8 @@ let
newsbot-js = {};
kimsufi-check = {};
realwallpaper = {};
+ xmonad-stockholm = {};
+ the_playlist = {};
};
restricted-repos = mapAttrs make-restricted-repo (
diff --git a/lass/2configs/krebs-pass.nix b/lass/2configs/krebs-pass.nix
new file mode 100644
index 000000000..a605bc84b
--- /dev/null
+++ b/lass/2configs/krebs-pass.nix
@@ -0,0 +1,21 @@
+{ pkgs, ... }:
+
+let
+
+ #TODO: tab-completion
+ krebs-pass = pkgs.writeDashBin "krebs-pass" ''
+ PASSWORD_STORE_DIR=$HOME/.krebs-pass \
+ exec ${pkgs.pass}/bin/pass $@
+ '';
+
+ krebs-passmenu = pkgs.writeDashBin "krebs-passmenu" ''
+ PASSWORD_STORE_DIR=$HOME/.krebs-pass \
+ exec ${pkgs.pass}/bin/passmenu $@
+ '';
+
+in {
+ krebs.per-user.lass.packages = [
+ krebs-pass
+ krebs-passmenu
+ ];
+}
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
new file mode 100644
index 000000000..72d6f987f
--- /dev/null
+++ b/lass/2configs/mail.nix
@@ -0,0 +1,110 @@
+{ pkgs, ... }:
+
+let
+
+ msmtprc = pkgs.writeText "msmtprc" ''
+ defaults
+ logfile ~/.msmtp.log
+ account prism
+ host prism.r
+ account default: prism
+ '';
+
+ msmtp = pkgs.writeDashBin "msmtp" ''
+ exec ${pkgs.msmtp}/bin/msmtp -C ${msmtprc} $@
+ '';
+
+ muttrc = pkgs.writeText "muttrc" ''
+ # gpg
+ source ${pkgs.mutt-kz}/share/doc/mutt-kz/samples/gpg.rc
+ set pgp_use_gpg_agent = yes
+ set pgp_sign_as = 0x976A7E4D
+ set crypt_autosign = yes
+ set crypt_replyencrypt = yes
+ set crypt_verify_sig = yes
+ set pgp_verify_command = "gpg --no-verbose --batch --output - --verify %s %f"
+
+ macro index \Cv \
+ "<enter-command> set my_crypt_verify_sig=\$crypt_verify_sig<enter> \
+ <enter-command> set crypt_verify_sig=yes<enter> \
+ <display-message><enter-command> set crypt_verify_sig=\$my_crypt_verify_sig<enter>" \
+ 'Verify PGP signature and open the message'
+
+ macro pager \Cv \
+ "<exit><enter-command> set my_crypt_verify_sig=\$crypt_verify_sig<enter> \
+ <enter-command> set crypt_verify_sig=yes<enter> \
+ <display-message><enter-command> set crypt_verify_sig=\$my_crypt_verify_sig<enter>" \
+ 'Verify PGP signature'
+
+
+ # notmuch
+ set nm_default_uri="notmuch://$HOME/Maildir" # path to the maildir
+ set nm_record = yes
+ set nm_record_tags = "-inbox me archive"
+ set virtual_spoolfile=yes # enable virtual folders
+ set sendmail="msmtp" # enables parsing of outgoing mail
+ set use_from=yes
+ set envelope_from=yes
+
+ set index_format="%4C %Z %?GI?%GI& ? %[%d/%b] %-16.15F %?M?(%3M)& ? %s %> %?g?%g?"
+
+ virtual-mailboxes \
+ "INBOX" "notmuch://?query=tag:inbox and NOT tag:killed"\
+ "Unread" "notmuch://?query=tag:unread"\
+ "TODO" "notmuch://?query=tag:TODO"\
+ "Starred" "notmuch://?query=tag:*"\
+ "Archive" "notmuch://?query=tag:archive"\
+ "Sent" "notmuch://?query=tag:sent"\
+ "Junk" "notmuch://?query=tag:junk"
+
+ tag-transforms "junk" "k" \
+ "unread" "u" \
+ "replied" "↻" \
+ "TODO" "T" \
+
+ # notmuch bindings
+ macro index \\\\ "<vfolder-from-query>" # looks up a hand made query
+ macro index A "<modify-labels>+archive -unread -inbox\n" # tag as Archived
+ macro index + "<modify-labels>+*\n<sync-mailbox>" # tag as starred
+ macro index - "<modify-labels>-*\n<sync-mailbox>" # tag as unstarred
+
+
+ #killed
+ bind index d noop
+ bind pager d noop
+
+ bind pager S noop
+ macro index S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as Junk mail
+ macro pager S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as Junk mail
+
+ bind index t noop
+ bind pager t noop
+ macro index t "<modify-labels>+TODO\n" # tag as Archived
+
+
+ # sidebar
+ set sidebar_width = 20
+ set sidebar_visible = yes # set to "no" to disable sidebar view at startup
+ color sidebar_new yellow default
+ # sidebar bindings
+ bind index <left> sidebar-prev # got to previous folder in sidebar
+ bind index <right> sidebar-next # got to next folder in sidebar
+ bind index <space> sidebar-open # open selected folder from sidebar
+ # sidebar toggle
+ macro index ,@) "<enter-command> set sidebar_visible=no; macro index ~ ,@( 'Toggle sidebar'<Enter>"
+ macro index ,@( "<enter-command> set sidebar_visible=yes; macro index ~ ,@) 'Toggle sidebar'<Enter>"
+ macro index ~ ,@( 'Toggle sidebar' # toggle the sidebar
+ '';
+
+ mutt = pkgs.wri