summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2017-10-26 18:43:33 +0200
committertv <tv@krebsco.de>2017-10-26 18:43:33 +0200
commitd5fd5107e6cd8e4d1cd0e63420d35a9df5279e7f (patch)
tree05731b063ed6243632b6c3a61a329618da6a6951
parent1993cbc42114c759a47fed8de1e73980d3df57d9 (diff)
parent458bd5f6bda5b5718959613ceb989862a530ed7b (diff)
Merge remote-tracking branch 'prism/master'
-rw-r--r--krebs/2configs/news.nix1
-rw-r--r--krebs/3modules/lass/default.nix8
-rw-r--r--krebs/5pkgs/simple/Reaktor/plugins.nix3
-rw-r--r--lass/1systems/helios/config.nix2
-rw-r--r--lass/1systems/prism/config.nix8
-rw-r--r--lass/2configs/baseX.nix8
-rw-r--r--lass/2configs/default.nix2
-rw-r--r--lass/2configs/dns-stuff.nix1
-rw-r--r--lass/2configs/screenlock.nix17
-rw-r--r--lass/3modules/default.nix1
-rw-r--r--lass/3modules/screenlock.nix37
-rw-r--r--lass/5pkgs/xmonad-lass.nix4
-rw-r--r--lass/source.nix2
-rw-r--r--lib/types.nix26
-rw-r--r--makefu/1systems/cake/config.nix3
-rw-r--r--makefu/1systems/latte/config.nix1
-rw-r--r--makefu/1systems/latte/source.nix3
-rw-r--r--makefu/2configs/binary-cache/lass.nix1
-rw-r--r--makefu/2configs/tools/dev.nix1
-rw-r--r--makefu/3modules/default.nix1
-rw-r--r--makefu/3modules/wvdial.nix71
-rw-r--r--makefu/source.nix3
-rw-r--r--nin/1systems/hiawatha/config.nix5
-rw-r--r--nin/2configs/default.nix9
-rw-r--r--nin/2configs/skype.nix27
-rw-r--r--nin/source.nix2
26 files changed, 204 insertions, 43 deletions
diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix
index 56395c166..2628c7986 100644
--- a/krebs/2configs/news.nix
+++ b/krebs/2configs/news.nix
@@ -16,6 +16,7 @@
vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news
weechat|http://dev.weechat.org/feed/atom|#news
xkcd|https://xkcd.com/rss.xml|#news
+ painload|https://github.com/krebscode/painload/commits/master.atom|#news
'';
};
}
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 534eac716..3e03e71cb 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -437,8 +437,14 @@ with import <stockholm/lib>;
ip4.addr = "129.215.90.4";
aliases = [ "eddie.i" ];
};
- retiolum = {
+ retiolum = rec {
via = internet;
+ addrs = [
+ # edinburgh university
+ "129.215.0.0/16"
+ ip4.addr
+ ip6.addr
+ ];
ip4.addr = "10.243.29.170";
ip6.addr = "42:4992:6a6d:700::1";
aliases = [ "eddie.r" ];
diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix
index c611d7471..518e80d0e 100644
--- a/krebs/5pkgs/simple/Reaktor/plugins.nix
+++ b/krebs/5pkgs/simple/Reaktor/plugins.nix
@@ -144,7 +144,8 @@ rec {
'';
};
wiki-todo-show = buildSimpleReaktorPlugin "wiki-todo" {
- script = pkgs.writeDash "wiki-todo-add" ''
+ pattern = "^wiki-show$";
+ script = pkgs.writeDash "wiki-show" ''
${pkgs.coreutils}/bin/cat wiki-todo
'';
};
diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix
index 6db6f8fd1..70aa3832d 100644
--- a/lass/1systems/helios/config.nix
+++ b/lass/1systems/helios/config.nix
@@ -115,4 +115,6 @@ with import <stockholm/lib>;
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; })
];
+
+ lass.screenlock.command = "${pkgs.i3lock}/bin/i3lock -i /home/lass/lock.png -t -f";
}
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 30d5c8dab..a0bc1b900 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -168,6 +168,14 @@ in {
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBQhLGvfv4hyQ/nqJGy1YgHXPSVl6igeWTroJSvAhUFgoh+rG+zvqY0EahKXNb3sq0/OYDCTJVuucc0hgCg7T2KqTqMtTb9EEkRmCFbD7F7DWZojCrh/an6sHneqT5eFvzAPZ8E5hup7oVQnj5P5M3I9keRHBWt1rq6q0IcOEhsFvne4qJc73aLASTJkxzlo5U8ju3JQOl6474ECuSn0lb1fTrQ/SR1NgF7jV11eBldkS8SHEB+2GXjn4Yrn+QUKOnDp+B85vZmVlJSI+7XR1/U/xIbtAjGTEmNwB6cTbBv9NCG9jloDDOZG4ZvzzHYrlBXjaigtQh2/4mrHoKa5eV juhulian@juhulian"
];
};
+ users.users.hellrazor = {
+ uid = genid "hellrazor";
+ isNormalUser = true;
+ extraGroups = [
+ "download"
+ ];
+ openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQFaYOWRUvHP6I37q9Dd4PJOq8FNQqAeJZ8pLx0G62uC450kbPGcG80rHHvXmk7HqQP6biJmMg48bOsvXAScPot2Qhp1Qc35CuUqVhLiTvUAsi8l/iJjhjZ23yRGDCAmW5+JIOzIvECkcbMnG7YoYAQ9trNGHe9qwGzQGhpt3QVClE23WtE3PVKRLQx1VbiabSnAm6tXVd2zpUoSdpWt8Gpi2taM4XXJ5+l744MNxFHvDapN5xqpYzwrA34Ii13jNLWcGbtgxESpR+VjnamdWByrkBsW4X5/xn2K1I1FrujaM/DBHV1QMaDKst9V8+uL5X7aYNt0OUBu2eyZdg6aujY2BYovB9uRyR1JIuSbA/a54MM96yN9WirMUufJF/YZrV0L631t9EW8ORyWUo1GRzMuBHVHQlfApj7NCU/jEddUuTqKgwyRgTmMFMUI4M0tRULAB/7pBE1Vbcx9tg6RsKIk8VkskfbBJW9Y6Sx6YoFlxPdgMNIrBefqEjIV62piP7YLMlvfIDCJ7TNd9dLN86XGggZ/nD5zt6SL1o61vVnw9If8pHosppxADPJsJvcdN6fOe16/tFAeE0JRo0jTcyFVTBGfhpey+rFfuW8wtUyuO5WPUxkOn7xMHGMWHJAtWX2vwVIDtLxvqn48B4SmEOpPD6ii+vcpwqAex3ycqBUQ==" ];
+ };
}
{
#hotdog
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 9d4ad8c6a..a8bb8693f 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -6,7 +6,6 @@ in {
imports = [
./mpv.nix
./power-action.nix
- ./screenlock.nix
./copyq.nix
./xresources.nix
./livestream.nix
@@ -31,15 +30,15 @@ in {
options.lass.fonts = {
regular = mkOption {
type = types.str;
- default = "xft:Hack-Regular:pixelsize=11,xft:Symbola";
+ default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1";
};
bold = mkOption {
type = types.str;
- default = "xft:Hack-Bold:pixelsize=11,xft:Symbola";
+ default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1";
};
italic = mkOption {
type = types.str;
- default = "xft:Hack-RegularOblique:pixelsize=11,xft:Symbol";
+ default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1";
};
};
}
@@ -136,4 +135,5 @@ in {
};
services.urxvtd.enable = true;
+ lass.screenlock.enable = true;
}
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index f745dc4a1..10d14e151 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -50,7 +50,7 @@ with import <stockholm/lib>;
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
};
}
- (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in {
+ (let ca-bundle = "/etc/ssl/certs/ca-bundle.crt"; in {
environment.variables = {
CURL_CA_BUNDLE = ca-bundle;
GIT_SSL_CAINFO = ca-bundle;
diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix
index e305145f5..411b07503 100644
--- a/lass/2configs/dns-stuff.nix
+++ b/lass/2configs/dns-stuff.nix
@@ -13,6 +13,7 @@ with import <stockholm/lib>;
};
services.dnsmasq = {
enable = true;
+ resolveLocalQueries = false;
extraConfig = ''
server=127.1.0.1
#no-resolv
diff --git a/lass/2configs/screenlock.nix b/lass/2configs/screenlock.nix
deleted file mode 100644
index b5bc4ee2a..000000000
--- a/lass/2configs/screenlock.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ pkgs, config, ... }:
-
-{
- systemd.services.screenlock = {
- before = [ "sleep.target" ];
- wantedBy = [ "sleep.target" ];
- environment = {
- DISPLAY = ":0";
- };
- serviceConfig = {
- SyslogIdentifier = "screenlock";
- ExecStart = "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f";
- Type = "forking";
- User = "lass";
- };
- };
-}
diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix
index e7744395d..e14e39bc2 100644
--- a/lass/3modules/default.nix
+++ b/lass/3modules/default.nix
@@ -8,6 +8,7 @@ _:
./mysql-backup.nix
./news.nix
./pyload.nix
+ ./screenlock.nix
./umts.nix
./usershadow.nix
./xresources.nix
diff --git a/lass/3modules/screenlock.nix b/lass/3modules/screenlock.nix
new file mode 100644
index 000000000..cf38f8357
--- /dev/null
+++ b/lass/3modules/screenlock.nix
@@ -0,0 +1,37 @@
+{ pkgs, config, ... }:
+
+with import <stockholm/lib>;
+
+let
+ cfg = config.lass.screenlock;
+
+ out = {
+ options.lass.screenlock = api;
+ config = mkIf cfg.enable imp;
+ };
+
+ api = {
+ enable = mkEnableOption "news";
+ command = mkOption {
+ type = types.str;
+ default = "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f";
+ };
+ };
+
+ imp = {
+ systemd.services.screenlock = {
+ before = [ "sleep.target" ];
+ wantedBy = [ "sleep.target" ];
+ environment = {
+ DISPLAY = ":0";
+ };
+ serviceConfig = {
+ SyslogIdentifier = "screenlock";
+ ExecStart = cfg.command;
+ Type = "forking";
+ User = "lass";
+ };
+ };
+ };
+
+in out
diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix
index 997b60b8f..12c078940 100644
--- a/lass/5pkgs/xmonad-lass.nix
+++ b/lass/5pkgs/xmonad-lass.nix
@@ -97,7 +97,7 @@ displaySomeException = displayException
myKeyMap :: [([Char], X ())]
myKeyMap =
- [ ("M4-<F11>", spawn "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f")
+ [ ("M4-<F11>", spawn "${config.lass.screenlock.command}")
, ("M4-C-p", spawn "${pkgs.scrot}/bin/scrot ~/public_html/scrot.png")
, ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type")
, ("M4-o", spawn "${pkgs.brain}/bin/brainmenu --type")
@@ -139,6 +139,8 @@ myKeyMap =
, ("M4-<F6>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 10")
, ("M4-<F7>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 33")
, ("M4-<F8>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 100")
+
+ , ("<Pause>", spawn "${pkgs.xcalib}/bin/xcalib -invert -alter")
]
forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X ()
diff --git a/lass/source.nix b/lass/source.nix
index e0af7d83c..910d70334 100644
--- a/lass/source.nix
+++ b/lass/source.nix
@@ -10,7 +10,7 @@ in
nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
- ref = "1987983";
+ ref = "c99239b";
};
secrets.file = getAttr builder {
buildbot = toString <stockholm/lass/2configs/tests/dummy-secrets>;
diff --git a/lib/types.nix b/lib/types.nix
index 70570a6b3..08dc0974e 100644
--- a/lib/types.nix
+++ b/lib/types.nix
@@ -92,7 +92,7 @@ rec {
default = null;
};
addrs = mkOption {
- type = listOf addr;
+ type = listOf cidr;
default =
optional (config.ip4 != null) config.ip4.addr ++
optional (config.ip6 != null) config.ip6.addr;
@@ -109,7 +109,7 @@ rec {
type = addr4;
};
prefix = mkOption ({
- type = str; # TODO routing prefix (CIDR)
+ type = cidr4;
} // optionalAttrs (config.name == "retiolum") {
default = "10.243.0.0/16";
});
@@ -125,7 +125,7 @@ rec {
apply = lib.normalize-ip6-addr;
};
prefix = mkOption ({
- type = str; # TODO routing prefix (CIDR)
+ type = cidr6;
} // optionalAttrs (config.name == "retiolum") {
default = "42::/16";
});
@@ -364,6 +364,26 @@ rec {
merge = mergeOneOption;
};
+ cidr = either cidr4 cidr6;
+ cidr4 = mkOptionType {
+ name = "CIDRv4 address";
+ check = let
+ CIDRv4address = let d = "([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"; in
+ concatMapStringsSep "." (const d) (range 1 4) + "(/([1-2]?[0-9]|3[0-2]))?";
+ in
+ test CIDRv4address;
+ merge = mergeOneOption;
+ };
+ cidr6 = mkOptionType {
+ name = "CIDRv6 address";
+ check = let
+ # TODO check IPv6 address harder
+ CIDRv6address = "[0-9a-f.:]+(/([0-9][0-9]?|1[0-2][0-8]))?";
+ in
+ test CIDRv6address;
+ merge = mergeOneOption;
+ };
+
binary-cache-pubkey = str;
pgp-pubkey = str;
diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix
index e8438e50d..c287c28df 100644
--- a/makefu/1systems/cake/config.nix
+++ b/makefu/1systems/cake/config.nix
@@ -6,6 +6,9 @@
# configure your hw:
# <stockholm/makefu/2configs/save-diskspace.nix>
];
+ users.extraUsers.root.openssh.authorizedKeys.keys = [
+ config.krebs.users.tv.pubkey
+ ];
krebs = {
enable = true;
tinc.retiolum.enable = true;
diff --git a/makefu/1systems/latte/config.nix b/makefu/1systems/latte/config.nix
index d532f216f..3b06660c6 100644
--- a/makefu/1systems/latte/config.nix
+++ b/makefu/1systems/latte/config.nix
@@ -26,6 +26,7 @@ in {
<stockholm/makefu/2configs/zsh-user.nix>
# Services
<stockholm/makefu/2configs/remote-build/slave.nix>
+ <stockholm/makefu/2configs/torrent.nix>
];
krebs = {
diff --git a/makefu/1systems/latte/source.nix b/makefu/1systems/latte/source.nix
index d997fb3f0..d9600909a 100644
--- a/makefu/1systems/latte/source.nix
+++ b/makefu/1systems/latte/source.nix
@@ -1,3 +1,4 @@
import <stockholm/makefu/source.nix> {
- name="latte";
+ name = "latte";
+ torrent = true;
}
diff --git a/makefu/2configs/binary-cache/lass.nix b/makefu/2configs/binary-cache/lass.nix
index 4813eeb0f..46b386e14 100644
--- a/makefu/2configs/binary-cache/lass.nix
+++ b/makefu/2configs/binary-cache/lass.nix
@@ -7,6 +7,7 @@
];
binaryCachePublicKeys = [
"cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="
+ "cache.prism-2:YwmCm3/s/D+SxrPKN/ETjlpw/219pNUbpnluatp6FKI="
];
};
}
diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix
index 6681484fd..d3d50c433 100644
--- a/makefu/2configs/tools/dev.nix
+++ b/makefu/2configs/tools/dev.nix
@@ -16,5 +16,6 @@
whatsupnix
brain
gen-oath-safe
+ cdrtools
];
}
diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix
index 00df56bee..af0e81df5 100644
--- a/makefu/3modules/default.nix
+++ b/makefu/3modules/default.nix
@@ -15,6 +15,7 @@ _:
./torrent.nix
./udpt.nix
./umts.nix
+ ./wvdial.nix
];
}
diff --git a/makefu/3modules/wvdial.nix b/makefu/3modules/wvdial.nix
new file mode 100644
index 000000000..1ed929ed4
--- /dev/null
+++ b/makefu/3modules/wvdial.nix
@@ -0,0 +1,71 @@
+# Global configuration for wvdial.
+
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+ configFile = ''
+ [Dialer Defaults]
+ PPPD PATH = ${pkgs.ppp}/sbin/pppd
+ ${config.environment.wvdial.dialerDefaults}
+ '';
+
+ cfg = config.environment.wvdial;
+
+in
+{
+ ###### interface
+
+ options = {
+
+ environment.wvdial = {
+
+ dialerDefaults = mkOption {
+ default = "";
+ type = types.str;
+ example = ''Init1 = AT+CGDCONT=1,"IP","internet.t-mobile"'';
+ description = ''
+ Contents of the "Dialer Defaults" section of
+ <filename>/etc/wvdial.conf</filename>.
+ '';
+ };
+
+ pppDefaults = mkOption {
+ default = ''
+ noipdefault
+ usepeerdns
+ defaultroute
+ persist
+ noauth
+ '';
+ type = types.str;
+ description = "Default ppp settings for wvdial.";
+ };
+
+ };
+
+ };
+
+ ###### implementation
+
+ config = mkIf (cfg.dialerDefaults != "") {
+
+ environment = {
+
+ etc =
+ [
+ { source = pkgs.writeText "wvdial.conf" configFile;
+ target = "wvdial.conf";
+ }
+ { source = pkgs.writeText "wvdial" cfg.pppDefaults;
+ target = "ppp/peers/wvdial";
+ }
+ ];
+
+ };
+
+ };
+
+}
diff --git a/makefu/source.nix b/makefu/source.nix
index 013426195..8c880a8e2 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -11,8 +11,7 @@ let
then "buildbot"
else "makefu";
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
- ref = "727a3a3"; # unstable @ 2017-10-07
- # + revert wvdial (76f4910)
+ ref = "809cf38"; # unstable @ 2017-10-07
# + ruby stuff (2f0b17e4be9,55a952be5b5)
# + mitmproxy fix (360a5efd,ef52c95b)
diff --git a/nin/1systems/hiawatha/config.nix b/nin/1systems/hiawatha/config.nix
index 0e48b41c2..fdae354ff 100644
--- a/nin/1systems/hiawatha/config.nix
+++ b/nin/1systems/hiawatha/config.nix
@@ -15,6 +15,7 @@ with lib;
<stockholm/nin/2configs/git.nix>
<stockholm/nin/2configs/retiolum.nix>
<stockholm/nin/2configs/termite.nix>
+ <stockholm/nin/2configs/skype.nix>
];
krebs.build.host = config.krebs.hosts.hiawatha;
@@ -98,10 +99,6 @@ with lib;
allowUnfree = true;
- firefox = {
- enableGoogleTalkPlugin = true;
- enableAdobeFlash = true;
- };
};
#services.logind.extraConfig = "HandleLidSwitch=ignore";
diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix
index 212fd368e..0d2253c27 100644
--- a/nin/2configs/default.nix
+++ b/nin/2configs/default.nix
@@ -4,6 +4,7 @@ with import <stockholm/lib>;
{
imports = [
../2configs/vim.nix
+ <stockholm/krebs/2configs/binary-cache/prism.nix>
{
users.extraUsers =
mapAttrs (_: h: { hashedPassword = h; })
@@ -45,12 +46,6 @@ with import <stockholm/lib>;
SSL_CERT_FILE = ca-bundle;
};
})
- {
- nix = {
- binaryCaches = ["http://cache.prism.r"];
- binaryCachePublicKeys = ["cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="];
- };
- }
];
networking.hostName = config.krebs.build.host.name;
@@ -96,6 +91,7 @@ with import <stockholm/lib>;
gnumake
jq
proot
+ pavucontrol
populate
p7zip
termite
@@ -158,6 +154,7 @@ with import <stockholm/lib>;
filter.INPUT.rules = [
{ predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
+ { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; }
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
{ predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
diff --git a/nin/2configs/skype.nix b/nin/2configs/skype.nix
new file mode 100644
index 000000000..621dfae82
--- /dev/null
+++ b/nin/2configs/skype.nix
@@ -0,0 +1,27 @@
+{ config, lib, pkgs, ... }:
+
+let
+ mainUser = config.users.extraUsers.nin;
+ inherit (import <stockholm/lib>) genid;
+
+in {
+ users.extraUsers = {
+ skype = {
+ name = "skype";
+ uid = genid "skype";
+ description = "user for running skype";
+ home = "/home/skype";
+ useDefaultShell = true;
+ extraGroups = [ "audio" "video" ];
+ createHome = true;
+ };
+ };
+
+ krebs.per-user.skype.packages = [
+ pkgs.skype
+ ];
+
+ security.sudo.extraConfig = ''
+ ${mainUser.name} ALL=(skype) NOPASSWD: ALL
+ '';
+}
diff --git a/nin/source.nix b/nin/source.nix
index 183c71bae..188ebafcc 100644
--- a/nin/source.nix
+++ b/nin/source.nix
@@ -14,6 +14,6 @@ in
stockholm.file = toString <stockholm>;
nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
- ref = "799435b";
+ ref = "c99239b";
};
}