From 0c4f3acb281be6290c55a6e96bc29fab5b5c7a11 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 11 Sep 2023 18:24:28 +0200 Subject: stockholm -> hrm --- configs/autotether.nix | 19 + configs/backup.nix | 108 +++++ configs/bash/default.nix | 66 +++ configs/binary-cache/default.nix | 28 ++ configs/br.nix | 49 ++ configs/default.nix | 131 ++++++ configs/elm-packages-proxy.nix | 359 ++++++++++++++ configs/exim-retiolum.nix | 8 + configs/exim-smarthost.nix | 45 ++ configs/fs/CAC-CentOS-7-64bit.nix | 20 + configs/gitconfig.nix | 15 + configs/gitrepos.nix | 237 ++++++++++ configs/htop.nix | 39 ++ configs/hw/AO753.nix | 47 ++ configs/hw/winmax2.nix | 48 ++ configs/hw/x220.nix | 88 ++++ configs/imgur.nix | 21 + configs/initrd/sshd.nix | 17 + configs/mail-client.nix | 9 + configs/man.nix | 13 + configs/nets/hkw.nix | 68 +++ configs/networkd.nix | 4 + configs/nginx/default.nix | 21 + configs/nginx/public_html.nix | 17 + configs/nix.nix | 9 + configs/pki/certs/tv.crt | 31 ++ configs/pki/default.nix | 67 +++ configs/ppp.nix | 85 ++++ configs/pulse.nix | 119 +++++ configs/repo-sync/wiki.nix | 39 ++ configs/retiolum.nix | 26 ++ configs/smartd.nix | 17 + configs/ssh.nix | 21 + configs/sshd.nix | 26 ++ configs/urlwatch.nix | 118 +++++ configs/vim.nix | 184 ++++++++ configs/weechat-server.nix | 24 + configs/wiregrill.nix | 36 ++ configs/xdg.nix | 10 + configs/xserver/Xmodmap.nix | 28 ++ configs/xserver/default.nix | 166 +++++++ configs/xserver/sxiv.nix | 11 + configs/xserver/urxvt.nix | 72 +++ configs/xserver/xkiller.nix | 14 + configs/xserver/xserver.conf.nix | 38 ++ configs/xsessions/default.nix | 5 + configs/xsessions/urxvtd.nix | 15 + lib/default.nix | 1 - lib/impure.nix | 3 - modules/Xresources.nix | 44 ++ modules/charybdis/config.nix | 519 +++++++++++++++++++++ modules/charybdis/default.nix | 80 ++++ modules/default.nix | 7 + modules/dnsmasq.nix | 60 +++ modules/ejabberd/default.nix | 274 +++++++++++ modules/focus.nix | 3 + modules/hosts.nix | 8 + modules/hw.nix | 15 + modules/im.nix | 109 +++++ modules/iptables.nix | 207 ++++++++ modules/lidControl.nix | 44 ++ modules/org.freedesktop.machine1.host-shell.nix | 28 ++ modules/slock.nix | 77 +++ modules/systemd.nix | 49 ++ modules/unbound.nix | 84 ++++ modules/wwan.nix | 181 +++++++ modules/x0vncserver.nix | 44 ++ pkgs/compat/default.nix | 1 + pkgs/default.nix | 24 + pkgs/haskell/default.nix | 31 ++ pkgs/haskell/th-env/default.nix | 10 + pkgs/haskell/th-env/src/THEnv.hs | 49 ++ pkgs/haskell/th-env/th-env.cabal | 20 + pkgs/haskell/xmonad-tv/default.nix | 16 + pkgs/haskell/xmonad-tv/shell.nix | 83 ++++ pkgs/haskell/xmonad-tv/src/Shutdown.hs | 113 +++++ pkgs/haskell/xmonad-tv/src/XMonad/Extra.hs | 14 + .../src/XMonad/Hooks/EwmhDesktops/Extra.hs | 117 +++++ pkgs/haskell/xmonad-tv/src/main.hs | 227 +++++++++ pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal | 29 ++ pkgs/override/alacritty.nix | 16 + pkgs/override/anbox.nix | 72 +++ pkgs/override/default.nix | 11 + pkgs/override/fzf/complete1.patch | 77 +++ pkgs/override/fzf/default.nix | 7 + pkgs/override/gitAndTools.nix | 5 + pkgs/override/input-fonts.nix | 13 + pkgs/override/iosevka-tv-1.nix | 20 + pkgs/override/iosevka-tv-2.nix | 20 + pkgs/override/jc.nix | 21 + pkgs/override/uqmi.nix | 10 + .../433Utils/RPi_utils.codesend.codestring.patch | 24 + pkgs/rpi/433Utils/default.nix | 42 ++ pkgs/rpi/433Utils/rc-switch.protocols.patch | 10 + pkgs/rpi/433Utils/src.json | 7 + pkgs/rpi/WiringPi/default.nix | 61 +++ pkgs/rpi/WiringPi/src.json | 6 + pkgs/rpi/default.nix | 11 + pkgs/simple/alacritty-tv.nix | 155 ++++++ pkgs/simple/bash-fzf-history.nix | 107 +++++ pkgs/simple/cr.nix | 16 + pkgs/simple/default.nix | 22 + pkgs/simple/diff-so-fancy.nix | 50 ++ pkgs/simple/disko.nix | 13 + pkgs/simple/editor-input.nix | 18 + pkgs/simple/ff.nix | 8 + pkgs/simple/field.nix | 6 + pkgs/simple/flameshot-once-tv.nix | 48 ++ pkgs/simple/font-size-alacritty.nix | 67 +++ pkgs/simple/fzmenu/bin/otpmenu | 44 ++ pkgs/simple/fzmenu/bin/passmenu | 45 ++ pkgs/simple/fzmenu/default.nix | 50 ++ pkgs/simple/hc.nix | 39 ++ pkgs/simple/iosevka-tv-1.nix | 18 + pkgs/simple/iosevka-tv-2.nix | 20 + pkgs/simple/libinput-tv.nix | 11 + pkgs/simple/mpvterm/default.nix | 8 + pkgs/simple/mpvterm/mpvterm.patch | 146 ++++++ pkgs/simple/pinentry-urxvt/default.nix | 127 +++++ pkgs/simple/q/default.nix | 176 +++++++ pkgs/simple/rox-filer.nix | 95 ++++ .../rxvt-unicode-256color-terminfo/default.nix | 16 + .../rxvt-unicode-256color.terminfo | Bin 0 -> 2239 bytes pkgs/simple/stardict/default.nix | 235 ++++++++++ pkgs/simple/viljetic-pages/default.nix | 17 + pkgs/simple/viljetic-pages/index.html | 11 + pkgs/simple/viljetic-pages/logo.xpm | 24 + pkgs/simple/weechat-tv.nix | 9 + pkgs/simple/xdpytools/default.nix | 31 ++ pkgs/simple/xdpytools/src/xdpychvt | 11 + pkgs/simple/xdpytools/src/xdpysel | 49 ++ pkgs/simple/xkiller.nix | 25 + pkgs/simple/xtoggledpms.nix | 16 + pkgs/vim/default.nix | 15 + pkgs/vim/elixir.nix | 9 + pkgs/vim/file-line.nix | 10 + pkgs/vim/fzf.nix | 11 + pkgs/vim/hack.nix | 48 ++ pkgs/vim/jq.nix | 10 + pkgs/vim/nix.nix | 224 +++++++++ pkgs/vim/showsyntax.nix | 26 ++ pkgs/vim/tv.nix | 42 ++ pkgs/vim/vim.nix | 21 + systems/alnus/config.nix | 85 ++++ systems/au/config.nix | 22 + systems/au/disks.nix | 19 + systems/bu/config.nix | 33 ++ systems/bu/disks.nix | 19 + systems/mu/config.nix | 125 +++++ systems/nomic/config.nix | 60 +++ systems/querel/config.nix | 84 ++++ systems/ru/config.nix | 35 ++ systems/xu/config.nix | 152 ++++++ systems/zu/config.nix | 49 ++ tv/1systems/alnus/config.nix | 87 ---- tv/1systems/alnus/lib | 1 - tv/1systems/au/config.nix | 23 - tv/1systems/au/disks.nix | 19 - tv/1systems/au/lib | 1 - tv/1systems/bu/config.nix | 35 -- tv/1systems/bu/disks.nix | 19 - tv/1systems/bu/lib | 1 - tv/1systems/lib | 1 - tv/1systems/mu/config.nix | 127 ----- tv/1systems/mu/lib | 1 - tv/1systems/nomic/config.nix | 62 --- tv/1systems/nomic/lib | 1 - tv/1systems/querel/config.nix | 86 ---- tv/1systems/querel/lib | 1 - tv/1systems/ru/config.nix | 37 -- tv/1systems/xu/config.nix | 154 ------ tv/1systems/xu/lib | 1 - tv/1systems/zu/config.nix | 51 -- tv/2configs/autotether.nix | 19 - tv/2configs/backup.nix | 109 ----- tv/2configs/bash/default.nix | 67 --- tv/2configs/bash/lib | 1 - tv/2configs/binary-cache/default.nix | 29 -- tv/2configs/binary-cache/lib | 1 - tv/2configs/br.nix | 49 -- tv/2configs/default.nix | 133 ------ tv/2configs/elm-packages-proxy.nix | 359 -------------- tv/2configs/exim-retiolum.nix | 9 - tv/2configs/exim-smarthost.nix | 46 -- tv/2configs/fs/CAC-CentOS-7-64bit.nix | 20 - tv/2configs/gitconfig.nix | 16 - tv/2configs/gitrepos.nix | 235 ---------- tv/2configs/htop.nix | 40 -- tv/2configs/hw/AO753.nix | 48 -- tv/2configs/hw/lib | 1 - tv/2configs/hw/winmax2.nix | 48 -- tv/2configs/hw/x220.nix | 89 ---- tv/2configs/imgur.nix | 22 - tv/2configs/initrd/sshd.nix | 17 - tv/2configs/lib | 1 - tv/2configs/mail-client.nix | 9 - tv/2configs/man.nix | 13 - tv/2configs/nets/hkw.nix | 68 --- tv/2configs/networkd.nix | 4 - tv/2configs/nginx/default.nix | 22 - tv/2configs/nginx/lib | 1 - tv/2configs/nginx/public_html.nix | 18 - tv/2configs/nix.nix | 9 - tv/2configs/pki/certs/tv.crt | 31 -- tv/2configs/pki/default.nix | 68 --- tv/2configs/pki/lib | 1 - tv/2configs/ppp.nix | 86 ---- tv/2configs/pulse.nix | 120 ----- tv/2configs/repo-sync/lib | 1 - tv/2configs/repo-sync/wiki.nix | 40 -- tv/2configs/retiolum.nix | 27 -- tv/2configs/smartd.nix | 17 - tv/2configs/ssh.nix | 22 - tv/2configs/sshd.nix | 27 -- tv/2configs/urlwatch.nix | 117 ----- tv/2configs/vim.nix | 183 -------- tv/2configs/weechat-server.nix | 24 - tv/2configs/wiregrill.nix | 37 -- tv/2configs/xdg.nix | 11 - tv/2configs/xserver/Xmodmap.nix | 28 -- tv/2configs/xserver/default.nix | 167 ------- tv/2configs/xserver/lib | 1 - tv/2configs/xserver/sxiv.nix | 12 - tv/2configs/xserver/urxvt.nix | 73 --- tv/2configs/xserver/xkiller.nix | 14 - tv/2configs/xserver/xserver.conf.nix | 39 -- tv/2configs/xsessions/default.nix | 5 - tv/2configs/xsessions/urxvtd.nix | 15 - tv/3modules/Xresources.nix | 38 -- tv/3modules/charybdis/config.nix | 519 --------------------- tv/3modules/charybdis/default.nix | 81 ---- tv/3modules/charybdis/lib | 1 - tv/3modules/default.nix | 8 - tv/3modules/dnsmasq.nix | 58 --- tv/3modules/ejabberd/default.nix | 275 ----------- tv/3modules/ejabberd/lib | 1 - tv/3modules/focus.nix | 4 - tv/3modules/hosts.nix | 9 - tv/3modules/hw.nix | 16 - tv/3modules/im.nix | 110 ----- tv/3modules/iptables.nix | 208 --------- tv/3modules/lib | 1 - tv/3modules/lidControl.nix | 45 -- .../org.freedesktop.machine1.host-shell.nix | 29 -- tv/3modules/slock.nix | 78 ---- tv/3modules/systemd.nix | 47 -- tv/3modules/unbound.nix | 84 ---- tv/3modules/wwan.nix | 182 -------- tv/3modules/x0vncserver.nix | 45 -- tv/5pkgs/compat/default.nix | 1 - tv/5pkgs/default.nix | 19 - tv/5pkgs/haskell/default.nix | 28 -- tv/5pkgs/haskell/lib | 1 - tv/5pkgs/haskell/th-env/default.nix | 10 - tv/5pkgs/haskell/th-env/src/THEnv.hs | 49 -- tv/5pkgs/haskell/th-env/th-env.cabal | 20 - tv/5pkgs/haskell/xmonad-tv/default.nix | 16 - tv/5pkgs/haskell/xmonad-tv/shell.nix | 83 ---- tv/5pkgs/haskell/xmonad-tv/src/Shutdown.hs | 113 ----- tv/5pkgs/haskell/xmonad-tv/src/XMonad/Extra.hs | 14 - .../src/XMonad/Hooks/EwmhDesktops/Extra.hs | 117 ----- tv/5pkgs/haskell/xmonad-tv/src/main.hs | 227 --------- tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal | 29 -- tv/5pkgs/lib | 1 - tv/5pkgs/override/alacritty.nix | 16 - tv/5pkgs/override/anbox.nix | 72 --- tv/5pkgs/override/default.nix | 4 - tv/5pkgs/override/fzf/complete1.patch | 77 --- tv/5pkgs/override/fzf/default.nix | 7 - tv/5pkgs/override/gitAndTools.nix | 5 - tv/5pkgs/override/input-fonts.nix | 13 - tv/5pkgs/override/iosevka-tv-1.nix | 20 - tv/5pkgs/override/iosevka-tv-2.nix | 20 - tv/5pkgs/override/jc.nix | 21 - tv/5pkgs/override/lib | 1 - tv/5pkgs/override/uqmi.nix | 10 - .../433Utils/RPi_utils.codesend.codestring.patch | 24 - tv/5pkgs/rpi/433Utils/default.nix | 42 -- tv/5pkgs/rpi/433Utils/rc-switch.protocols.patch | 10 - tv/5pkgs/rpi/433Utils/src.json | 7 - tv/5pkgs/rpi/WiringPi/default.nix | 61 --- tv/5pkgs/rpi/WiringPi/src.json | 6 - tv/5pkgs/rpi/default.nix | 7 - tv/5pkgs/rpi/lib | 1 - tv/5pkgs/simple/alacritty-tv.nix | 152 ------ tv/5pkgs/simple/bash-fzf-history.nix | 102 ---- tv/5pkgs/simple/cr.nix | 16 - tv/5pkgs/simple/default.nix | 18 - tv/5pkgs/simple/diff-so-fancy.nix | 50 -- tv/5pkgs/simple/disko.nix | 13 - tv/5pkgs/simple/editor-input.nix | 18 - tv/5pkgs/simple/ff.nix | 8 - tv/5pkgs/simple/field.nix | 6 - tv/5pkgs/simple/flameshot-once-tv.nix | 48 -- tv/5pkgs/simple/font-size-alacritty.nix | 67 --- tv/5pkgs/simple/fzmenu/bin/otpmenu | 44 -- tv/5pkgs/simple/fzmenu/bin/passmenu | 45 -- tv/5pkgs/simple/fzmenu/default.nix | 50 -- tv/5pkgs/simple/hc.nix | 39 -- tv/5pkgs/simple/iosevka-tv-1.nix | 18 - tv/5pkgs/simple/iosevka-tv-2.nix | 20 - tv/5pkgs/simple/lib | 1 - tv/5pkgs/simple/libinput-tv.nix | 11 - tv/5pkgs/simple/mpvterm/default.nix | 8 - tv/5pkgs/simple/mpvterm/mpvterm.patch | 146 ------ tv/5pkgs/simple/pinentry-urxvt/default.nix | 124 ----- tv/5pkgs/simple/pinentry-urxvt/lib | 1 - tv/5pkgs/simple/q/default.nix | 171 ------- tv/5pkgs/simple/q/lib | 1 - tv/5pkgs/simple/rox-filer.nix | 95 ---- .../rxvt-unicode-256color-terminfo/default.nix | 16 - .../rxvt-unicode-256color.terminfo | Bin 2239 -> 0 bytes tv/5pkgs/simple/stardict/default.nix | 235 ---------- tv/5pkgs/simple/viljetic-pages/default.nix | 17 - tv/5pkgs/simple/viljetic-pages/index.html | 11 - tv/5pkgs/simple/viljetic-pages/logo.xpm | 24 - tv/5pkgs/simple/weechat-tv.nix | 9 - tv/5pkgs/simple/xdpytools/default.nix | 31 -- tv/5pkgs/simple/xdpytools/src/xdpychvt | 11 - tv/5pkgs/simple/xdpytools/src/xdpysel | 49 -- tv/5pkgs/simple/xkiller.nix | 25 - tv/5pkgs/simple/xtoggledpms.nix | 16 - tv/5pkgs/vim/default.nix | 11 - tv/5pkgs/vim/elixir.nix | 9 - tv/5pkgs/vim/file-line.nix | 10 - tv/5pkgs/vim/fzf.nix | 11 - tv/5pkgs/vim/hack.nix | 49 -- tv/5pkgs/vim/jq.nix | 10 - tv/5pkgs/vim/lib | 1 - tv/5pkgs/vim/nix.nix | 225 --------- tv/5pkgs/vim/showsyntax.nix | 26 -- tv/5pkgs/vim/tv.nix | 42 -- tv/5pkgs/vim/vim.nix | 16 - tv/default.nix | 15 - tv/dummy_secrets/default.nix | 8 - tv/dummy_secrets/o2.pin | 1 - tv/dummy_secrets/repos.nix | 1 - tv/dummy_secrets/ssh.id_ed25519 | 3 - tv/dummy_secrets/ssh.id_rsa | 3 - tv/krops.nix | 23 - tv/lib | 1 - 341 files changed, 8470 insertions(+), 8553 deletions(-) create mode 100644 configs/autotether.nix create mode 100644 configs/backup.nix create mode 100644 configs/bash/default.nix create mode 100644 configs/binary-cache/default.nix create mode 100644 configs/br.nix create mode 100644 configs/default.nix create mode 100644 configs/elm-packages-proxy.nix create mode 100644 configs/exim-retiolum.nix create mode 100644 configs/exim-smarthost.nix create mode 100644 configs/fs/CAC-CentOS-7-64bit.nix create mode 100644 configs/gitconfig.nix create mode 100644 configs/gitrepos.nix create mode 100644 configs/htop.nix create mode 100644 configs/hw/AO753.nix create mode 100644 configs/hw/winmax2.nix create mode 100644 configs/hw/x220.nix create mode 100644 configs/imgur.nix create mode 100644 configs/initrd/sshd.nix create mode 100644 configs/mail-client.nix create mode 100644 configs/man.nix create mode 100644 configs/nets/hkw.nix create mode 100644 configs/networkd.nix create mode 100644 configs/nginx/default.nix create mode 100644 configs/nginx/public_html.nix create mode 100644 configs/nix.nix create mode 100644 configs/pki/certs/tv.crt create mode 100644 configs/pki/default.nix create mode 100644 configs/ppp.nix create mode 100644 configs/pulse.nix create mode 100644 configs/repo-sync/wiki.nix create mode 100644 configs/retiolum.nix create mode 100644 configs/smartd.nix create mode 100644 configs/ssh.nix create mode 100644 configs/sshd.nix create mode 100644 configs/urlwatch.nix create mode 100644 configs/vim.nix create mode 100644 configs/weechat-server.nix create mode 100644 configs/wiregrill.nix create mode 100644 configs/xdg.nix create mode 100644 configs/xserver/Xmodmap.nix create mode 100644 configs/xserver/default.nix create mode 100644 configs/xserver/sxiv.nix create mode 100644 configs/xserver/urxvt.nix create mode 100644 configs/xserver/xkiller.nix create mode 100644 configs/xserver/xserver.conf.nix create mode 100644 configs/xsessions/default.nix create mode 100644 configs/xsessions/urxvtd.nix delete mode 100644 lib/default.nix delete mode 100644 lib/impure.nix create mode 100644 modules/Xresources.nix create mode 100644 modules/charybdis/config.nix create mode 100644 modules/charybdis/default.nix create mode 100644 modules/default.nix create mode 100644 modules/dnsmasq.nix create mode 100644 modules/ejabberd/default.nix create mode 100644 modules/focus.nix create mode 100644 modules/hosts.nix create mode 100644 modules/hw.nix create mode 100644 modules/im.nix create mode 100644 modules/iptables.nix create mode 100644 modules/lidControl.nix create mode 100644 modules/org.freedesktop.machine1.host-shell.nix create mode 100644 modules/slock.nix create mode 100644 modules/systemd.nix create mode 100644 modules/unbound.nix create mode 100644 modules/wwan.nix create mode 100644 modules/x0vncserver.nix create mode 100644 pkgs/compat/default.nix create mode 100644 pkgs/default.nix create mode 100644 pkgs/haskell/default.nix create mode 100644 pkgs/haskell/th-env/default.nix create mode 100644 pkgs/haskell/th-env/src/THEnv.hs create mode 100644 pkgs/haskell/th-env/th-env.cabal create mode 100644 pkgs/haskell/xmonad-tv/default.nix create mode 100644 pkgs/haskell/xmonad-tv/shell.nix create mode 100644 pkgs/haskell/xmonad-tv/src/Shutdown.hs create mode 100644 pkgs/haskell/xmonad-tv/src/XMonad/Extra.hs create mode 100644 pkgs/haskell/xmonad-tv/src/XMonad/Hooks/EwmhDesktops/Extra.hs create mode 100644 pkgs/haskell/xmonad-tv/src/main.hs create mode 100644 pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal create mode 100644 pkgs/override/alacritty.nix create mode 100644 pkgs/override/anbox.nix create mode 100644 pkgs/override/default.nix create mode 100644 pkgs/override/fzf/complete1.patch create mode 100644 pkgs/override/fzf/default.nix create mode 100644 pkgs/override/gitAndTools.nix create mode 100644 pkgs/override/input-fonts.nix create mode 100644 pkgs/override/iosevka-tv-1.nix create mode 100644 pkgs/override/iosevka-tv-2.nix create mode 100644 pkgs/override/jc.nix create mode 100644 pkgs/override/uqmi.nix create mode 100644 pkgs/rpi/433Utils/RPi_utils.codesend.codestring.patch create mode 100644 pkgs/rpi/433Utils/default.nix create mode 100644 pkgs/rpi/433Utils/rc-switch.protocols.patch create mode 100644 pkgs/rpi/433Utils/src.json create mode 100644 pkgs/rpi/WiringPi/default.nix create mode 100644 pkgs/rpi/WiringPi/src.json create mode 100644 pkgs/rpi/default.nix create mode 100644 pkgs/simple/alacritty-tv.nix create mode 100644 pkgs/simple/bash-fzf-history.nix create mode 100644 pkgs/simple/cr.nix create mode 100644 pkgs/simple/default.nix create mode 100644 pkgs/simple/diff-so-fancy.nix create mode 100644 pkgs/simple/disko.nix create mode 100644 pkgs/simple/editor-input.nix create mode 100644 pkgs/simple/ff.nix create mode 100644 pkgs/simple/field.nix create mode 100644 pkgs/simple/flameshot-once-tv.nix create mode 100644 pkgs/simple/font-size-alacritty.nix create mode 100755 pkgs/simple/fzmenu/bin/otpmenu create mode 100755 pkgs/simple/fzmenu/bin/passmenu create mode 100644 pkgs/simple/fzmenu/default.nix create mode 100644 pkgs/simple/hc.nix create mode 100644 pkgs/simple/iosevka-tv-1.nix create mode 100644 pkgs/simple/iosevka-tv-2.nix create mode 100644 pkgs/simple/libinput-tv.nix create mode 100644 pkgs/simple/mpvterm/default.nix create mode 100644 pkgs/simple/mpvterm/mpvterm.patch create mode 100644 pkgs/simple/pinentry-urxvt/default.nix create mode 100644 pkgs/simple/q/default.nix create mode 100644 pkgs/simple/rox-filer.nix create mode 100644 pkgs/simple/rxvt-unicode-256color-terminfo/default.nix create mode 100644 pkgs/simple/rxvt-unicode-256color-terminfo/rxvt-unicode-256color.terminfo create mode 100644 pkgs/simple/stardict/default.nix create mode 100644 pkgs/simple/viljetic-pages/default.nix create mode 100644 pkgs/simple/viljetic-pages/index.html create mode 100644 pkgs/simple/viljetic-pages/logo.xpm create mode 100644 pkgs/simple/weechat-tv.nix create mode 100644 pkgs/simple/xdpytools/default.nix create mode 100755 pkgs/simple/xdpytools/src/xdpychvt create mode 100755 pkgs/simple/xdpytools/src/xdpysel create mode 100644 pkgs/simple/xkiller.nix create mode 100644 pkgs/simple/xtoggledpms.nix create mode 100644 pkgs/vim/default.nix create mode 100644 pkgs/vim/elixir.nix create mode 100644 pkgs/vim/file-line.nix create mode 100644 pkgs/vim/fzf.nix create mode 100644 pkgs/vim/hack.nix create mode 100644 pkgs/vim/jq.nix create mode 100644 pkgs/vim/nix.nix create mode 100644 pkgs/vim/showsyntax.nix create mode 100644 pkgs/vim/tv.nix create mode 100644 pkgs/vim/vim.nix create mode 100644 systems/alnus/config.nix create mode 100644 systems/au/config.nix create mode 100644 systems/au/disks.nix create mode 100644 systems/bu/config.nix create mode 100644 systems/bu/disks.nix create mode 100644 systems/mu/config.nix create mode 100644 systems/nomic/config.nix create mode 100644 systems/querel/config.nix create mode 100644 systems/ru/config.nix create mode 100644 systems/xu/config.nix create mode 100644 systems/zu/config.nix delete mode 100644 tv/1systems/alnus/config.nix delete mode 120000 tv/1systems/alnus/lib delete mode 100644 tv/1systems/au/config.nix delete mode 100644 tv/1systems/au/disks.nix delete mode 120000 tv/1systems/au/lib delete mode 100644 tv/1systems/bu/config.nix delete mode 100644 tv/1systems/bu/disks.nix delete mode 120000 tv/1systems/bu/lib delete mode 120000 tv/1systems/lib delete mode 100644 tv/1systems/mu/config.nix delete mode 120000 tv/1systems/mu/lib delete mode 100644 tv/1systems/nomic/config.nix delete mode 120000 tv/1systems/nomic/lib delete mode 100644 tv/1systems/querel/config.nix delete mode 120000 tv/1systems/querel/lib delete mode 100644 tv/1systems/ru/config.nix delete mode 100644 tv/1systems/xu/config.nix delete mode 120000 tv/1systems/xu/lib delete mode 100644 tv/1systems/zu/config.nix delete mode 100644 tv/2configs/autotether.nix delete mode 100644 tv/2configs/backup.nix delete mode 100644 tv/2configs/bash/default.nix delete mode 120000 tv/2configs/bash/lib delete mode 100644 tv/2configs/binary-cache/default.nix delete mode 120000 tv/2configs/binary-cache/lib delete mode 100644 tv/2configs/br.nix delete mode 100644 tv/2configs/default.nix delete mode 100644 tv/2configs/elm-packages-proxy.nix delete mode 100644 tv/2configs/exim-retiolum.nix delete mode 100644 tv/2configs/exim-smarthost.nix delete mode 100644 tv/2configs/fs/CAC-CentOS-7-64bit.nix delete mode 100644 tv/2configs/gitconfig.nix delete mode 100644 tv/2configs/gitrepos.nix delete mode 100644 tv/2configs/htop.nix delete mode 100644 tv/2configs/hw/AO753.nix delete mode 120000 tv/2configs/hw/lib delete mode 100644 tv/2configs/hw/winmax2.nix delete mode 100644 tv/2configs/hw/x220.nix delete mode 100644 tv/2configs/imgur.nix delete mode 100644 tv/2configs/initrd/sshd.nix delete mode 120000 tv/2configs/lib delete mode 100644 tv/2configs/mail-client.nix delete mode 100644 tv/2configs/man.nix delete mode 100644 tv/2configs/nets/hkw.nix delete mode 100644 tv/2configs/networkd.nix delete mode 100644 tv/2configs/nginx/default.nix delete mode 120000 tv/2configs/nginx/lib delete mode 100644 tv/2configs/nginx/public_html.nix delete mode 100644 tv/2configs/nix.nix delete mode 100644 tv/2configs/pki/certs/tv.crt delete mode 100644 tv/2configs/pki/default.nix delete mode 120000 tv/2configs/pki/lib delete mode 100644 tv/2configs/ppp.nix delete mode 100644 tv/2configs/pulse.nix delete mode 120000 tv/2configs/repo-sync/lib delete mode 100644 tv/2configs/repo-sync/wiki.nix delete mode 100644 tv/2configs/retiolum.nix delete mode 100644 tv/2configs/smartd.nix delete mode 100644 tv/2configs/ssh.nix delete mode 100644 tv/2configs/sshd.nix delete mode 100644 tv/2configs/urlwatch.nix delete mode 100644 tv/2configs/vim.nix delete mode 100644 tv/2configs/weechat-server.nix delete mode 100644 tv/2configs/wiregrill.nix delete mode 100644 tv/2configs/xdg.nix delete mode 100644 tv/2configs/xserver/Xmodmap.nix delete mode 100644 tv/2configs/xserver/default.nix delete mode 120000 tv/2configs/xserver/lib delete mode 100644 tv/2configs/xserver/sxiv.nix delete mode 100644 tv/2configs/xserver/urxvt.nix delete mode 100644 tv/2configs/xserver/xkiller.nix delete mode 100644 tv/2configs/xserver/xserver.conf.nix delete mode 100644 tv/2configs/xsessions/default.nix delete mode 100644 tv/2configs/xsessions/urxvtd.nix delete mode 100644 tv/3modules/Xresources.nix delete mode 100644 tv/3modules/charybdis/config.nix delete mode 100644 tv/3modules/charybdis/default.nix delete mode 120000 tv/3modules/charybdis/lib delete mode 100644 tv/3modules/default.nix delete mode 100644 tv/3modules/dnsmasq.nix delete mode 100644 tv/3modules/ejabberd/default.nix delete mode 120000 tv/3modules/ejabberd/lib delete mode 100644 tv/3modules/focus.nix delete mode 100644 tv/3modules/hosts.nix delete mode 100644 tv/3modules/hw.nix delete mode 100644 tv/3modules/im.nix delete mode 100644 tv/3modules/iptables.nix delete mode 120000 tv/3modules/lib delete mode 100644 tv/3modules/lidControl.nix delete mode 100644 tv/3modules/org.freedesktop.machine1.host-shell.nix delete mode 100644 tv/3modules/slock.nix delete mode 100644 tv/3modules/systemd.nix delete mode 100644 tv/3modules/unbound.nix delete mode 100644 tv/3modules/wwan.nix delete mode 100644 tv/3modules/x0vncserver.nix delete mode 100644 tv/5pkgs/compat/default.nix delete mode 100644 tv/5pkgs/default.nix delete mode 100644 tv/5pkgs/haskell/default.nix delete mode 120000 tv/5pkgs/haskell/lib delete mode 100644 tv/5pkgs/haskell/th-env/default.nix delete mode 100644 tv/5pkgs/haskell/th-env/src/THEnv.hs delete mode 100644 tv/5pkgs/haskell/th-env/th-env.cabal delete mode 100644 tv/5pkgs/haskell/xmonad-tv/default.nix delete mode 100644 tv/5pkgs/haskell/xmonad-tv/shell.nix delete mode 100644 tv/5pkgs/haskell/xmonad-tv/src/Shutdown.hs delete mode 100644 tv/5pkgs/haskell/xmonad-tv/src/XMonad/Extra.hs delete mode 100644 tv/5pkgs/haskell/xmonad-tv/src/XMonad/Hooks/EwmhDesktops/Extra.hs delete mode 100644 tv/5pkgs/haskell/xmonad-tv/src/main.hs delete mode 100644 tv/5pkgs/haskell/xmonad-tv/src/xmonad-tv.cabal delete mode 120000 tv/5pkgs/lib delete mode 100644 tv/5pkgs/override/alacritty.nix delete mode 100644 tv/5pkgs/override/anbox.nix delete mode 100644 tv/5pkgs/override/default.nix delete mode 100644 tv/5pkgs/override/fzf/complete1.patch delete mode 100644 tv/5pkgs/override/fzf/default.nix delete mode 100644 tv/5pkgs/override/gitAndTools.nix delete mode 100644 tv/5pkgs/override/input-fonts.nix delete mode 100644 tv/5pkgs/override/iosevka-tv-1.nix delete mode 100644 tv/5pkgs/override/iosevka-tv-2.nix delete mode 100644 tv/5pkgs/override/jc.nix delete mode 120000 tv/5pkgs/override/lib delete mode 100644 tv/5pkgs/override/uqmi.nix delete mode 100644 tv/5pkgs/rpi/433Utils/RPi_utils.codesend.codestring.patch delete mode 100644 tv/5pkgs/rpi/433Utils/default.nix delete mode 100644 tv/5pkgs/rpi/433Utils/rc-switch.protocols.patch delete mode 100644 tv/5pkgs/rpi/433Utils/src.json delete mode 100644 tv/5pkgs/rpi/WiringPi/default.nix delete mode 100644 tv/5pkgs/rpi/WiringPi/src.json delete mode 100644 tv/5pkgs/rpi/default.nix delete mode 120000 tv/5pkgs/rpi/lib delete mode 100644 tv/5pkgs/simple/alacritty-tv.nix delete mode 100644 tv/5pkgs/simple/bash-fzf-history.nix delete mode 100644 tv/5pkgs/simple/cr.nix delete mode 100644 tv/5pkgs/simple/default.nix delete mode 100644 tv/5pkgs/simple/diff-so-fancy.nix delete mode 100644 tv/5pkgs/simple/disko.nix delete mode 100644 tv/5pkgs/simple/editor-input.nix delete mode 100644 tv/5pkgs/simple/ff.nix delete mode 100644 tv/5pkgs/simple/field.nix delete mode 100644 tv/5pkgs/simple/flameshot-once-tv.nix delete mode 100644 tv/5pkgs/simple/font-size-alacritty.nix delete mode 100755 tv/5pkgs/simple/fzmenu/bin/otpmenu delete mode 100755 tv/5pkgs/simple/fzmenu/bin/passmenu delete mode 100644 tv/5pkgs/simple/fzmenu/default.nix delete mode 100644 tv/5pkgs/simple/hc.nix delete mode 100644 tv/5pkgs/simple/iosevka-tv-1.nix delete mode 100644 tv/5pkgs/simple/iosevka-tv-2.nix delete mode 120000 tv/5pkgs/simple/lib delete mode 100644 tv/5pkgs/simple/libinput-tv.nix delete mode 100644 tv/5pkgs/simple/mpvterm/default.nix delete mode 100644 tv/5pkgs/simple/mpvterm/mpvterm.patch delete mode 100644 tv/5pkgs/simple/pinentry-urxvt/default.nix delete mode 120000 tv/5pkgs/simple/pinentry-urxvt/lib delete mode 100644 tv/5pkgs/simple/q/default.nix delete mode 120000 tv/5pkgs/simple/q/lib delete mode 100644 tv/5pkgs/simple/rox-filer.nix delete mode 100644 tv/5pkgs/simple/rxvt-unicode-256color-terminfo/default.nix delete mode 100644 tv/5pkgs/simple/rxvt-unicode-256color-terminfo/rxvt-unicode-256color.terminfo delete mode 100644 tv/5pkgs/simple/stardict/default.nix delete mode 100644 tv/5pkgs/simple/viljetic-pages/default.nix delete mode 100644 tv/5pkgs/simple/viljetic-pages/index.html delete mode 100644 tv/5pkgs/simple/viljetic-pages/logo.xpm delete mode 100644 tv/5pkgs/simple/weechat-tv.nix delete mode 100644 tv/5pkgs/simple/xdpytools/default.nix delete mode 100755 tv/5pkgs/simple/xdpytools/src/xdpychvt delete mode 100755 tv/5pkgs/simple/xdpytools/src/xdpysel delete mode 100644 tv/5pkgs/simple/xkiller.nix delete mode 100644 tv/5pkgs/simple/xtoggledpms.nix delete mode 100644 tv/5pkgs/vim/default.nix delete mode 100644 tv/5pkgs/vim/elixir.nix delete mode 100644 tv/5pkgs/vim/file-line.nix delete mode 100644 tv/5pkgs/vim/fzf.nix delete mode 100644 tv/5pkgs/vim/hack.nix delete mode 100644 tv/5pkgs/vim/jq.nix delete mode 120000 tv/5pkgs/vim/lib delete mode 100644 tv/5pkgs/vim/nix.nix delete mode 100644 tv/5pkgs/vim/showsyntax.nix delete mode 100644 tv/5pkgs/vim/tv.nix delete mode 100644 tv/5pkgs/vim/vim.nix delete mode 100644 tv/default.nix delete mode 100644 tv/dummy_secrets/default.nix delete mode 100644 tv/dummy_secrets/o2.pin delete mode 100644 tv/dummy_secrets/repos.nix delete mode 100644 tv/dummy_secrets/ssh.id_ed25519 delete mode 100644 tv/dummy_secrets/ssh.id_rsa delete mode 100644 tv/krops.nix delete mode 120000 tv/lib diff --git a/configs/autotether.nix b/configs/autotether.nix new file mode 100644 index 0000000..43b5575 --- /dev/null +++ b/configs/autotether.nix @@ -0,0 +1,19 @@ +{ config, pkgs, ... }: let + cfg.serial = "17e064850405"; +in { + systemd.services.usb_tether.serviceConfig = { + SyslogIdentifier = "usb_tether"; + ExecStartPre = "${pkgs.android-tools}/bin/adb -s ${cfg.serial} wait-for-device"; + ExecStart = "${pkgs.android-tools}/bin/adb -s ${cfg.serial} shell svc usb setFunctions rndis"; + }; + services.udev.extraRules = /* sh */ '' + ACTION=="add", SUBSYSTEM=="net", KERNEL=="usb*", NAME="android" + + ACTION=="add", SUBSYSTEM=="usb", ATTR{serial}=="${cfg.serial}", \ + TAG+="systemd", ENV{SYSTEMD_WANTS}="usb_tether.service" + ''; + systemd.network.networks.android = { + matchConfig.Name = "android"; + DHCP = "yes"; + }; +} diff --git a/configs/backup.nix b/configs/backup.nix new file mode 100644 index 0000000..30d6011 --- /dev/null +++ b/configs/backup.nix @@ -0,0 +1,108 @@ +{ config, lib, mylib, pkgs, ... }: { + krebs.backup.plans = { + } // lib.mapAttrs (_: lib.recursiveUpdate { + snapshots = { + daily = { format = "%Y-%m-%d"; retain = 7; }; + weekly = { format = "%YW%W"; retain = 4; }; + monthly = { format = "%Y-%m"; retain = 12; }; + yearly = { format = "%Y"; }; + }; + }) { + bu-home-xu = { + method = "push"; + src = { host = config.krebs.hosts.bu; path = "/home"; }; + dst = { host = config.krebs.hosts.xu; path = "/bku/bu-home"; }; + startAt = "05:20"; + }; + bu-home-zu = { + method = "push"; + src = { host = config.krebs.hosts.bu; path = "/home"; }; + dst = { host = config.krebs.hosts.zu; path = "/bku/bu-home"; }; + startAt = "05:25"; + }; + nomic-home-xu = { + method = "push"; + src = { host = config.krebs.hosts.nomic; path = "/home"; }; + dst = { host = config.krebs.hosts.xu; path = "/bku/nomic-home"; }; + startAt = "05:00"; + }; + nomic-home-zu = { + method = "push"; + src = { host = config.krebs.hosts.nomic; path = "/home"; }; + dst = { host = config.krebs.hosts.zu; path = "/bku/nomic-home"; }; + startAt = "04:20"; + }; + nomic-pull-querel-home = { + method = "pull"; + src = { host = config.krebs.hosts.querel; path = "/home"; }; + dst = { host = config.krebs.hosts.nomic; path = "/fs/ponyhof/bku/querel-home"; }; + startAt = "22:00"; + }; + xu-home-bu = { + method = "push"; + src = { host = config.krebs.hosts.xu; path = "/home"; }; + dst = { host = config.krebs.hosts.bu; path = "/bku/xu-home"; }; + startAt = "04:50"; + }; + xu-home-nomic = { + method = "push"; + src = { host = config.krebs.hosts.xu; path = "/home"; }; + dst = { host = config.krebs.hosts.nomic; path = "/fs/cis3hG/bku/xu-home"; }; + startAt = "05:20"; + }; + xu-home-zu = { + method = "push"; + src = { host = config.krebs.hosts.xu; path = "/home"; }; + dst = { host = config.krebs.hosts.zu; path = "/bku/xu-home"; }; + startAt = "06:20"; + }; + xu-pull-ni-ejabberd = { + method = "pull"; + src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; }; + dst = { host = config.krebs.hosts.xu; path = "/bku/ni-ejabberd"; }; + startAt = "07:00"; + }; + xu-pull-ni-home = { + method = "pull"; + src = { host = config.krebs.hosts.ni; path = "/home"; }; + dst = { host = config.krebs.hosts.xu; path = "/bku/ni-home"; }; + startAt = "07:00"; + }; + zu-home-xu = { + method = "push"; + src = { host = config.krebs.hosts.zu; path = "/home"; }; + dst = { host = config.krebs.hosts.xu; path = "/bku/zu-home"; }; + startAt = "05:00"; + }; + zu-pull-ni-ejabberd = { + method = "pull"; + src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; }; + dst = { host = config.krebs.hosts.zu; path = "/bku/ni-ejabberd"; }; + startAt = "06:00"; + }; + zu-pull-ni-home = { + method = "pull"; + src = { host = config.krebs.hosts.ni; path = "/home"; }; + dst = { host = config.krebs.hosts.zu; path = "/bku/ni-home"; }; + startAt = "06:30"; + }; + } // lib.mapAttrs (_: lib.recursiveUpdate { + snapshots = { + minutely = { format = "%Y-%m-%dT%H:%M"; retain = 3; }; + hourly = { format = "%Y-%m-%dT%H"; retain = 3; }; + daily = { format = "%Y-%m-%d"; retain = 3; }; + }; + startAt = null; + }) { + xu-test-push-xu = { + method = "push"; + src = { host = config.krebs.hosts.xu; path = "/tmp/xu-bku-test-data"; }; + dst = { host = config.krebs.hosts.xu; path = "/bku/xu-test-push"; }; + }; + xu-test-pull-xu = { + method = "pull"; + src = { host = config.krebs.hosts.xu; path = "/tmp/xu-bku-test-data"; }; + dst = { host = config.krebs.hosts.xu; path = "/bku/xu-test-pull"; }; + }; + }; +} diff --git a/configs/bash/default.nix b/configs/bash/default.nix new file mode 100644 index 0000000..2e18d5b --- /dev/null +++ b/configs/bash/default.nix @@ -0,0 +1,66 @@ +{ config, mylib, pkgs, ... }: { + programs.bash = { + interactiveShellInit = /* sh */ '' + HISTCONTROL='erasedups:ignorespace' + HISTSIZE=900001 + HISTFILESIZE=$HISTSIZE + HISTTIMEFORMAT= + + shopt -s checkhash + shopt -s histappend histreedit histverify + shopt -s no_empty_cmd_completion + complete -d cd + + case $UID in + ${mylib.shell.escape (toString config.krebs.users.tv.uid)}) + if test ''${SHLVL-1} = 1 && test -n "''${DISPLAY-}"; then + _CURRENT_DESKTOP_NAME=''${_CURRENT_DESKTOP_NAME-$( + ${pkgs.xorg.xprop}/bin/xprop -notype -root \ + 32i _NET_CURRENT_DESKTOP \ + 8s _NET_DESKTOP_NAMES \ + | + ${pkgs.gnused}/bin/sed -r 's/.* = //;s/"//g;s/, /\a/g' | + { + read -r _NET_CURRENT_DESKTOP + IFS=$'\a' read -ra _NET_DESKTOP_NAMES + echo "''${_NET_DESKTOP_NAMES[$_NET_CURRENT_DESKTOP]}" + } + )} + case $_CURRENT_DESKTOP_NAME in + stockholm) + cd ~/stockholm + ;; + esac + fi + + export NIX_PATH="stockholm=$HOME/stockholm:$NIX_PATH" + ;; + esac + + ${pkgs.bash-fzf-history.bind} + + if test -n "''${BASH_EXTRA_INIT-}"; then + . "$BASH_EXTRA_INIT" + fi + ''; + promptInit = /* sh */ '' + case $UID in + 0) + PS1='\[\e[1;31m\]\w\[\e[0m\] ' + ;; + ${toString config.krebs.build.user.uid}) + PS1='\[\e[1;32m\]\w\[\e[0m\] ' + ;; + *) + PS1='\[\e[1;35m\]\u \[\e[1;32m\]\w\[\e[0m\] ' + ;; + esac + if test -n "$SSH_CLIENT"; then + PS1='\[\e[35m\]\h'" $PS1" + fi + if test -n "$SSH_AGENT_PID"; then + PS1="ssh-agent[$SSH_AGENT_PID] $PS1" + fi + ''; + }; +} diff --git a/configs/binary-cache/default.nix b/configs/binary-cache/default.nix new file mode 100644 index 0000000..d9e87c7 --- /dev/null +++ b/configs/binary-cache/default.nix @@ -0,0 +1,28 @@ +{ config, pkgs, ... }: { + environment.etc."binary-cache.pubkey".text = + config.krebs.build.host.binary-cache.pubkey; + + nixpkgs.overlays = [ + (self: super: { + nix-serve = self.haskellPackages.nix-serve-ng; + }) + ]; + + services.nix-serve = { + enable = true; + secretKeyFile = "${config.krebs.secret.directory}/nix-serve.key"; + }; + + services.nginx = { + enable = true; + virtualHosts.nix-serve = { + serverAliases = [ + "cache.${config.krebs.build.host.name}.hkw" + "cache.${config.krebs.build.host.name}.r" + ]; + locations."/".extraConfig = '' + proxy_pass http://localhost:${toString config.services.nix-serve.port}; + ''; + }; + }; +} diff --git a/configs/br.nix b/configs/br.nix new file mode 100644 index 0000000..b9bc70b --- /dev/null +++ b/configs/br.nix @@ -0,0 +1,49 @@ +{ config, lib, modulesPath, mylib, pkgs, ... }: { + + imports = [ + (modulesPath + "/services/hardware/sane_extra_backends/brscan4.nix") + ]; + + krebs.nixpkgs.allowUnfreePredicate = + pkg: lib.any (mylib.eq (mylib.packageName pkg)) [ + "brother-udev-rule-type1" + "brscan4" + "brscan4-etc-files" + "mfcl2700dnlpr" + ]; + + hardware.sane = { + enable = true; + brscan4 = { + enable = true; + netDevices = { + bra = { + model = "MFCL2700DN"; + ip = "10.23.1.214"; + }; + }; + }; + }; + + services.saned.enable = true; + + # usage: scanimage -d "$(find-scanner bra)" --batch --format=tiff --resolution 150 -x 211 -y 298 + environment.systemPackages = [ + (pkgs.writeDashBin "find-scanner" '' + set -efu + name=$1 + ${pkgs.sane-backends}/bin/scanimage -f '%m %d + ' \ + | ${pkgs.gawk}/bin/awk -v dev="*$name" '$1 == dev { print $2; exit }' \ + | ${pkgs.gnugrep}/bin/grep . + '') + ]; + + services.printing = { + enable = true; + drivers = [ + pkgs.mfcl2700dncupswrapper + ]; + }; + +} diff --git a/configs/default.nix b/configs/default.nix new file mode 100644 index 0000000..5d74d96 --- /dev/null +++ b/configs/default.nix @@ -0,0 +1,131 @@ +{ config, inputs, lib, mylib, pkgs, ... }: { + boot.tmpOnTmpfs = true; + + krebs.enable = true; + + krebs.build.user = config.krebs.users.tv; + + networking.hostId = lib.mkDefault (mylib.hashToLength 8 config.networking.hostName); + networking.hostName = config.krebs.build.host.name; + + imports = [ + ./backup.nix + ./bash + ./htop.nix + ./nets/hkw.nix + ./networkd.nix + ./nginx + ./nix.nix + ./pki + ./ssh.nix + ./sshd.nix + ./vim.nix + ./xdg.nix + { + users = { + defaultUserShell = "/run/current-system/sw/bin/bash"; + mutableUsers = false; + users = { + tv = { + inherit (config.krebs.users.tv) home uid; + isNormalUser = true; + extraGroups = [ "tv" ]; + }; + }; + }; + } + { + i18n.defaultLocale = lib.mkDefault "C.UTF-8"; + security.sudo.extraConfig = '' + Defaults env_keep+="SSH_CLIENT _CURRENT_DESKTOP_NAME" + Defaults mailto="${config.krebs.users.tv.mail}" + Defaults !lecture + ''; + time.timeZone = "Europe/Berlin"; + } + + { + nixpkgs.config.allowUnfree = false; + } + { + environment.homeBinInPath = true; + + environment.profileRelativeEnvVars.PATH = lib.mkForce [ "/bin" ]; + + environment.systemPackages = with pkgs; [ + rxvt_unicode.terminfo + ]; + + environment.shellAliases = lib.mkForce { + gp = "${pkgs.pari}/bin/gp -q"; + df = "df -h"; + du = "du -h"; + + # TODO alias cannot contain #\' + # "ps?" = "ps ax | head -n 1;ps ax | fgrep -v ' grep --color=auto ' | grep"; + + ls = "ls -h --color=auto --group-directories-first"; + dmesg = "dmesg -L --reltime"; + view = "vim -R"; + }; + + environment.variables = { + NIX_PATH = lib.mkForce (lib.concatStringsSep ":" [ + "secrets=/var/src/stockholm/null" + "/var/src" + ]); + }; + } + + { + services.cron.enable = false; + services.ntp.enable = false; + services.timesyncd.enable = true; + } + + { + boot.kernel.sysctl = { + # Enable IPv6 Privacy Extensions + # + # XXX use mkForce here because since NixOS 21.11 there's a collision in + # net.ipv6.conf.default.use_tempaddr, and boot.kernel.sysctl incapable + # of merging. + # + # XXX net.ipv6.conf.all.use_tempaddr is set because it was mentioned in + # https://tldp.org/HOWTO/Linux+IPv6-HOWTO/ch06s05.html + # TODO check if that is really necessary, otherwise we can rely solely + # on networking.tempAddresses in the future (when nothing is <21.11) + "net.ipv6.conf.all.use_tempaddr" = lib.mkForce 2; + "net.ipv6.conf.default.use_tempaddr" = lib.mkForce 2; + }; + } + + { + tv.iptables.enable = true; + tv.iptables.accept-echo-request = "internet"; + } + + { + services.journald.extraConfig = '' + SystemMaxUse=1G + RuntimeMaxUse=128M + ''; + } + + { + environment.systemPackages = [ + pkgs.field + pkgs.get + pkgs.git + pkgs.git-crypt + pkgs.git-preview + pkgs.hashPassword + pkgs.htop + pkgs.kpaste + pkgs.nix-prefetch-scripts + pkgs.ovh-zone + pkgs.push + ]; + } + ]; +} diff --git a/configs/elm-packages-proxy.nix b/configs/elm-packages-proxy.nix new file mode 100644 index 0000000..caea188 --- /dev/null +++ b/configs/elm-packages-proxy.nix @@ -0,0 +1,359 @@ +{ config, lib, pkgs, ... }: let + + cfg.nameserver = "1.1.1.1"; + cfg.packageDir = "/var/lib/elm-packages"; + cfg.port = 7782; + + # TODO secret files + cfg.htpasswd = "/var/lib/certs/package.elm-lang.org/htpasswd"; + cfg.sslCertificate = "/var/lib/certs/package.elm-lang.org/fullchain.pem"; + cfg.sslCertificateKey = "/var/lib/certs/package.elm-lang.org/key.pem"; + + semverRegex = + "(?0|[1-9]\\d*)\\.(?0|[1-9]\\d*)\\.(?0|[1-9]\\d*)(?:-(?(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+(?[0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?"; + +in { + services.nginx.virtualHosts."package.elm-lang.org" = { + addSSL = true; + + sslCertificate = cfg.sslCertificate; + sslCertificateKey = cfg.sslCertificateKey; + + locations."/all-packages".extraConfig = '' + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port}; + proxy_pass_header Server; + ''; + + locations."/all-packages/since/".extraConfig = '' + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port}; + proxy_pass_header Server; + ''; + + locations."~ ^/packages/(?[A-Za-z0-9-]+)/(?[A-Za-z0-9-]+)/(?${semverRegex})\$".extraConfig = '' + auth_basic "Restricted Area"; + auth_basic_user_file ${cfg.htpasswd}; + + proxy_set_header X-User $remote_user; + proxy_set_header X-Author $author; + proxy_set_header X-Package $pname; + proxy_set_header X-Version $version; + proxy_pass_header Server; + + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port}; + ''; + + locations."~ ^/packages/(?[A-Za-z0-9-]+)/(?[A-Za-z0-9-]+)/(?${semverRegex})/(?:zipball|elm.json|endpoint.json)\$".extraConfig = '' + set $zipball "${cfg.packageDir}/$author/$pname/$version/zipball"; + proxy_set_header X-Author $author; + proxy_set_header X-Package $pname; + proxy_set_header X-Version $version; + proxy_set_header X-Zipball $zipball; + proxy_pass_header Server; + resolver ${cfg.nameserver}; + + if (-f $zipball) { + set $new_uri http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port}; + } + if (!-f $zipball) { + set $new_uri https://package.elm-lang.org$request_uri; + } + + proxy_pass $new_uri; + ''; + + locations."/search.json".extraConfig = '' + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port}; + proxy_pass_header Server; + ''; + }; + + krebs.htgen.elm-packages-proxy = { + port = cfg.port; + script = /* sh */ ''. ${pkgs.writeDash "elm-packages-proxy.sh" '' + PATH=${lib.makeBinPath [ + pkgs.attr + pkgs.coreutils + pkgs.curl + pkgs.findutils + pkgs.gnugrep + pkgs.jq + pkgs.p7zip + ]} + export PATH + file_response() {( + status_code=$1 + status_reason=$2 + file=$3 + content_type=$4 + + content_length=$(wc -c "$file" | cut -d\ -f1) + + printf "HTTP/1.1 $status_code $status_reason\r\n" + printf 'Connection: close\r\n' + printf 'Content-Length: %d\r\n' "$content_length" + printf 'Content-Type: %s\r\n' "$content_type" + printf 'Server: %s\r\n' "$Server" + printf '\r\n' + cat "$file" + )} + string_response() {( + status_code=$1 + status_reason=$2 + response_body=$3 + content_type=$4 + + printf "HTTP/1.1 $status_code $status_reason\r\n" + printf 'Connection: close\r\n' + printf 'Content-Length: %d\r\n' "$(expr ''${#response_body} + 1)" + printf 'Content-Type: %s\r\n' "$content_type" + printf 'Server: %s\r\n' "$Server" + printf '\r\n' + printf '%s\n' "$response_body" + )} + + case "$Method $Request_URI" in + 'GET /packages/'*) + + author=$req_x_author + pname=$req_x_package + version=$req_x_version + + zipball=${cfg.packageDir}/$author/$pname/$version/zipball + elmjson=$HOME/cache/$author%2F$pname%2F$version%2Felm.json + endpointjson=$HOME/cache/$author%2F$pname%2F$version%2Fendpoint.json + mkdir -p "$HOME/cache" + + case $(basename $Request_URI) in + zipball) + file_response 200 OK "$zipball" application/zip + exit + ;; + elm.json) + if ! test -f "$elmjson"; then + 7z x -so "$zipball" \*/elm.json > "$elmjson" + fi + file_response 200 OK "$elmjson" 'application/json; charset=UTF-8' + exit + ;; + endpoint.json) + if ! test -f "$endpointjson"; then + hash=$(sha1sum "$zipball" | cut -d\ -f1) + url=https://package.elm-lang.org/packages/$author/$pname/$version/zipball + jq -n \ + --arg hash "$hash" \ + --arg url "$url" \ + '{ $hash, $url }' \ + > "$endpointjson" + fi + file_response 200 OK "$endpointjson" 'application/json; charset=UTF-8' + exit + ;; + esac + ;; + 'POST /packages/'*) + + author=$req_x_author + pname=$req_x_package + user=$req_x_user + version=$req_x_version + + action=uploading + force=''${req_x_force-false} + zipball=${cfg.packageDir}/$author/$pname/$version/zipball + elmjson=$HOME/cache/$author%2F$pname%2F$version%2Felm.json + endpointjson=$HOME/cache/$author%2F$pname%2F$version%2Fendpoint.json + + if test -e "$zipball"; then + if test "$force" = true; then + zipball_owner=$(attr -q -g X-User "$zipball" || :) + if test "$zipball_owner" = "$req_x_user"; then + action=replacing + rm -f "$elmjson" + rm -f "$endpointjson" + else + string_response 403 Forbidden \ + "package already exists: $author/$pname@$version" \ + text/plain + exit + fi + else + string_response 409 Conflict \ + "package already exists: $author/$pname@$version" \ + text/plain + exit + fi + fi + + echo "user $user is $action package $author/$pname@$version" >&2 + # TODO check package + mkdir -p "$(dirname "$zipball")" + head -c $req_content_length > "$zipball" + + attr -q -s X-User -V "$user" "$zipball" || : + + string_response 200 OK \ + "package created: $author/$pname@$version" \ + text/plain + + exit + ;; + 'DELETE /packages/'*) + + author=$req_x_author + pname=$req_x_package + user=$req_x_user + version=$req_x_version + + zipball=${cfg.packageDir}/$author/$pname/$version/zipball + elmjson=$HOME/cache/$author%2F$pname%2F$version%2Felm.json + endpointjson=$HOME/cache/$author%2F$pname%2F$version%2Fendpoint.json + + if test -e "$zipball"; then + zipball_owner=$(attr -q -g X-User "$zipball" || :) + if test "$zipball_owner" = "$req_x_user"; then + echo "user $user is deleting package $author/$pname@$version" >&2 + rm -f "$elmjson" + rm -f "$endpointjson" + rm "$zipball" + string_response 200 OK \ + "package deleted: $author/$pname@$version" \ + text/plain + exit + else + string_response 403 Forbidden \ + "package already exists: $author/$pname@$version" \ + text/plain + exit + fi + fi + ;; + 'GET /all-packages'|'POST /all-packages') + + response=$(mktemp -t htgen.$$.elm-packages-proxy.all-packages.XXXXXXXX) + trap "rm $response >&2" EXIT + + { + # upstream packages + curl -fsS https://package.elm-lang.org"$Request_URI" + + # private packages + (cd ${cfg.packageDir}; find -mindepth 3 -maxdepth 3) | + jq -Rs ' + split("\n") | + map( + select(.!="") | + match("^\\./(?[^/]+)/(?[^/]+)/(?[^/]+)$").captures | + map({key:.name,value:.string}) | + from_entries + ) | + reduce .[] as $item ({}; + ($item|"\(.author)/\(.pname)") as $name | + . + { "\($name)": ((.[$name] // []) + [$item.version]) } + ) + ' + } | + jq -cs add > $response + + file_response 200 OK "$response" 'application/json; charset=UTF-8' + exit + ;; + 'GET /all-packages/since/'*|'POST /all-packages/since/'*) + + response=$(mktemp -t htgen.$$.elm-packages-proxy.all-packages.XXXXXXXX) + trap "rm $response >&2" EXIT + + { + # upstream packages + curl -fsS https://package.elm-lang.org"$Request_URI" + + # private packages + (cd ${cfg.packageDir}; find -mindepth 3 -maxdepth 3) | + jq -Rs ' + split("\n") | + map( + select(.!="") | + sub("^\\./(?[^/]+)/(?[^/]+)/(?[^/]+)$";"\(.author)/\(.pname)@\(.version)") + ) | + sort_by(split("@") | [.[0]]+(.[1]|split(".")|map(tonumber))) | + reverse + ' + } | + jq -cs add > $response + + file_response 200 OK "$response" 'application/json; charset=UTF-8' + exit + ;; + 'GET /search.json') + + searchjson=$HOME/cache/search.json + mkdir -p "$HOME/cache" + + # update cached search.json + ( + last_modified=$( + if test -f "$searchjson"; then + date -Rr "$searchjson" + else + date -R -d @0 + fi + ) + tempsearchjson=$(mktemp "$searchjson.XXXXXXXX") + trap 'rm "$tempsearchjson" >&2' EXIT + curl -fsS --compressed https://package.elm-lang.org/search.json \ + -H "If-Modified-Since: $last_modified" \ + -o "$tempsearchjson" + if test -s "$tempsearchjson"; then + mv "$tempsearchjson" "$searchjson" + trap - EXIT + fi + ) + + response=$(mktemp -t htgen.$$.elm-packages-proxy.search.XXXXXXXX) + trap 'rm "$response" >&2' EXIT + + { + printf '{"upstream":'; cat "$searchjson" + printf ',"private":'; (cd ${cfg.packageDir}; find -mindepth 3 -maxdepth 3) | + jq -Rs ' + split("\n") | + map( + select(.!="") | + match("^\\./(?[^/]+)/(?[^/]+)/(?[^/]+)$").captures | + map({key:.name,value:.string}) | + from_entries + ) | + map({ + key: "\(.author)/\(.pname)", + value: .version, + }) | + from_entries + ' + printf '}' + } | + jq -c ' + reduce .upstream[] as $upstreamItem ({ private, output: [] }; + .private[$upstreamItem.name] as $privateItem | + if $privateItem then + .output += [$upstreamItem * { version: $privateItem.version }] | + .private |= del(.[$upstreamItem.name]) + else + .output += [$upstreamItem] + end + ) | + + .output + (.private | to_entries | sort_by(.key) | map({ + name: .key, + version: .value, + summary: "dummy summary", + license: "dummy license", + })) + ' \ + > $response + + file_response 200 OK "$response" 'application/json; charset=UTF-8' + exit + ;; + esac + ''}''; + }; +} diff --git a/configs/exim-retiolum.nix b/configs/exim-retiolum.nix new file mode 100644 index 0000000..7903ac3 --- /dev/null +++ b/configs/exim-retiolum.nix @@ -0,0 +1,8 @@ +{ config, pkgs, ... }: { + environment.systemPackages = [ + pkgs.eximlog + ]; + krebs.exim-retiolum.enable = true; + krebs.exim-retiolum.rspamd.enable = config.krebs.build.host.name == "nomic"; + tv.iptables.input-retiolum-accept-tcp = [ "smtp" ]; +} diff --git a/configs/exim-smarthost.nix b/configs/exim-smarthost.nix new file mode 100644 index 0000000..d983165 --- /dev/null +++ b/configs/exim-smarthost.nix @@ -0,0 +1,45 @@ +{ config, lib, pkgs, ... }: { + environment.systemPackages = [ + pkgs.eximlog + ]; + krebs.exim-smarthost = { + enable = true; + dkim = [ + { domain = "viljetic.de"; } + ]; + sender_domains = [ + "krebsco.de" + "shackspace.de" + "viljetic.de" + ]; + relay_from_hosts = lib.concatMap (host: host.nets.retiolum.addrs) [ + config.krebs.hosts.nomic + config.krebs.hosts.xu + ]; + internet-aliases = with config.krebs.users; [ + { from = "bku-eppler@viljetic.de"; to = tv.mail; } + { from = "postmaster@viljetic.de"; to = tv.mail; } # RFC 822 + { from = "mirko@viljetic.de"; to = mv-ni.mail; } + { from = "tomislav@viljetic.de"; to = tv.mail; } + { from = "tv@viljetic.de"; to = tv.mail; } + { from = "tv@shackspace.de"; to = tv.mail; } + ]; + system-aliases = [ + { from = "mailer-daemon"; to = "postmaster"; } + { from = "postmaster"; to = "root"; } + { from = "nobody"; to = "root"; } + { from = "hostmaster"; to = "root"; } + { from = "usenet"; to = "root"; } + { from = "news"; to = "root"; } + { from = "webmaster"; to = "root"; } + { from = "www"; to = "root"; } + { from = "ftp"; to = "root"; } + { from = "abuse"; to = "root"; } + { from = "noc"; to = "root"; } + { from = "security"; to = "root"; } + { from = "root"; to = "tv"; } + { from = "mirko"; to = "mv"; } + ]; + }; + tv.iptables.input-internet-accept-tcp = lib.singleton "smtp"; +} diff --git a/configs/fs/C