From 341efc1cc7367931a9aef88d2f0ade8d93e9702b Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 1 Dec 2017 09:31:02 +0100 Subject: ma pkgs.PkgDecrypt: init --- makefu/5pkgs/PkgDecrypt/default.nix | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 makefu/5pkgs/PkgDecrypt/default.nix diff --git a/makefu/5pkgs/PkgDecrypt/default.nix b/makefu/5pkgs/PkgDecrypt/default.nix new file mode 100644 index 000000000..80bcbcac1 --- /dev/null +++ b/makefu/5pkgs/PkgDecrypt/default.nix @@ -0,0 +1,27 @@ +{ stdenv, lib, pkgs, fetchFromGitHub, ... }: +stdenv.mkDerivation rec { + name = "PkgDecrypt-2017-12-01"; + rev = "e2f9518"; + + src = fetchFromGitHub { + owner = "St4rk"; + repo = "PkgDecrypt"; + inherit rev; + sha256 = "0dk13qamxyny0vc990s06vqddxwwc6xmikb1pkc3rnys98yda29p"; + }; + + installPhase = '' + install -m755 -D pkg_dec $out/bin/pkg_dec + install -m755 -D make_key $out/bin/make_key + ''; + + buildInputs = with pkgs;[ + zlib + ]; + + meta = { + homepage = https://github.com/St4rk/PkgDecrypt; + description = "St4rk's Vita pkg decrypter"; + license = lib.licenses.gpl2; + }; +} -- cgit v1.2.3 From 7cbb04c7c62a339559d192886f5b4b29e49f0b7e Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 1 Dec 2017 10:03:29 +0100 Subject: ma pkgs.pkg2zip: init --- makefu/5pkgs/pkg2zip/default.nix | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 makefu/5pkgs/pkg2zip/default.nix diff --git a/makefu/5pkgs/pkg2zip/default.nix b/makefu/5pkgs/pkg2zip/default.nix new file mode 100644 index 000000000..36c3d7176 --- /dev/null +++ b/makefu/5pkgs/pkg2zip/default.nix @@ -0,0 +1,29 @@ +{ stdenv, lib, pkgs, fetchFromGitHub, ... }: +stdenv.mkDerivation rec { + name = "pkg2zip-2017-12-01"; + rev = "fccad26"; + + src = fetchFromGitHub { + owner = "mmozeiko"; + repo = "pkg2zip"; + inherit rev; + sha256 = "1sq9yx5cbllmc0yyxhvb6c0yq1mkd1mn8njgkkgxz8alw9zwlarp"; + }; + + installPhase = '' + install -m755 -D pkg2zip $out/bin/pkg2zip + + install -m755 -D rif2zrif.py $out/bin/rif2zrif + install -m755 -D zrif2rif.py $out/bin/zrif2rif + ''; + + buildInputs = with pkgs;[ + python3 + ]; + + meta = { + homepage = https://github.com/St4rk/PkgDecrypt; + description = "St4rk's Vita pkg decrypter"; + license = lib.licenses.gpl2; + }; +} -- cgit v1.2.3 From cd9447c43cb931b97de373bb728dab4045551651 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 5 Dec 2017 14:39:56 +0100 Subject: ma pkgs.airsensor-py: init at 2017-12-05 --- makefu/5pkgs/airsensor-py/default.nix | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 makefu/5pkgs/airsensor-py/default.nix diff --git a/makefu/5pkgs/airsensor-py/default.nix b/makefu/5pkgs/airsensor-py/default.nix new file mode 100644 index 000000000..b467872b4 --- /dev/null +++ b/makefu/5pkgs/airsensor-py/default.nix @@ -0,0 +1,17 @@ +{ pkgs, fetchFromGitHub, ... }: +with pkgs.python3Packages; +buildPythonApplication rec { + name = "airsensor-py-${version}"; + version = "2017-04-24"; + propagatedBuildInputs = [ + pyusb + click + ]; + + src = fetchFromGitHub { + owner = "dfederschmidt"; + repo = "airsensor-py"; + rev = "c476918"; + sha256 = "0dc88vqxsgx20asbwfdjmz6yl6bvv65k0krvmmss3gcwxdgh9p2q"; + }; +} -- cgit v1.2.3 From a56a9bf39e0338ce3b3f1fbfca08b701be27367a Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 5 Dec 2017 15:15:32 +0100 Subject: ma wbob.r: add grafana --- makefu/1systems/wbob/config.nix | 51 ++++++++++++++++++++++++++++++++++++++--- 1 file changed, 48 insertions(+), 3 deletions(-) diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index ac51fd9ca..f7b60fa93 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -3,6 +3,7 @@ let rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115"; datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F"; user = config.makefu.gui.user; + primaryIP = "192.168.8.11"; in { imports = @@ -10,16 +11,19 @@ in { - - - + + # + # + # # + + # # # @@ -27,6 +31,44 @@ in { # Services + + + + + (let + collectd-port = 25826; + influx-port = 8086; + grafana-port = 3000; # TODO nginx forward + db = "collectd_db"; + logging-interface = "enp0s25"; + in { + services.grafana.enable = true; + services.grafana.addr = "0.0.0.0"; + + services.influxdb.enable = true; + services.influxdb.extraConfig = { + meta.hostname = config.krebs.build.host.name; + # meta.logging-enabled = true; + http.bind-address = ":${toString influx-port}"; + admin.bind-address = ":8083"; + collectd = [{ + enabled = true; + typesdb = "${pkgs.collectd}/share/collectd/types.db"; + database = db; + bind-address = ":${toString collectd-port}"; + }]; + }; + + networking.firewall.extraCommands = '' + iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT + iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT + iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT + + ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT + ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT + ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT + ''; + }) # temporary # @@ -96,6 +138,9 @@ in { # rt2870 with nonfree creates wlp2s0 from wlp0s20u2 # not explicitly setting the interface results in wpa_supplicant to crash networking.wireless.interfaces = [ "wlp2s0" ]; + networking.interfaces.enp0s25.ip4 = [ + { address = primaryIP; prefixLength = 24;} + ]; networking.interfaces.virbr1.ip4 = [{ address = "10.8.8.11"; prefixLength = 24; -- cgit v1.2.3 From 04e6eeb7c8e2e3141293a84bc147265725208999 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 5 Dec 2017 15:16:13 +0100 Subject: ma telegraf: separate, add airsensor --- makefu/2configs/stats/telegraf/airsensor.nix | 15 +++++++++++++++ makefu/2configs/stats/telegraf/default.nix | 3 --- 2 files changed, 15 insertions(+), 3 deletions(-) create mode 100644 makefu/2configs/stats/telegraf/airsensor.nix diff --git a/makefu/2configs/stats/telegraf/airsensor.nix b/makefu/2configs/stats/telegraf/airsensor.nix new file mode 100644 index 000000000..c0c64b238 --- /dev/null +++ b/makefu/2configs/stats/telegraf/airsensor.nix @@ -0,0 +1,15 @@ +{ pkgs, ...}: + +{ + services.telegraf.extraConfig.inputs.exec = [ + { + commands = [ "${pkgs.airsensor-py}/bin/airsensor-py"]; + timeout = "10s"; + data_format = "value"; + data_type = "integer"; + name_override = "airquality"; + interval = "10s"; + tags.unit="VOC"; + } + ]; +} diff --git a/makefu/2configs/stats/telegraf/default.nix b/makefu/2configs/stats/telegraf/default.nix index 4da6561d6..049a9c037 100644 --- a/makefu/2configs/stats/telegraf/default.nix +++ b/makefu/2configs/stats/telegraf/default.nix @@ -2,9 +2,6 @@ let url = "http://localhost:8086"; in { - imports = [ - ./europastats.nix - ]; services.telegraf = { enable = true; extraConfig = { -- cgit v1.2.3 From 5747398b0e4d42c86eeb4463275b0f032d51968f Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 5 Dec 2017 20:03:55 +0100 Subject: l browsers: add precedence --- lass/2configs/browsers.nix | 43 ++++++++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 13 deletions(-) diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 6c381863c..a858d3fec 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -5,19 +5,23 @@ let mainUser = config.users.extraUsers.mainUser; - browser-select = pkgs.writeScriptBin "browser-select" '' - BROWSER=$(echo -e "${concatStringsSep "\\n" (attrNames config.lass.browser.paths)}" | ${pkgs.dmenu}/bin/dmenu) + browser-select = let + sortedPaths = sort (a: b: a.value.precedence > b.value.precedence) + (mapAttrsToList (name: value: { inherit name value; }) + config.lass.browser.paths); + in pkgs.writeScriptBin "browser-select" '' + BROWSER=$(echo -e "${concatStringsSep "\\n" (map (getAttr "name") sortedPaths)}" | ${pkgs.dmenu}/bin/dmenu) case $BROWSER in ${concatMapStringsSep "\n" (n: '' - ${n}) - export BIN=${config.lass.browser.paths.${n}}/bin/${n} + ${n.name}) + export BIN=${n.value.path}/bin/${n.name} ;; - '') (attrNames config.lass.browser.paths)} + '') (sortedPaths)} esac $BIN "$@" ''; - createChromiumUser = name: extraGroups: + createChromiumUser = name: extraGroups: precedence: let bin = pkgs.writeScriptBin name '' /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.chromium}/bin/chromium $@ @@ -31,7 +35,7 @@ let useDefaultShell = true; createHome = true; }; - lass.browser.paths.${name} = bin; + lass.browser.paths.${name}.path = bin; security.sudo.extraConfig = '' ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; @@ -40,7 +44,7 @@ let ]; }; - createFirefoxUser = name: extraGroups: + createFirefoxUser = name: extraGroups: precedence: let bin = pkgs.writeScriptBin name '' /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox}/bin/firefox $@ @@ -54,7 +58,10 @@ let useDefaultShell = true; createHome = true; }; - lass.browser.paths.${name} = bin; + lass.browser.paths.${name} = { + path = bin; + inherit precedence; + }; security.sudo.extraConfig = '' ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; @@ -79,14 +86,24 @@ in { type = types.path; }; options.lass.browser.paths = mkOption { - type = with types; attrsOf path; + type = types.attrsOf (types.submodule ({ + options = { + path = mkOption { + type = types.path; + }; + precedence = mkOption { + type = types.int; + default = 0; + }; + }; + })); }; } - ( createFirefoxUser "ff" [ "audio" ] ) - ( createChromiumUser "cr" [ "video" "audio" ] ) + ( createFirefoxUser "ff" [ "audio" ] 10 ) + ( createChromiumUser "cr" [ "video" "audio" ] 9 ) + ( createChromiumUser "gm" [ "video" "audio" ] 8 ) ( createChromiumUser "wk" [ "video" "audio" ] ) ( createChromiumUser "fb" [ "video" "audio" ] ) - ( createChromiumUser "gm" [ "video" "audio" ] ) ( createChromiumUser "com" [ "video" "audio" ] ) ]; } -- cgit v1.2.3 From 29f9d3b86926916df63d4525f909316df5638f86 Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 5 Dec 2017 21:29:45 +0000 Subject: boom --- jeschli/1systems/reagenzglas/.source.nix.swp | Bin 0 -> 12288 bytes jeschli/1systems/reagenzglas/config.nix | 136 +++++++++++++++++++++ .../reagenzglas/hardware-configuration.nix | 33 +++++ jeschli/1systems/reagenzglas/source.nix | 4 + jeschli/2configs/vim.nix | 102 ++++++++++++++++ jeschli/default.nix | 9 ++ jeschli/source.nix | 22 ++++ 7 files changed, 306 insertions(+) create mode 100644 jeschli/1systems/reagenzglas/.source.nix.swp create mode 100644 jeschli/1systems/reagenzglas/config.nix create mode 100644 jeschli/1systems/reagenzglas/hardware-configuration.nix create mode 100644 jeschli/1systems/reagenzglas/source.nix create mode 100644 jeschli/2configs/vim.nix create mode 100644 jeschli/default.nix create mode 100644 jeschli/source.nix diff --git a/jeschli/1systems/reagenzglas/.source.nix.swp b/jeschli/1systems/reagenzglas/.source.nix.swp new file mode 100644 index 000000000..8c1a75f39 Binary files /dev/null and b/jeschli/1systems/reagenzglas/.source.nix.swp differ diff --git a/jeschli/1systems/reagenzglas/config.nix b/jeschli/1systems/reagenzglas/config.nix new file mode 100644 index 000000000..e75e52020 --- /dev/null +++ b/jeschli/1systems/reagenzglas/config.nix @@ -0,0 +1,136 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + + ]; + + # Use the GRUB 2 boot loader. + # boot.loader.grub.enable = true; + # boot.loader.grub.version = 2; + # boot.loader.grub.efiSupport = true; + # boot.loader.grub.efiInstallAsRemovable = true; + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + # Define on which hard drive you want to install Grub. +# boot.loader.grub.device = "/dev/disk/by-id/wwn-0x5002538844584d30"; # or "nodev" for efi only + + boot.initrd.luks.devices = [ + { + name = "root"; + device = "/dev/disk/by-id/wwn-0x5002538844584d30-part2"; + preLVM = true; + allowDiscards = true; + } + ]; + networking.hostName = "reaganzglas"; # Define your hostname. +# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.networkmanager.enable = true; + # Select internationalisation properties. + # i18n = { + # consoleFont = "Lat2-Terminus16"; + # consoleKeyMap = "us"; + # defaultLocale = "en_US.UTF-8"; + # }; + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # List packages installed in system profile. To search by name, run: + # $ nix-env -qaP | grep wget + nixpkgs.config.allowUnfree = true; + environment.shellAliases = { n = "nix-shell"; }; + environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; }; + environment.systemPackages = with pkgs; [ + # system helper + ag + curl + copyq + dmenu + git + i3lock + keepass + networkmanagerapplet + rsync + terminator + tmux + wget + rxvt_unicode + # editors + emacs + # internet + thunderbird + chromium + google-chrome + # programming languages + go + gcc + ghc + python35 + python35Packages.pip + # go tools + golint + gotools + # dev tools + gnumake + # document viewer + zathura + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + programs.bash.enableCompletion = true; + # programs.mtr.enable = true; + # programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMPuFzd6p3zZETIjoV5mRxCTQgeZk9s/P374mEDbj58wDTT0uGWu2JRf7cL1QRTvd5238tYl0eSHXH65+oaFB/mIvmiRnuw6qQODOMHlSbJN5/J2hEw/3v5gveiP1xNLfKlFhj6mmMRF7Etvzns/kLGLCSjj1UTlfo4iHmtinPmU+iQ8J4foS4cZj4oZesF8gndkc2EFMfL6en7EuU8GK6U9GtwKNL9N4UoUZXu8Nf00pkn/jrpmsDdI4zdVVAxWeu/Lo4li43EVixLcfwQiwzf6S9FvYIv30xPdy92GJSJwxm/QkYuc48VZWUoE+qThf3IEPETtX+MRZrM8RTtY01 markus@reaganzglas" + ]; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable the X11 windowing system. + services.xserver.enable = true; + services.xserver.layout = "us"; + services.xserver.xkbOptions = "eurosign:e"; + + # Enable touchpad support. + services.xserver.libinput.enable = true; + + # Enable the KDE Desktop Environment. + services.xserver.displayManager.sddm.enable = true; + services.xserver.windowManager.xmonad.enable = true; + services.xserver.windowManager.xmonad.enableContribAndExtras = true; + + # services.xserver.desktopManager.plasma5.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.extraUsers.jeschli = { + isNormalUser = true; + uid = 1000; + }; + + # This value determines the NixOS release with which your system is to be + # compatible, in order to avoid breaking some software such as database + # servers. You should change this only after NixOS release notes say you + # should. + system.stateVersion = "18.03"; # Did you read the comment? + +} diff --git a/jeschli/1systems/reagenzglas/hardware-configuration.nix b/jeschli/1systems/reagenzglas/hardware-configuration.nix new file mode 100644 index 000000000..a6ab3f16e --- /dev/null +++ b/jeschli/1systems/reagenzglas/hardware-configuration.nix @@ -0,0 +1,33 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, ... }: + +{ + imports = + [ + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/09130cf7-b71b-42ab-9fa3-cb3c745f1fc9"; + fsType = "ext4"; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/8bee50b3-5733-4373-a966-388def141774"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/DA40-AC19"; + fsType = "vfat"; + }; + swapDevices = [ ]; + + nix.maxJobs = lib.mkDefault 8; +# powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; +} diff --git a/jeschli/1systems/reagenzglas/source.nix b/jeschli/1systems/reagenzglas/source.nix new file mode 100644 index 000000000..7543de6b9 --- /dev/null +++ b/jeschli/1systems/reagenzglas/source.nix @@ -0,0 +1,4 @@ +import { + name = "reagenzglas"; + secure = true; +} diff --git a/jeschli/2configs/vim.nix b/jeschli/2configs/vim.nix new file mode 100644 index 000000000..43fcb1956 --- /dev/null +++ b/jeschli/2configs/vim.nix @@ -0,0 +1,102 @@ +{ config, pkgs, ... }: + + +# let +# customPlugins.ultisnips = pkgs.vimUtils.buildVimPlugin { +# name = "ultisnips"; +# src = pkgs.fetchFromGitHub { +# owner = "SirVer"; +# repo = "ultisnips"; +# rev = "3.1"; +# sha256 = "0p9d91h9pm0nx0d77lqsgv6158q052cyj4nm1rd6zvbay9bkkf8b"; +# }; +# }; +# +let + customPlugins.vim-javascript = pkgs.vimUtils.buildVimPlugin { + name = "vim-javascript"; + src = pkgs.fetchFromGitHub { + owner = "pangloss"; + repo = "vim-javascript"; + rev = "1.2.5.1"; + sha256 = "08l7ricd3j5h2bj9i566byh39v9n5wj5mj75f2c8a5dsc732b2k7"; + }; + }; + customPlugins.vim-jsx = pkgs.vimUtils.buildVimPlugin { + name = "vim-jsx"; + src = pkgs.fetchFromGitHub { + owner = "mxw"; + repo = "vim-jsx"; + rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a"; + sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a"; + }; + }; +in { +# { + environment.systemPackages = [ + (pkgs.vim_configurable.customize { + name = "vim"; + + vimrcConfig.customRC = '' + :imap jk + :vmap v v + :map gr :GoRun + :nnoremap :bnext + :nnoremap + set autowrite + set number + set ruler + + noremap x "_x + set clipboard=unnamedplus + + let g:jsx_ext_required = 0 + + let g:go_list_type = "quickfix" + let g:go_test_timeout = '10s' + let g:go_fmt_command = "goimports" + let g:go_snippet_case_type = "camelcase" + let g:go_highlight_types = 1 + let g:go_highlight_fields = 1 + let g:go_highlight_functions = 1 + let g:go_highlight_methods = 1 + let g:go_highlight_extra_types = 1 + autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4 + let g:rehash256 = 1 + let g:molokai_original = 1 + colorscheme molokai + let g:go_metalinter_enabled = ['vet', 'golint', 'errcheck'] + let g:go_metalinter_autosave = 1 + " let g:go_metalinter_autosave_enabled = ['vet', 'golint'] + " let g:go_def_mode = 'godef' + " let g:go_decls_includes = "func,type" + + + " Trigger configuration. Do not use if you use https://github.com/Valloric/YouCompleteMe. + let g:UltiSnipsExpandTrigger="" + let g:UltiSnipsJumpForwardTrigger="" + let g:UltiSnipsJumpBackwardTrigger="" + + " If you want :UltiSnipsEdit to split your window. + let g:UltiSnipsEditSplit="vertical" + + if has('persistent_undo') "check if your vim version supports it + set undofile "turn on the feature + set undodir=$HOME/.vim/undo "directory where the undo files will be stored + endif + ''; + + vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; + vimrcConfig.vam.pluginDictionaries = [ + { names = [ "undotree" "molokai" ]; } # wanted: fatih/molokai + # vim-nix handles indentation better but does not perform sanity + { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } + { names = [ "vim-go" ]; ft_regex = "^go\$"; } # wanted: nsf/gocode + { names = [ "vim-javascript" ]; ft_regex = "^js\$"; } + { names = [ "vim-jsx" ]; ft_regex = "^js\$"; } + { names = [ "UltiSnips" ]; ft_regex = "^go\$"; } + ]; + + }) + ]; +} diff --git a/jeschli/default.nix b/jeschli/default.nix new file mode 100644 index 000000000..92de07407 --- /dev/null +++ b/jeschli/default.nix @@ -0,0 +1,9 @@ +_: +{ + imports = [ + ../krebs +# ./2configs +# ./3modules +# ./5pkgs + ]; +} diff --git a/jeschli/source.nix b/jeschli/source.nix new file mode 100644 index 000000000..d5e14a8dc --- /dev/null +++ b/jeschli/source.nix @@ -0,0 +1,22 @@ +with import ; +host@{ name, secure ? false, override ? {} }: let + builder = if getEnv "dummy_secrets" == "true" + then "buildbot" + else "jeschli"; + _file = + "/jeschli/1systems/${name}/source.nix"; +in + evalSource (toString _file) [ + { + nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix"; + nixpkgs.git = { + url = https://github.com/nixos/nixpkgs; + ref = "f9390d6"; + }; + secrets.file = getAttr builder { + buildbot = toString ; + jeschli = "/home/jeschli/secrets/${name}"; + }; + stockholm.file = toString ; + } + override + ] -- cgit v1.2.3 From 3f8ae7bf425eb2addef7634a113197774fe3f76a Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 5 Dec 2017 23:37:19 +0100 Subject: krebs.hosts: set default --- krebs/3modules/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index a8933e719..7cf02cd8b 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -61,6 +61,7 @@ let hosts = mkOption { type = with types; attrsOf host; + default = {}; }; users = mkOption { -- cgit v1.2.3 From 19781ae7a4897c8f67e98ac6c57b75bb0c3d06b4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 6 Dec 2017 00:08:11 +0100 Subject: krebs ci: stockholm=. --- krebs/3modules/ci.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index adbc1ebe1..b56f5c543 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -104,7 +104,7 @@ in "dummy_secrets": "true", }, command=[ - "nix-shell", "--run", " ".join(["test", + "nix-shell", "-I", "stockholm=.", "--run", " ".join(["test", "--user={}".format(user), "--system={}".format(host), "--force-populate", -- cgit v1.2.3 From 6b089cb852928fbbf345ac41652028804daf94cb Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 6 Dec 2017 17:12:10 +0100 Subject: l: adopt reagenzglas (for now) --- krebs/3modules/lass/default.nix | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index d2c3000d6..772d96009 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -535,6 +535,45 @@ with import ; }; }; }; + reagenzglas = { + ci = false; + external = true; + nets = { + retiolum = { + ip4.addr = "10.243.27.27"; + ip6.addr = "42::27"; + aliases = [ + "reagenzglas.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEA4Tbq6aiMhPz55Of/WDEmESGmScRJedQSJoyRuDEDabEktdbP/m7P + bwpLp0lGYphx42+lutFcYOGoH/Lglfj39yhDcrpkYfTnzcGOWutXGuZ+iR5vmGj0 + utJRf/4+a4sB5NboBVZ9Ke/RTjDNSov00C2hFCYTXz89Gd2ap1nDPQpnejOS+9aO + 2W6P/WIKhRH7TfW6M7mUCrjVxWXZgdfSCQYxAXU/+1uAGmJ9qlGlQUIGUGv9Znv5 + hurqwAHzSgEkKc2iUumosz6a8W9Oo3TAEC+jMEO2l/+GJ/8VysG1wtLWDX03GU3u + mBAtrJppEw4QNPTeFg6XSFIwV8Z0fWZ4lGsPJLbAkLUMxtKVWKbdrdpnmiQpLfBW + 8BRbT1pjwEdw0hefA6NwCO3/Y5piEaUEz/gYz9xHFMDXUj9stHtaF0HaqonWyb06 + aX3EEqRBxVsj6/Sgd33b77xqY4WBoOlbhfWj+EAD1Ova26lHELpAg0Z4AncpyOzw + pJcX81U8GgQp899YAc3EAldFfiu094CvM2NKd110K90VlTpos+sqFfNE87vpprMu + 3d1NsYzf+FUM/aXASlqTNL+i8qBDAlODkLdj4+VZ2BjkSH+p2BLZouizSzu4X3I/ + lfy554Dbb/98zlwmX9JrWzBRs2GxxFdIDZ1jK+Ci5qM7oTfujBwiE4jZA6wlK8u5 + +IenSBdaJb0J8nS0Bziz/BLkuBCrl/YFelpZlY0pw6WYlraKbf/nsOpumOYh6zdz + 9jiIPElGvso9FhwigX7xWCiYMK3ryAqm8CL0cTscQW3Yy2JKm1tNIQtAacwnNVli + PqdnPJSo942I+Fl6ZPjZ19ivJIqC+2TjGEY2Et8DkiL6YZfy4bM1zhoWMlXBIil0 + ynnKR/h/CC67cq94JCbtRWKiYXIYtfHPQkS7S1Lk6aSYbIch/wROyh7XJ7EGE7nn + GAVMqI/P/qbW3rwEJGXzI4eJAHa2hwpP2Slimf6uUD/6L2bAnduhYoTsnNSjJmNE + hCC+MHohzk7+isZl0jwIEcMpsohMAwoa5BEhbuYJWeUesT/4PeddLIGYubTZAXp2 + ZdYRepSNUEhSZV0H99MhlqeooDJxnWpsiba5Gb0s6p4gTReGy0jMtWnxI2P5RUFX + vEGt77v4MGrWYTzAL/ZRmESsOj7TXqpSK5YcMC2nr8PcV66LuMjOkRrGoVOV3fBe + G/9pNVb68SRwfPoGa5nGe6C7GPcgko9rgGLLcU1r/4L2bqFhdIQdSfaUX2Hscm44 + 5GdN2UvuwwVxOyU1uPqJcBNnr2yt3x3kw5+zDQ00z/pFntTXWm19m6BUtbkdwN2x + Bn1P3P/mRTEaHxQr9RGg8Zjnix/Q6G7I5QIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; }; users = { lass = { -- cgit v1.2.3 From 64e0ccac92b6725a4eb1e5ef06782c07f20e44dd Mon Sep 17 00:00:00 2001 From: jeschli Date: Wed, 6 Dec 2017 16:41:08 +0000 Subject: jeschli:+ retiolum, +lass vim --- jeschli/1systems/reagenzglas/config.nix | 18 +- jeschli/2configs/copy-vim.nix | 102 +++++++ jeschli/2configs/default.nix | 66 +++++ jeschli/2configs/retiolum.nix | 22 ++ jeschli/2configs/vim.nix | 463 +++++++++++++++++++++++++------- jeschli/default.nix | 2 +- 6 files changed, 571 insertions(+), 102 deletions(-) create mode 100644 jeschli/2configs/copy-vim.nix create mode 100644 jeschli/2configs/default.nix create mode 100644 jeschli/2configs/retiolum.nix diff --git a/jeschli/1systems/reagenzglas/config.nix b/jeschli/1systems/reagenzglas/config.nix index e75e52020..d3065b0f5 100644 --- a/jeschli/1systems/reagenzglas/config.nix +++ b/jeschli/1systems/reagenzglas/config.nix @@ -7,8 +7,8 @@ { imports = [ # Include the results of the hardware scan. + ./hardware-configuration.nix - ]; # Use the GRUB 2 boot loader. @@ -20,7 +20,7 @@ boot.loader.efi.canTouchEfiVariables = true; # Define on which hard drive you want to install Grub. # boot.loader.grub.device = "/dev/disk/by-id/wwn-0x5002538844584d30"; # or "nodev" for efi only - + boot.initrd.luks.devices = [ { name = "root"; @@ -64,7 +64,7 @@ rxvt_unicode # editors emacs - # internet + # internet thunderbird chromium google-chrome @@ -85,7 +85,6 @@ # Some programs need SUID wrappers, can be configured further or are # started in user sessions. - programs.bash.enableCompletion = true; # programs.mtr.enable = true; # programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; @@ -95,7 +94,7 @@ services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMPuFzd6p3zZETIjoV5mRxCTQgeZk9s/P374mEDbj58wDTT0uGWu2JRf7cL1QRTvd5238tYl0eSHXH65+oaFB/mIvmiRnuw6qQODOMHlSbJN5/J2hEw/3v5gveiP1xNLfKlFhj6mmMRF7Etvzns/kLGLCSjj1UTlfo4iHmtinPmU+iQ8J4foS4cZj4oZesF8gndkc2EFMfL6en7EuU8GK6U9GtwKNL9N4UoUZXu8Nf00pkn/jrpmsDdI4zdVVAxWeu/Lo4li43EVixLcfwQiwzf6S9FvYIv30xPdy92GJSJwxm/QkYuc48VZWUoE+qThf3IEPETtX+MRZrM8RTtY01 markus@reaganzglas" - ]; + ]; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; @@ -133,4 +132,13 @@ # should. system.stateVersion = "18.03"; # Did you read the comment? + programs.bash = { + enableCompletion = true; + interactiveShellInit = '' + export GOPATH=$HOME/go + export PATH=$PATH:$GOPATH/bin + ''; + }; + + krebs.build.host = config.krebs.hosts.reagenzglas; } diff --git a/jeschli/2configs/copy-vim.nix b/jeschli/2configs/copy-vim.nix new file mode 100644 index 000000000..43fcb1956 --- /dev/null +++ b/jeschli/2configs/copy-vim.nix @@ -0,0 +1,102 @@ +{ config, pkgs, ... }: + + +# let +# customPlugins.ultisnips = pkgs.vimUtils.buildVimPlugin { +# name = "ultisnips"; +# src = pkgs.fetchFromGitHub { +# owner = "SirVer"; +# repo = "ultisnips"; +# rev = "3.1"; +# sha256 = "0p9d91h9pm0nx0d77lqsgv6158q052cyj4nm1rd6zvbay9bkkf8b"; +# }; +# }; +# +let + customPlugins.vim-javascript = pkgs.vimUtils.buildVimPlugin { + name = "vim-javascript"; + src = pkgs.fetchFromGitHub { + owner = "pangloss"; + repo = "vim-javascript"; + rev = "1.2.5.1"; + sha256 = "08l7ricd3j5h2bj9i566byh39v9n5wj5mj75f2c8a5dsc732b2k7"; + }; + }; + customPlugins.vim-jsx = pkgs.vimUtils.buildVimPlugin { + name = "vim-jsx"; + src = pkgs.fetchFromGitHub { + owner = "mxw"; + repo = "vim-jsx"; + rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a"; + sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a"; + }; + }; +in { +# { + environment.systemPackages = [ + (pkgs.vim_configurable.customize { + name = "vim"; + + vimrcConfig.customRC = '' + :imap jk + :vmap v v + :map gr :GoRun + :nnoremap :bnext + :nnoremap + set autowrite + set number + set ruler + + noremap x "_x + set clipboard=unnamedplus + + let g:jsx_ext_required = 0 + + let g:go_list_type = "quickfix" + let g:go_test_timeout = '10s' + let g:go_fmt_command = "goimports" + let g:go_snippet_case_type = "camelcase" + let g:go_highlight_types = 1 + let g:go_highlight_fields = 1 + let g:go_highlight_functions = 1 + let g:go_highlight_methods = 1 + let g:go_highlight_extra_types = 1 + autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4 + let g:rehash256 = 1 + let g:molokai_original = 1 + colorscheme molokai + let g:go_metalinter_enabled = ['vet', 'golint', 'errcheck'] + let g:go_metalinter_autosave = 1 + " let g:go_metalinter_autosave_enabled = ['vet', 'golint'] + " let g:go_def_mode = 'godef' + " let g:go_decls_includes = "func,type" + + + " Trigger configuration. Do not use if you use https://github.com/Valloric/YouCompleteMe. + let g:UltiSnipsExpandTrigger="" + let g:UltiSnipsJumpForwardTrigger="" + let g:UltiSnipsJumpBackwardTrigger="" + + " If you want :UltiSnipsEdit to split your window. + let g:UltiSnipsEditSplit="vertical" + + if has('persistent_undo') "check if your vim version supports it + set undofile "turn on the feature + set undodir=$HOME/.vim/undo "directory where the undo files will be stored + endif + ''; + + vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; + vimrcConfig.vam.pluginDictionaries = [ + { names = [ "undotree" "molokai" ]; } # wanted: fatih/molokai + # vim-nix handles indentation better but does not perform sanity + { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } + { names = [ "vim-go" ]; ft_regex = "^go\$"; } # wanted: nsf/gocode + { names = [ "vim-javascript" ]; ft_regex = "^js\$"; } + { names = [ "vim-jsx" ]; ft_regex = "^js\$"; } + { names = [ "UltiSnips" ]; ft_regex = "^go\$"; } + ]; + + }) + ]; +} diff --git a/jeschli/2configs/default.nix b/jeschli/2configs/default.nix new file mode 100644 index 000000000..7fb240951 --- /dev/null +++ b/jeschli/2configs/default.nix @@ -0,0 +1,66 @@ +{ config, pkgs, ... }: +with import ; +{ + imports = [ + ./vim.nix + ./retiolum.nix + { + environment.variables = { + NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; + }; + } + ]; + + nixpkgs.config.allowUnfree = true; + + environment.systemPackages = with pkgs; [ + #stockholm + git + gnumake + jq + parallel + proot + populate + + #style + most + rxvt_unicode.terminfo + + #monitoring tools + htop + iotop + + #network + iptables + iftop + + #stuff for dl + aria2 + + #neat utils + file + kpaste + krebspaste + mosh + pciutils + psmisc + # q + # rs + tmux + untilport + usbutils + # logify + goify + + #unpack stuff + p7zip + unzip + unrar + + (pkgs.writeDashBin "sshn" '' + ${pkgs.openssh}/bin/ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "$@" + '') + ]; + + krebs.enable = true; +} diff --git a/jeschli/2configs/retiolum.nix b/jeschli/2configs/retiolum.nix new file mode 100644 index 000000000..403300b30 --- /dev/null +++ b/jeschli/2configs/retiolum.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: + +{ + + krebs.tinc.retiolum = { + enable = true; + connectTo = [ + "prism" + "gum" + "ni" + "dishfire" + ]; + }; + + nixpkgs.config.packageOverrides = pkgs: { + tinc = pkgs.tinc_pre; + }; + + environment.systemPackages = [ + pkgs.tinc + ]; +} diff --git a/jeschli/2configs/vim.nix b/jeschli/2configs/vim.nix index 43fcb1956..f6c736fbc 100644 --- a/jeschli/2configs/vim.nix +++ b/jeschli/2configs/vim.nix @@ -1,102 +1,373 @@ -{ config, pkgs, ... }: - - -# let -# customPlugins.ultisnips = pkgs.vimUtils.buildVimPlugin { -# name = "ultisnips"; -# src = pkgs.fetchFromGitHub { -# owner = "SirVer"; -# repo = "ultisnips"; -# rev = "3.1"; -# sha256 = "0p9d91h9pm0nx0d77lqsgv6158q052cyj4nm1rd6zvbay9bkkf8b"; -# }; -# }; -# +{ config, lib, pkgs, ... }: + +with import ; let - customPlugins.vim-javascript = pkgs.vimUtils.buildVimPlugin { - name = "vim-javascript"; - src = pkgs.fetchFromGitHub { - owner = "pangloss"; - repo = "vim-javascript"; - rev = "1.2.5.1"; - sha256 = "08l7ricd3j5h2bj9i566byh39v9n5wj5mj75f2c8a5dsc732b2k7"; - }; + out = { + environment.systemPackages = [ + (hiPrio vim) + pkgs.python35Packages.flake8 + ]; + + environment.etc.vimrc.source = vimrc; + + environment.variables.EDITOR = mkForce "vim"; + environment.variables.VIMINIT = ":so /etc/vimrc"; }; - customPlugins.vim-jsx = pkgs.vimUtils.buildVimPlugin { - name = "vim-jsx"; - src = pkgs.fetchFromGitHub { - owner = "mxw"; - repo = "vim-jsx"; - rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a"; - sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a"; - }; - }; -in { -# { - environment.systemPackages = [ - (pkgs.vim_configurable.customize { - name = "vim"; - vimrcConfig.customRC = '' - :imap jk - :vmap v v - :map gr :GoRun - :nnoremap :bnext - :nnoremap - set autowrite - set number - set ruler - - noremap x "_x - set clipboard=unnamedplus - - let g:jsx_ext_required = 0 - - let g:go_list_type = "quickfix" - let g:go_test_timeout = '10s' - let g:go_fmt_command = "goimports" - let g:go_snippet_case_type = "camelcase" - let g:go_highlight_types = 1 - let g:go_highlight_fields = 1 - let g:go_highlight_functions = 1 - let g:go_highlight_methods = 1 - let g:go_highlight_extra_types = 1 - autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4 - let g:rehash256 = 1 - let g:molokai_original = 1 - colorscheme molokai - let g:go_metalinter_enabled = ['vet', 'golint', 'errcheck'] - let g:go_metalinter_autosave = 1 - " let g:go_metalinter_autosave_enabled = ['vet', 'golint'] - " let g:go_def_mode = 'godef' - " let g:go_decls_includes = "func,type" - - - " Trigger configuration. Do not use if you use https://github.com/Valloric/YouCompleteMe. - let g:UltiSnipsExpandTrigger="" - let g:UltiSnipsJumpForwardTrigger="" - let g:UltiSnipsJumpBackwardTrigger="" - - " If you want :UltiSnipsEdit to split your window. - let g:UltiSnipsEditSplit="vertical" - - if has('persistent_undo') "check if your vim version supports it - set undofile "turn on the feature - set undodir=$HOME/.vim/undo "directory where the undo files will be stored - endif - ''; - - vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; - vimrcConfig.vam.pluginDictionaries = [ - { names = [ "undotree" "molokai" ]; } # wanted: fatih/molokai - # vim-nix handles indentation better but does not perform sanity - { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } - { names = [ "vim-go" ]; ft_regex = "^go\$"; } # wanted: nsf/gocode - { names = [ "vim-javascript" ]; ft_regex = "^js\$"; } - { names = [ "vim-jsx" ]; ft_regex = "^js\$"; } - { names = [ "UltiSnips" ]; ft_regex = "^go\$"; } - ]; + vimrc = pkgs.writeText "vimrc" '' + set nocompatible + + set autoindent + set backspace=indent,eol,start + set backup + set backupdir=${dirs.backupdir}/ + set directory=${dirs.swapdir}// + set hlsearch + set incsearch + set mouse=a + set ruler + set pastetoggle= + set runtimepath=${extra-runtimepath},$VIMRUNTIME + set shortmess+=I + set showcmd + set showmatch + set ttimeoutlen=0 + set undodir=${dirs.undodir} + set undofile + set undolevels=1000000 + set undoreload=1000000 + set viminfo='20,<1000,s100,h,n${files.viminfo} + set visualbell + set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o + set wildmenu + set wildmode=longest,full + + set title + set titleold= + set titlestring=(vim)\ %t%(\ %M%)%(\ (%{expand(\"%:p:h\")})%)%(\ %a%)\ -\ %{v:servername} + + set et ts=2 sts=2 sw=2 + + filetype plugin indent on + + set t_Co=256 + colorscheme hack + syntax on + + au Syntax * syn match Garbage containedin=ALL /\s\+$/ + \ | syn match TabStop containedin=ALL /\t\+/ + \ | syn keyword Todo containedin=ALL TODO + + au BufRead,BufNewFile *.hs so ${hs.vim} + + au BufRead,BufNewFile *.nix so ${nix.vim} + + au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile + + "Syntastic config + let g:syntastic_python_checkers=['flake8'] + let g:syntastic_python_flake8_post_args='--ignore=E501' + + nmap q :buffer + nmap :buffer + + cnoremap + noremap :q + vnoremap < >gv + + nnoremap [5^ :tabp + nnoremap [6^ :tabn + nnoremap [5@ :tabm -1 + nnoremap [6@ :tabm +1 + + nnoremap :tabp + nnoremap :tabn + inoremap :tabp + inoremap :tabn + + " + noremap Oa | noremap! Oa + noremap Ob | noremap! Ob + noremap Oc | noremap! Oc + noremap Od | noremap! Od + " <[C]S-{Up,Down,Right,Left> + noremap [a | noremap! [a + noremap [b | noremap! [b + noremap [c | noremap! [c + noremap [d | noremap! [d + + " search with ack + let g:ackprg = 'ag --vimgrep' + cnoreabbrev Ack Ack! + + " copy/paste from/to xclipboard + noremap x "_x + set clipboard=unnamedplus + ''; + + extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ + pkgs.vimPlugins.ack-vim + pkgs.vimPlugins.Gundo + pkgs.vimPlugins.Syntastic + pkgs.vimPlugins.undotree + pkgs.vimPlugins.vim-go + (pkgs.vimUtils.buildVimPlugin { + name = "file-line-1.0"; + src = pkgs.fetchFromGitHub { + owner = "bogado"; + repo = "file-line"; + rev = "1.0"; + sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0"; + }; }) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let + name = "hack"; + in { + name = "vim-color-${name}-1.0.2"; + destination = "/colors/${name}.vim"; + text = /* vim */ '' + set background=dark + hi clear + if exists("syntax_on") + syntax clear + endif + + let colors_name = ${toJSON name} + + hi Normal ctermbg=235 + hi Comment ctermfg=242 + hi Constant ctermfg=062 + hi Identifier ctermfg=068 + hi Function ctermfg=041 + hi Statement ctermfg=167 + hi PreProc ctermfg=167 + hi Type ctermfg=041 + hi Delimiter ctermfg=251 + hi Special ctermfg=062 + + hi Garbage ctermbg=088 + hi TabStop ctermbg=016 + hi Todo ctermfg=174 ctermbg=NONE + + hi NixCode ctermfg=148 + hi NixData ctermfg=149 + hi NixQuote ctermfg=150 + + hi diffNewFile ctermfg=207 + hi diffFile ctermfg=207 + hi diffLine ctermfg=207 + hi diffSubname ctermfg=207 + hi diffAdded ctermfg=010 + hi diffRemoved ctermfg=009 + ''; + }))) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let + name = "vim"; + in { + name = "vim-syntax-${name}-1.0.0"; + destination = "/syntax/${name}.vim"; + text = /* vim */ '' + ${concatMapStringsSep "\n" (s: /* vim */ '' + syn keyword vimColor${s} ${s} + \ containedin=ALLBUT,vimComment,vimLineComment + hi vimColor${s} ctermfg=${s} + '') (map (i: lpad 3 "0" (toString i)) (range 0 255))} + ''; + }))) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let + name = "showsyntax"; + in { + name = "vim-plugin-${name}-1.0.0"; + destination = "/plugin/${name}.vim"; + text = /* vim */ '' + if exists('g:loaded_showsyntax') + finish + endif + let g:loaded_showsyntax = 0 + + fu! ShowSyntax() + let id = synID(line("."), col("."), 1) + let name = synIDattr(id, "name") + let transName = synIDattr(synIDtrans(id),"name") + if name != transName + let name .= " (" . transName . ")" + endif + echo "Syntax: " . name + endfu + + command! -n=0 -bar ShowSyntax :call ShowSyntax() + ''; + }))) ]; -} + + dirs = { + backupdir = "$HOME/.cache/vim/backup"; + swapdir = "$HOME/.cache/vim/swap"; + undodir = "$HOME/.cache/vim/undo"; + }; + files = { + viminfo = "$HOME/.cache/vim/info"; + }; + + mkdirs = let + dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s)); + in assert out != ""; out; + alldirs = attrValues dirs ++ map dirOf (attrValues files); + in unique (sort lessThan alldirs); + + vim = pkgs.symlinkJoin { + name = "vim"; + paths = [ + (pkgs.writeDashBin "vim" '' + set -efu + (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs}) + exec ${pkgs.vim}/bin/vim "$@" + '') + pkgs.vim + ]; + }; + + hs.vim = pkgs.writeText "hs.vim" '' + syn region String start=+\[[[:alnum:]]*|+ end=+|]+ + + hi link ConId Identifier + hi link VarId Identifier + hi link hsDelimiter Delimiter + ''; + + nix.vim = pkgs.writeText "nix.vim" '' + setf nix + + " Ref + syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/ + syn match NixINT /\<[0-9]\+\>/ + syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ + syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ + syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/ + syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/ + syn region NixSTRING + \ matchgroup=NixSTRING + \ start='"' + \ skip='\\"' + \ end='"' + syn region NixIND_STRING + \ matchgroup=NixIND_STRING + \ start="'''" + \ skip="'''\('\|[$]\|\\[nrt]\)" + \ end="'''" + + syn match NixOther /[():/;=.,?\[\]]/ + + syn match NixCommentMatch /\(^\|\s\)#.*/ + syn region NixCommentRegion start="/\*" end="\*/" + + hi link NixCode Statement + hi link NixData Constant + hi link NixComment Comment + + hi link NixCommentMatch NixComment + hi link NixCommentRegion NixComment + hi link NixID NixCode + hi link NixINT NixData + hi link NixPATH NixData + hi link NixHPATH NixData + hi link NixSPATH NixData + hi link NixURI NixData + hi link NixSTRING NixData + hi link NixIND_STRING NixData + + hi link NixEnter NixCode + hi link NixOther NixCode + hi link NixQuote NixData + + syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings + syn cluster nix_ind_strings contains=NixIND_STRING + syn cluster nix_strings contains=NixSTRING + + ${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let + startAlts = filter isString [ + ''/\* ${lang} \*/'' + extraStart + ]; + sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*''; + in /* vim */ '' + syn include @nix_${lang}_syntax syntax/${lang}.vim + unlet b:current_syntax + + syn match nix_${lang}_sigil + \ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X + \ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING + \ transparent + + syn region nix_${lang}_region_STRING + \ matchgroup=NixSTRING + \ start='"' + \ skip='\\"' + \ end='"' + \ contained + \ contains=@nix_${lang}_syntax + \ transparent + + syn region nix_${lang}_region_IND_STRING + \ matchgroup=NixIND_STRING + \ start="'''" + \ skip="'''\('\|[$]\|\\[nrt]\)" + \ end="'''" + \ contained + \ contains=@nix_${lang}_syntax + \ transparent + + syn cluster nix_ind_strings + \ add=nix_${lang}_region_IND_STRING + + syn cluster nix_strings + \ add=nix_${lang}_region_STRING + + syn cluster nix_has_dollar_curly + \ add=@nix_${lang}_syntax + '') { + c = {}; + cabal = {}; + haskell = {}; + sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"''; + vim.extraStart = + ''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"''; + })} + + " Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY. + syn clear shVarAssign + + syn region nixINSIDE_DOLLAR_CURLY + \ matchgroup=NixEnter + \ start="[$]{" + \ end="}" + \ contains=TOP + \ containedin=@nix_has_dollar_curly + \ transparent + + syn region nix_inside_curly + \ matchgroup=NixEnter + \ start="{" + \ end="}" + \ contains=TOP + \ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly + \ transparent + + syn match NixQuote /'''\([''$']\|\\.\)/he=s+2 + \ containedin=@nix_ind_strings + \ contained + + syn match NixQuote /\\./he=s+1 + \ containedin=@nix_strings + \ contained + + syn sync fromstart + + let b:current_syntax = "nix" + + set isk=@,48-57,_,192-255,-,' + ''; +in +out diff --git a/jeschli/default.nix b/jeschli/default.nix index 92de07407..7886fef49 100644 --- a/jeschli/default.nix +++ b/jeschli/default.nix @@ -2,7 +2,7 @@ _: { imports = [ ../krebs -# ./2configs + ./2configs # ./3modules # ./5pkgs ]; -- cgit v1.2.3 From e909dcaefe3fd9a7b944babb97a53c824fad3d8c Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 6 Dec 2017 17:58:08 +0100 Subject: l: add jeschli user --- krebs/3modules/lass/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 772d96009..ff6ba474f 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -622,5 +622,8 @@ with import ; pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE"; mail = "joerg@higgsboson.tk"; }; + jeschli = { + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMPuFzd6p3zZETIjoV5mRxCTQgeZk9s/P374mEDbj58wDTT0uGWu2JRf7cL1QRTvd5238tYl0eSHXH65+oaFB/mIvmiRnuw6qQODOMHlSbJN5/J2hEw/3v5gveiP1xNLfKlFhj6mmMRF7Etvzns/kLGLCSjj1UTlfo4iHmtinPmU+iQ8J4foS4cZj4oZesF8gndkc2EFMfL6en7EuU8GK6U9GtwKNL9N4UoUZXu8Nf00pkn/jrpmsDdI4zdVVAxWeu/Lo4li43EVixLcfwQiwzf6S9FvYIv30xPdy92GJSJwxm/QkYuc48VZWUoE+qThf3IEPETtX+MRZrM8RTtY01"; + }; }; } -- cgit v1.2.3 From a9b72bd2901ca232eb7b6523c535c593a36521ef Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 7 Dec 2017 17:33:08 +0100 Subject: l: add gpd-pocket hardware --- lass/2configs/hw/gpd-pocket.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 lass/2configs/hw/gpd-pocket.nix diff --git a/lass/2configs/hw/gpd-pocket.nix b/lass/2configs/hw/gpd-pocket.nix new file mode 100644 index 000000000..e3d212741 --- /dev/null +++ b/lass/2configs/hw/gpd-pocket.nix @@ -0,0 +1,20 @@ +{ pkgs, ... }: + +let + dummy_firmware = pkgs.writeTextFile { + name = "brcmfmac4356-pcie.txt"; + text = builtins.readFile ./brcmfmac4356-pcie.txt; + destination = "/lib/firmware/brcm/brcmfmac4356-pcie.txt"; + }; +in { + hardware.firmware = [ dummy_firmware ]; + + boot.kernelPackages = pkgs.linuxPackages_4_14; + boot.kernelParams = [ + "fbcon=rotate:1" + ]; + services.tlp.enable = true; + services.xserver.displayManager.sessionCommands = '' + (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output DSI1 --rotate right) + ''; +} -- cgit v1.2.3 From 15e9582955dc08e88ef48b8a6c9fbe932eba282e Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 8 Dec 2017 13:36:29 +0100 Subject: ma source: bump to 2017-12-08 --- makefu/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/source.nix b/makefu/source.nix index aa49062e9..ce5855430 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -11,7 +11,7 @@ let then "buildbot" else "makefu"; _file = + "/makefu/1systems/${name}/source.nix"; - ref = "6778819"; # unstable @ 2017-11-14 + ref = "3874de4"; # unstable @ 2017-12-08 # + do_sqlite3 ruby: 55a952be5b5 in -- cgit v1.2.3 From fe0feb9436b68686d7e237c36057fa6e3eee69b9 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 8 Dec 2017 13:36:50 +0100 Subject: ma devpi: move devpi-server upstream --- makefu/5pkgs/devpi/default.nix | 60 +----------------------------------------- 1 file changed, 1 insertion(+), 59 deletions(-) diff --git a/makefu/5pkgs/devpi/default.nix b/makefu/5pkgs/devpi/default.nix index e7c26da55..3ddcd9641 100644 --- a/makefu/5pkgs/devpi/default.nix +++ b/makefu/5pkgs/devpi/default.nix @@ -14,18 +14,6 @@ let propagatedBuildInputs = with pkgs.python3Packages; [ docutils bleach pygments ]; }; - devpi-client = pkgs.python3Packages.buildPythonPackage rec { - name = "devpi-client"; - version = "2.7.0"; - - src = pkgs.fetchurl { - url = "mirror://pypi/d/devpi-client/devpi-client-${version}.tar.gz"; - sha256 = "0z7vaf0a66n82mz0vx122pbynjvkhp2mjf9lskgyv09y3bxzzpj3"; - }; - patches = [ ./py3-fix-encoding.patch ]; - buildInputs = with pkgs.python3Packages; [ tox check-manifest pkginfo ]; - propagatedBuildInputs = with pkgs.python3Packages; [ devpi-common py ]; - }; devpi-web = pkgs.python3Packages.buildPythonPackage rec { name = "devpi-web"; version = "3.1.1"; @@ -37,7 +25,7 @@ let }; propagatedBuildInputs = with pkgs.python3Packages; - [ devpi-server pyramid_chameleon beautifulsoup4 defusedxml readme-renderer ]; + [ pkgs.devpi-server pyramid_chameleon beautifulsoup4 defusedxml readme-renderer ]; meta = { homepage = https://bitbucket.org/hpk42/devpi; @@ -47,53 +35,7 @@ let }; }; - devpi-common-3 = pkgs.python3Packages.buildPythonPackage rec { - name = "devpi-common"; - version = "3.0.1"; - - src = pkgs.fetchurl { - url = "mirror://pypi/d/devpi-common/devpi-common-${version}.tar.gz"; - sha256 = "0l3a7iyk596x6pvzg7604lzzi012qszr804fqn6f517zcy1xz23j"; - }; - - propagatedBuildInputs = with pkgs.python3Packages; [ requests py ]; - - meta = { - homepage = https://bitbucket.org/hpk42/devpi; - description = "Utilities jointly used by devpi-server and devpi-client"; - license = licenses.mit; - maintainers = with maintainers; [ lewo makefu ]; - }; - }; - - devpi-server = pkgs.python3Packages.buildPythonPackage rec { - name = "devpi-server"; - version = "4.1.1"; - - # original postFixup adds "import sys; sys.argv[0] = 'devpi-server'" to - # `.devpi-server-wrapped` which - # results in "not existing devpi-server: 'devpi-server'" - postFixup = ""; - - src = pkgs.fetchurl { - url = "mirror://pypi/d/devpi-server/devpi-server-${version}.tar.gz"; - sha256 = "1icbn1nw6w0sc5150fr69rlhs0j5ldnnxfzl2qabq2wi0dbar8hf"; - }; - - propagatedBuildInputs = with pkgs.python3Packages; - [ devpi-common-3 execnet itsdangerous pluggy waitress pyramid ]; - buildInputs = with pkgs.python3Packages; [ pytest beautifulsoup4 webtest ]; - - meta = { - homepage = https://bitbucket.org/hpk42/devpi; - description = "Devpi Server"; - license = licenses.mit; - maintainers = with maintainers; [ makefu ]; - }; - }; - in { - inherit devpi-server devpi-client; devpi-web = pkgs.python3.buildEnv.override { extraLibs = [ devpi-web devpi-server ]; }; -- cgit v1.2.3 From 8dcf39d38372391eed74318a5b67885b1a6ac29c Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 8 Dec 2017 13:37:52 +0100 Subject: ma hosts: disable v6 for wbob, disable pubkey for latte --- krebs/3modules/makefu/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 080b8fced..9f1842b88 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -107,7 +107,7 @@ with import ; ci = true; cores = 1; ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIrkK1mWfPvfZ9ALC1irGLuzOtMefaGAmGY1VD4dj7K1 latte"; + # ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIrkK1mWfPvfZ9ALC1irGLuzOtMefaGAmGY1VD4dj7K1 latte"; nets = { internet = { ip4.addr = "185.215.224.160"; @@ -500,7 +500,7 @@ with import ; }; retiolum = { ip4.addr = "10.243.214.15"; - ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"; + # ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"; aliases = [ "wbob.r" ]; -- cgit v1.2.3 From 6d07e8aec19f3d5fa1d61904c476016879609b6a Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 8 Dec 2017 13:38:57 +0100 Subject: ma gum.r: network config changes, add tor --- makefu/1systems/gum/config.nix | 35 ++++++++++++++++++++++++++++++++--- 1 file changed, 32 insertions(+), 3 deletions(-) diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 98d5d2988..b66ef1ab8 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -46,7 +46,7 @@ in { # services - + # @@ -65,6 +65,8 @@ in { + + { services.taskserver.enable = true; services.taskserver.fqdn = config.krebs.build.host.name; @@ -84,13 +86,40 @@ in { # Temporary: # + + + #{ + # services.dockerRegistry.enable = true; + # networking.firewall.allowedTCPPorts = [ 8443 ]; + + # services.nginx.virtualHosts."euer.krebsco.de" = { + # forceSSL = true; + # enableACME = true; + # extraConfig = '' + # client_max_body_size 1000M; + # ''; + # locations."/".proxyPass = "http://localhost:5000"; + # }; + #} + { # wireguard server + networking.firewall.allowedUDPPorts = [ 51820 ]; + #networking.wireguard.interfaces.wg0 = { + # ips = [ "10.244.0.1/24" ]; + # privateKeyFile = (toString ) + "/wireguard.key"; + # allowedIPsAsRoutes = true; + # peers = [{ + # allowedIPs = [ "0.0.0.0/0" "::/0" ]; + # publicKey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g="; + # }]; + #}; + } ]; makefu.dl-dir = "/var/download"; services.openssh.hostKeys = [ - { bits = 4096; path = ; type = "rsa"; } - { path = ; type = "ed25519"; } ]; + { bits = 4096; path = (toString ); type = "rsa"; } + { path = (toString ); type = "ed25519"; } ]; ###### stable services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ]; krebs.build.host = config.krebs.hosts.gum; -- cgit v1.2.3 From 907e45dd8038f3b91860b2bec5d075890918a1e3 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 8 Dec 2017 13:39:40 +0100 Subject: ma omo.r: enable europastats --- makefu/1systems/omo/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 1d157460b..4af87dc10 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -61,6 +61,7 @@ in { # logs to influx + # services -- cgit v1.2.3 From 20eb8ac1e2d72920814b9f354623646824a68b6b Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 8 Dec 2017 13:40:02 +0100 Subject: ma bgt: add hidden service description --- makefu/2configs/deployment/bgt/hidden_service.nix | 48 +++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 makefu/2configs/deployment/bgt/hidden_service.nix diff --git a/makefu/2configs/deployment/bgt/hidden_service.nix b/makefu/2configs/deployment/bgt/hidden_service.nix new file mode 100644 index 000000000..c1a31b8dc --- /dev/null +++ b/makefu/2configs/deployment/bgt/hidden_service.nix @@ -0,0 +1,48 @@ +{ pkgs, lib, ... }: + +with lib; +let + name = "bgt_cyberwar_hidden_service"; + sec = (toString ) + "/"; + secdir = sec + name; + srvdir = "/var/lib/tor/onion/"; + basedir = srvdir + name; + hn = builtins.readFile (secdir + "/hostname"); +in +{ + systemd.services.prepare-hidden-service = { + wantedBy = [ "local-fs.target" ]; + before = [ "tor.service" ]; + serviceConfig = { + ExecStart = pkgs.writeScript "prepare-euer-blog-service" '' + #!/bin/sh + set -euf + if ! test -d "${basedir}" ;then + mkdir -p "${srvdir}" + cp -r "${secdir}" "${srvdir}" + chown -R tor:tor "${srvdir}" + chmod -R 700 "${basedir}" + else + echo "not overwriting ${basedir}" + fi + ''; + Type = "oneshot"; + RemainAfterExit = "yes"; + TimeoutSec = "0"; + }; + }; + services.nginx.virtualHosts."${hn}".locations."/" = { + proxyPass = "https://blog.binaergewitter.de"; + extraConfig = '' + proxy_set_header Host blog.binaergewitter.de; + proxy_ssl_server_name on; + ''; + }; + services.tor = { + enable = true; + hiddenServices."${name}".map = [ + { port = "80"; } + # { port = "443"; toHost = "blog.binaergewitter.de"; } + ]; + }; +} -- cgit v1.2.3 From e99a9ac9f113ea9d79ae3b830d8b328c9ef03e40 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 8 Dec 2017 14:04:35 +0100 Subject: ma wbob.r: enable bureautomation --- makefu/1systems/wbob/config.nix | 13 ++----- makefu/1systems/wbob/source.nix | 2 +- .../2configs/deployment/bureautomation/default.nix | 41 ++++++++++++++++++++++ makefu/2configs/deployment/led-fader.nix | 28 +++++++-------- makefu/2configs/share/wbob.nix | 38 ++++++++++++++++++++ makefu/2configs/stats/telegraf/airsensor.nix | 4 +++ makefu/5pkgs/airsensor-py/default.nix | 8 ++--- 7 files changed, 105 insertions(+), 29 deletions(-) create mode 100644 makefu/2configs/deployment/bureautomation/default.nix create mode 100644 makefu/2configs/share/wbob.nix diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index f7b60fa93..c30ee4c58 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -18,7 +18,6 @@ in { - #