diff options
| author | tv <tv@krebsco.de> | 2015-12-20 19:37:46 +0100 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2015-12-20 19:37:46 +0100 |
| commit | c89907175546aa0c39bc6b2c4960f0ea6e6db8c9 (patch) | |
| tree | 158bf1a5938fc37efc466b00b3f0906ac2a50d9f /lass/2configs | |
| parent | c09bc6a29f21f1c6bd21575e385b8b3bc5c89b8a (diff) | |
| parent | 5821d8438578db623a3e248c52fefa424fad0b51 (diff) | |
Merge remote-tracking branch 'gum/master'
Diffstat (limited to 'lass/2configs')
| -rw-r--r-- | lass/2configs/base.nix | 8 | ||||
| -rw-r--r-- | lass/2configs/baseX.nix | 60 | ||||
| -rw-r--r-- | lass/2configs/bitlbee.nix | 16 | ||||
| -rw-r--r-- | lass/2configs/browsers.nix | 14 | ||||
| -rw-r--r-- | lass/2configs/elster.nix | 3 | ||||
| -rw-r--r-- | lass/2configs/fetchWallpaper.nix | 11 | ||||
| -rw-r--r-- | lass/2configs/git.nix | 8 | ||||
| -rw-r--r-- | lass/2configs/go.nix | 5 | ||||
| -rw-r--r-- | lass/2configs/libvirt.nix | 22 | ||||
| -rw-r--r-- | lass/2configs/mc.nix | 28 | ||||
| -rw-r--r-- | lass/2configs/skype.nix | 6 | ||||
| -rw-r--r-- | lass/2configs/teamviewer.nix | 6 | ||||
| -rw-r--r-- | lass/2configs/websites/domsen.nix | 35 | ||||
| -rw-r--r-- | lass/2configs/websites/wohnprojekt-rhh.de.nix | 12 | ||||
| -rw-r--r-- | lass/2configs/weechat.nix | 31 | ||||
| -rw-r--r-- | lass/2configs/xserver/Xresources.nix | 27 | ||||
| -rw-r--r-- | lass/2configs/xserver/default.nix | 160 | ||||
| -rw-r--r-- | lass/2configs/xserver/xserver.conf.nix | 40 |
18 files changed, 403 insertions, 89 deletions
diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 11bc4f089..40f4e12c7 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -17,6 +17,7 @@ with lib; root = { openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey + config.krebs.users.uriel.pubkey ]; }; mainUser = { @@ -30,6 +31,7 @@ with lib; ]; openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey + config.krebs.users.uriel.pubkey ]; }; }; @@ -48,7 +50,7 @@ with lib; source = { git.nixpkgs = { url = https://github.com/Lassulus/nixpkgs; - rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80"; + rev = "363c8430f1efad8b03d5feae6b3a4f2fe7b29251"; }; dir.secrets = { host = config.krebs.hosts.mors; @@ -92,6 +94,10 @@ with lib; most rxvt_unicode.terminfo + #monitoring tools + htop + iotop + #network iptables diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 3be3676aa..4e46c18d2 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -5,7 +5,8 @@ let in { imports = [ ./base.nix - ./urxvt.nix + #./urxvt.nix + ./xserver ]; users.extraUsers.mainUser.extraGroups = [ "audio" ]; @@ -34,38 +35,39 @@ in { sxiv much push + zathura #window manager stuff - haskellPackages.xmobar - haskellPackages.yeganesh - dmenu2 - xlibs.fontschumachermisc + #haskellPackages.xmobar + #haskellPackages.yeganesh + #dmenu2 + #xlibs.fontschumachermisc ]; - fonts.fonts = [ - pkgs.xlibs.fontschumachermisc - ]; - - services.xserver = { - enable = true; - - windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [ - X11-xshape - ]; - windowManager.xmonad.enable = true; - windowManager.xmonad.enableContribAndExtras = true; - windowManager.default = "xmonad"; - desktopManager.default = "none"; - desktopManager.xterm.enable = false; - displayManager.slim.enable = true; - displayManager.auto.enable = true; - displayManager.auto.user = mainUser.name; - - layout = "us"; - xkbModel = "evdev"; - xkbVariant = "altgr-intl"; - xkbOptions = "caps:backspace"; - }; + #fonts.fonts = [ + # pkgs.xlibs.fontschumachermisc + #]; + + #services.xserver = { + # enable = true; + + # windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [ + # X11-xshape + # ]; + # windowManager.xmonad.enable = true; + # windowManager.xmonad.enableContribAndExtras = true; + # windowManager.default = "xmonad"; + # desktopManager.default = "none"; + # desktopManager.xterm.enable = false; + # displayManager.slim.enable = true; + # displayManager.auto.enable = true; + # displayManager.auto.user = mainUser.name; + + # layout = "us"; + # xkbModel = "evdev"; + # xkbVariant = "altgr-intl"; + # xkbOptions = "caps:backspace"; + #}; services.logind.extraConfig = '' HandleLidSwitch=ignore diff --git a/lass/2configs/bitlbee.nix b/lass/2configs/bitlbee.nix index fa14c7fea..b23628dc5 100644 --- a/lass/2configs/bitlbee.nix +++ b/lass/2configs/bitlbee.nix @@ -1,16 +1,12 @@ { config, pkgs, ... }: -let - lpkgs = import ../5pkgs { inherit pkgs; }; -in { - - imports = [ - ../3modules/bitlbee.nix - ]; - - lass.bitlbee = { +{ + services.bitlbee = { enable = true; - bitlbeePkg = lpkgs.bitlbee; portNumber = 6666; + plugins = [ + pkgs.bitlbee-facebook + pkgs.bitlbee-steam + ]; }; } diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 5a1857973..d36801863 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -1,8 +1,6 @@ { config, lib, pkgs, ... }: let - inherit (import ../4lib { inherit pkgs lib; }) simpleScript; - mainUser = config.users.extraUsers.mainUser; createChromiumUser = name: extraGroups: packages: { @@ -18,8 +16,8 @@ let ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; environment.systemPackages = [ - (simpleScript name '' - sudo -u ${name} -i chromium $@ + (pkgs.writeScriptBin name '' + /var/setuid-wrappers/sudo -u ${name} -i chromium $@ '') ]; }; @@ -38,8 +36,8 @@ let ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; environment.systemPackages = [ - (simpleScript name '' - sudo -u ${name} -i firefox $@ + (pkgs.writeScriptBin name '' + /var/setuid-wrappers/sudo -u ${name} -i firefox $@ '') ]; }; @@ -49,7 +47,7 @@ let in { environment.systemPackages = [ - (simpleScript "browser-select" '' + (pkgs.writeScriptBin "browser-select" '' BROWSER=$(echo -e "ff\ncr\nfb\ngm\nflash" | dmenu) $BROWSER $@ '') @@ -62,7 +60,7 @@ in { ( createChromiumUser "cr" [ "audio" ] [ pkgs.chromium ] ) ( createChromiumUser "fb" [ ] [ pkgs.chromium ] ) ( createChromiumUser "gm" [ ] [ pkgs.chromium ] ) - # ( createChromiumUser "flash" [ ] [ pkgs.flash ] ) + ( createChromiumUser "flash" [ ] [ pkgs.flash ] ) ]; nixpkgs.config.packageOverrides = pkgs : { diff --git a/lass/2configs/elster.nix b/lass/2configs/elster.nix index 1edd01896..e3a88c789 100644 --- a/lass/2configs/elster.nix +++ b/lass/2configs/elster.nix @@ -14,6 +14,9 @@ in { createHome = true; }; }; + krebs.per-user.elster.packages = [ + pkgs.chromium + ]; security.sudo.extraConfig = '' ${mainUser.name} ALL=(elster) NOPASSWD: ALL ''; diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix new file mode 100644 index 000000000..9c27706cb --- /dev/null +++ b/lass/2configs/fetchWallpaper.nix @@ -0,0 +1,11 @@ +{ config, pkgs, ... }: + +let + +in { + krebs.fetchWallpaper = { + enable = true; + url = "echelon/wallpaper.png"; + }; +} + diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 7e8fc03c7..16ecaefec 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../tv/4lib { inherit lib pkgs; }; +with lib; let @@ -43,19 +43,19 @@ let collaborators = with config.krebs.users; [ tv makefu ]; }; } // - import /root/src/secrets/repos.nix { inherit config lib pkgs; } + import <secrets/repos.nix> { inherit config lib pkgs; } ); make-public-repo = name: { desc ? null, ... }: { inherit name desc; public = true; hooks = { - post-receive = git.irc-announce { + post-receive = pkgs.git-hooks.irc-announce { # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; channel = "#retiolum"; server = "cd.retiolum"; - verbose = config.krebs.build.host.name == "echelon"; + verbose = config.krebs.build.host.name == "prism"; }; }; }; diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix index 81a02ec7c..f4c2ac289 100644 --- a/lass/2configs/go.nix +++ b/lass/2configs/go.nix @@ -2,13 +2,10 @@ with lib; { - imports = [ - ../3modules/go.nix - ]; environment.systemPackages = [ pkgs.go ]; - lass.go = { + krebs.go = { enable = true; }; krebs.nginx = { diff --git a/lass/2configs/libvirt.nix b/lass/2configs/libvirt.nix new file mode 100644 index 000000000..368722e77 --- /dev/null +++ b/lass/2configs/libvirt.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: + +let + mainUser = config.users.extraUsers.mainUser; + +in { + virtualisation.libvirtd.enable = true; + + users.extraUsers = { + libvirt = { + uid = 358821352; # genid libvirt + description = "user for running libvirt stuff"; + home = "/home/libvirt"; + useDefaultShell = true; + extraGroups = [ "libvirtd" "audio" ]; + createHome = true; + }; + }; + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(libvirt) NOPASSWD: ALL + ''; +} diff --git a/lass/2configs/mc.nix b/lass/2configs/mc.nix index 87880ed00..b7d5a4ceb 100644 --- a/lass/2configs/mc.nix +++ b/lass/2configs/mc.nix @@ -159,37 +159,25 @@ let ### Images ### - type/^GIF + shell/i/.gif Include=image - type/^JPEG + regex/i/\.jpe?g$ Include=image - type/^PC\ bitmap + shell/i/.bmp Include=image - type/^PNG + shell/i/.png Include=image - type/^JNG + shell/i/.jng Include=image - type/^MNG + shell/i/.mng Include=image - type/^TIFF - Include=image - - type/^PBM - Include=image - - type/^PGM - Include=image - - type/^PPM - Include=image - - type/^Netpbm + shell/i/.tiff Include=image shell/.ico @@ -283,7 +271,7 @@ let ### Documents ### # PDF - type/^PDF + shell/i/.pdf Open=zathura %f View=zathura %f diff --git a/lass/2configs/skype.nix b/lass/2configs/skype.nix index 7e4618a7b..6a226441b 100644 --- a/lass/2configs/skype.nix +++ b/lass/2configs/skype.nix @@ -4,10 +4,6 @@ let mainUser = config.users.extraUsers.mainUser; in { - imports = [ - ../3modules/per-user.nix - ]; - users.extraUsers = { skype = { name = "skype"; @@ -20,7 +16,7 @@ in { }; }; - lass.per-user.skype.packages = [ + krebs.per-user.skype.packages = [ pkgs.skype ]; diff --git a/lass/2configs/teamviewer.nix b/lass/2configs/teamviewer.nix new file mode 100644 index 000000000..48053d7db --- /dev/null +++ b/lass/2configs/teamviewer.nix @@ -0,0 +1,6 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ + services.teamviewer.enable = true; +} diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix new file mode 100644 index 000000000..109c216c0 --- /dev/null +++ b/lass/2configs/websites/domsen.nix @@ -0,0 +1,35 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ../../3modules/static_nginx.nix + ../../3modules/owncloud_nginx.nix + ../../3modules/wordpress_nginx.nix + ]; + + lass.staticPage = { + "karlaskop.de" = {}; + "makeup.apanowicz.de" = {}; + "pixelpocket.de" = {}; + "reich-gebaeudereinigung.de" = {}; + }; + + lass.owncloud = { + "o.ubikmedia.de" = { + instanceid = "oc8n8ddbftgh"; + }; + }; + + services.mysql = { + enable = true; + package = pkgs.mariadb; + rootPassword = toString (<secrets/mysql_rootPassword>); + }; + + #lass.wordpress = { + # "ubikmedia.de" = { + # }; + #}; + +} + diff --git a/lass/2configs/websites/wohnprojekt-rhh.de.nix b/lass/2configs/websites/wohnprojekt-rhh.de.nix new file mode 100644 index 000000000..cd31450c5 --- /dev/null +++ b/lass/2configs/websites/wohnprojekt-rhh.de.nix @@ -0,0 +1,12 @@ +{ config, ... }: + +{ + imports = [ + ../../3modules/static_nginx.nix + ]; + + lass.staticPage = { + "wohnprojekt-rhh.de" = {}; + }; +} + diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix index cfcc1a2f6..18007ed61 100644 --- a/lass/2configs/weechat.nix +++ b/lass/2configs/weechat.nix @@ -1,22 +1,37 @@ { config, lib, pkgs, ... }: -with lib; { - imports = [ - ../3modules/per-user.nix - ]; - - lass.per-user.chat.packages = [ + krebs.per-user.chat.packages = [ pkgs.weechat pkgs.tmux ]; users.extraUsers.chat = { home = "/home/chat"; + uid = 986764891; # genid chat useDefaultShell = true; createHome = true; - openssh.authorizedKeys.keys = map readFile [ - ../../krebs/Zpubkeys/lass.ssh.pub + openssh.authorizedKeys.keys = [ + config.krebs.users.lass.pubkey ]; }; + + #systemd.services.chat = { + # description = "chat environment setup"; + # after = [ "network.target" ]; + # wantedBy = [ "multi-user.target" ]; + + # path = with pkgs; [ + # weechat + # tmux + # ]; + + # restartIfChanged = true; + + # serviceConfig = { + # User = "chat"; + # Restart = "always"; + # ExecStart = "${pkgs.tmux}/bin/tmux new -s IM weechat"; + # }; + #}; } diff --git a/lass/2configs/xserver/Xresources.nix b/lass/2configs/xserver/Xresources.nix new file mode 100644 index 000000000..d52418897 --- /dev/null +++ b/lass/2configs/xserver/Xresources.nix @@ -0,0 +1,27 @@ +{ config, lib, pkgs, ... }: + +with lib; + +pkgs.writeText "Xresources" '' + URxvt*scrollBar: false + URxvt*urgentOnBell: true + URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-* + URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-* + + ! ref https://github.com/muennich/urxvt-perls + URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl + URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select + URxvt.url-select.launcher: browser-select + URxvt.url-select.underline: true + URxvt.keysym.M-u: perl:url-select:select_next + URxvt.keysym.M-Escape: perl:keyboard-select:activate + URxvt.keysym.M-s: perl:keyboard-select:search + + URxvt.intensityStyles: false + + URxvt*background: #000000 + URxvt*foreground: #ffffff + + !change unreadable blue + URxvt*color4: #268bd2 +'' diff --git a/lass/2configs/xserver/default.nix b/lass/2configs/xserver/default.nix new file mode 100644 index 000000000..da337f6a7 --- /dev/null +++ b/lass/2configs/xserver/default.nix @@ -0,0 +1,160 @@ +{ config, lib, pkgs, ... }@args: + +with lib; + +let + # TODO krebs.build.user + user = config.users.users.mainUser; + + out = { + + services.xserver = { + display = 11; + tty = 11; + + synaptics = { + enable = true; + twoFingerScroll = true; + accelFactor = "0.035"; + }; + + #keyboard stuff + layout = "us"; + xkbVariant = "altgr-intl"; + xkbOptions = "caps:backspace"; + }; + + fonts.fonts = [ + pkgs.xlibs.fontschumachermisc + ]; + + systemd.services.urxvtd = { + wantedBy = [ "multi-user.target" ]; + reloadIfChanged = true; + serviceConfig = { + ExecReload = need-reload "urxvtd.service"; + ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd"; + Restart = "always"; + RestartSec = "2s"; + StartLimitBurst = 0; + User = user.name; + }; + }; + + environment.systemPackages = [ + pkgs.gitAndTools.qgit + pkgs.mpv + pkgs.pavucontrol + pkgs.slock + pkgs.sxiv + pkgs.xsel + pkgs.zathura + ]; + + security.setuidPrograms = [ + "slock" + ]; + + systemd.services.display-manager = mkForce {}; + + services.xserver.enable = true; + + systemd.services.xmonad = { + wantedBy = [ "multi-user.target" ]; + requires = [ "xserver.service" ]; + environment = xmonad-environment; + serviceConfig = { + ExecStart = "${xmonad-start}/bin/xmonad"; + ExecStop = "${xmonad-stop}/bin/xmonad-stop"; + User = user.name; + WorkingDirectory = user.home; + }; + }; + + systemd.services.xserver = { + after = [ + "systemd-udev-settle.service" + "local-fs.target" + "acpid.service" + ]; + reloadIfChanged = true; + environment = xserver-environment; + serviceConfig = { + ExecReload = need-reload "xserver.service"; + ExecStart = "${xserver}/bin/xserver"; + }; + }; + }; + + xmonad-environment = { + DISPLAY = ":${toString config.services.xserver.display}"; + XMONAD_STATE = "/tmp/xmonad.state"; + + # XXX JSON is close enough :) + XMONAD_WORKSPACES0_FILE = pkgs.writeText "xmonad.workspaces0" (toJSON [ + "cr" + "gm" + "ff" + "IM" + "mail" + "stockholm" + ]); + }; + + xmonad-start = pkgs.writeScriptBin "xmonad" '' + #! ${pkgs.bash}/bin/bash + set -efu + export PATH; PATH=${makeSearchPath "bin" ([ + pkgs.rxvt_unicode + pkgs.i3lock + pkgs.haskellPackages.yeganesh + pkgs.dmenu + ] ++ config.environment.systemPackages)}:/var/setuid-wrappers + settle() {( + # Use PATH for a clean journal + command=''${1##*/} + PATH=''${1%/*}; export PATH + shift + until "$command" "$@"; do + ${pkgs.coreutils}/bin/sleep 1 + done + )&} + settle ${pkgs.xorg.xhost}/bin/xhost +LOCAL: + settle ${pkgs.xorg.xrdb}/bin/xrdb -merge ${import ./Xresources.nix args} + settle ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' + exec ${pkgs.xmonad-lass}/bin/xmonad + ''; + + xmonad-stop = pkgs.writeScriptBin "xmonad-stop" '' + #! /bin/sh + exec ${pkgs.xmonad-lass}/bin/xmonad --shutdown + ''; + + xserver-environment = { + XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension. + XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime. + LD_LIBRARY_PATH = concatStringsSep ":" ( + [ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ] + ++ concatLists (catAttrs "libPath" config.services.xserver.drivers)); + }; + + xserver = pkgs.writeScriptBin "xserver" '' + #! /bin/sh + set -efu + exec ${pkgs.xorg.xorgserver}/bin/X \ + :${toString config.services.xserver.display} \ + vt${toString config.services.xserver.tty} \ + -config ${import ./xserver.conf.nix args} \ + -logfile /var/log/X.${toString config.services.xserver.display}.log \ + -nolisten tcp \ + -xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb \ + ''; + + need-reload = s: let + pkg = pkgs.writeScriptBin "need-reload" '' + #! /bin/sh + echo "$*" + ''; + in "${pkg}/bin/need-reload ${s}"; + +in out diff --git a/lass/2configs/xserver/xserver.conf.nix b/lass/2configs/xserver/xserver.conf.nix new file mode 100644 index 000000000..e8a997a99 --- /dev/null +++ b/lass/2configs/xserver/xserver.conf.nix @@ -0,0 +1,40 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.xserver; +in + +pkgs.stdenv.mkDerivation { + name = "xserver.conf"; + + xfs = optionalString (cfg.useXFS != false) + ''FontPath "${toString cfg.useXFS}"''; + + inherit (cfg) config; + + buildCommand = + '' + echo 'Section "Files"' >> $out + echo $xfs >> $out + + for i in ${toString config.fonts.fonts}; do + if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then + for j in $(find $i -name fonts.dir); do + echo " FontPath \"$(dirname $j)\"" >> $out + done + fi + done + + for i in $(find ${toString cfg.modules} -type d); do + if test $(echo $i/*.so* | wc -w) -ne 0; then + echo " ModulePath \"$i\"" >> $out + fi + done + + echo 'EndSection' >> $out + + echo "$config" >> $out + ''; +} |