summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2017-12-14 10:17:40 +0100
committertv <tv@krebsco.de>2017-12-14 10:17:40 +0100
commitb5f1febe68529f7b6ebf5e1db524ba7b6ea161f9 (patch)
tree9f05e213af4917b608cd850bdd0cfabf06d157ae /lass/2configs
parentbd63530db16dd3f90af51750d25d07cca1526aaa (diff)
parent04f7ae22d6d0720d06f78c712eb9cd245cefce82 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/baseX.nix4
-rw-r--r--lass/2configs/br.nix2
-rw-r--r--lass/2configs/browsers.nix45
-rw-r--r--lass/2configs/dcso-dev.nix5
-rw-r--r--lass/2configs/default.nix1
-rw-r--r--lass/2configs/exim-smarthost.nix1
-rw-r--r--lass/2configs/games.nix2
-rw-r--r--lass/2configs/hw/gpd-pocket.nix28
-rw-r--r--lass/2configs/hw/x220.nix5
-rw-r--r--lass/2configs/websites/lassulus.nix11
10 files changed, 80 insertions, 24 deletions
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 32a9f66cf..9712bafff 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -112,10 +112,6 @@ in {
xkbOptions = "caps:backspace";
};
- services.logind.extraConfig = ''
- HandleLidSwitch=ignore
- '';
-
services.urxvtd.enable = true;
services.xresources.enable = true;
lass.screenlock.enable = true;
diff --git a/lass/2configs/br.nix b/lass/2configs/br.nix
index 35bac8fee..ad307c797 100644
--- a/lass/2configs/br.nix
+++ b/lass/2configs/br.nix
@@ -18,7 +18,7 @@ with import <stockholm/lib>;
netDevices = {
bra = {
model = "MFCL2700DN";
- ip = "10.23.42.221";
+ ip = "10.42.23.221";
};
};
};
diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix
index 6c381863c..9459cfd6f 100644
--- a/lass/2configs/browsers.nix
+++ b/lass/2configs/browsers.nix
@@ -5,19 +5,23 @@ let
mainUser = config.users.extraUsers.mainUser;
- browser-select = pkgs.writeScriptBin "browser-select" ''
- BROWSER=$(echo -e "${concatStringsSep "\\n" (attrNames config.lass.browser.paths)}" | ${pkgs.dmenu}/bin/dmenu)
+ browser-select = let
+ sortedPaths = sort (a: b: a.value.precedence > b.value.precedence)
+ (mapAttrsToList (name: value: { inherit name value; })
+ config.lass.browser.paths);
+ in pkgs.writeScriptBin "browser-select" ''
+ BROWSER=$(echo -e "${concatStringsSep "\\n" (map (getAttr "name") sortedPaths)}" | ${pkgs.dmenu}/bin/dmenu)
case $BROWSER in
${concatMapStringsSep "\n" (n: ''
- ${n})
- export BIN=${config.lass.browser.paths.${n}}/bin/${n}
+ ${n.name})
+ export BIN=${n.value.path}/bin/${n.name}
;;
- '') (attrNames config.lass.browser.paths)}
+ '') (sortedPaths)}
esac
$BIN "$@"
'';
- createChromiumUser = name: extraGroups:
+ createChromiumUser = name: extraGroups: precedence:
let
bin = pkgs.writeScriptBin name ''
/var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.chromium}/bin/chromium $@
@@ -31,7 +35,7 @@ let
useDefaultShell = true;
createHome = true;
};
- lass.browser.paths.${name} = bin;
+ lass.browser.paths.${name}.path = bin;
security.sudo.extraConfig = ''
${mainUser.name} ALL=(${name}) NOPASSWD: ALL
'';
@@ -40,10 +44,10 @@ let
];
};
- createFirefoxUser = name: extraGroups:
+ createFirefoxUser = name: extraGroups: precedence:
let
bin = pkgs.writeScriptBin name ''
- /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox}/bin/firefox $@
+ /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox-devedition-bin}/bin/firefox-devedition $@
'';
in {
users.extraUsers.${name} = {
@@ -54,7 +58,10 @@ let
useDefaultShell = true;
createHome = true;
};
- lass.browser.paths.${name} = bin;
+ lass.browser.paths.${name} = {
+ path = bin;
+ inherit precedence;
+ };
security.sudo.extraConfig = ''
${mainUser.name} ALL=(${name}) NOPASSWD: ALL
'';
@@ -79,14 +86,24 @@ in {
type = types.path;
};
options.lass.browser.paths = mkOption {
- type = with types; attrsOf path;
+ type = types.attrsOf (types.submodule ({
+ options = {
+ path = mkOption {
+ type = types.path;
+ };
+ precedence = mkOption {
+ type = types.int;
+ default = 0;
+ };
+ };
+ }));
};
}
- ( createFirefoxUser "ff" [ "audio" ] )
- ( createChromiumUser "cr" [ "video" "audio" ] )
+ ( createFirefoxUser "ff" [ "audio" ] 10 )
+ ( createChromiumUser "cr" [ "video" "audio" ] 9 )
+ ( createChromiumUser "gm" [ "video" "audio" ] 8 )
( createChromiumUser "wk" [ "video" "audio" ] )
( createChromiumUser "fb" [ "video" "audio" ] )
- ( createChromiumUser "gm" [ "video" "audio" ] )
( createChromiumUser "com" [ "video" "audio" ] )
];
}
diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix
index b7fcc7aab..2b91f91d6 100644
--- a/lass/2configs/dcso-dev.nix
+++ b/lass/2configs/dcso-dev.nix
@@ -15,6 +15,7 @@ in {
createHome = true;
openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
+ config.krebs.users.lass-android.pubkey
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhQdDQFMxXOjbC+Avx3mlcFHqQpFUk/q9sO6ATA65jCV3YzN11vhZDDv54hABVS2h8TPXs7Lu3PCvK9qouASd2h4Ie9cExUmn50G/iwgFIODsCugVYBzVt1iwaAdwz1Hb9DKYXbVXanzVJjimmrrlQNvsyZg85lcnfyedpPX5ad+4FdSP68LHqEHC18LTitldR6V4P1omaKHlOtVpDgR/72tDgbtNZDBn3EU+TPk9OLTzjc6PinPw4iIvjEfiu14APwXpFDIqT7P7SjOEFpa0v/1z7dhxIy/Z9XbqyEdUfhv3PjZR5K2C+VzR7g6jVEVR2xFId51MpLv/Un4/lalbphBEw3I90Rr8tatOJiFhyrXbaKTcLqp1sIu05OxdPkm3hzfmLIhoKxhaIlXH7WQ9sAqxL1NAQ7O+J6yT4DMnwKzvpkkJjBaGtV84Pp1cccfNRH8XXID3FkWkrUpdgXWBpyLnRq4ilUJTajkU0GSdXkq8kLL3mWg9LPRTg3dmDj61ZB/qhjM61ppwHJvDRN9WI5HruXIU6nOQjh5yE2C/JZfLcsZD4Y1UDBy5/JSZrCVT2sQjFopkkYEkRCbX7oITHOH4iyRdxZkKWLUPboFrcmBpXO+owCEhO4JZrtfFWMC6qM++nrmiZWOrdIOIvdYHWluhKR2shlkisEKQP5pUqkw== markus.hihn@dcso.de"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1T5+2epslFARSnETdr4wdolA6ocJaD4H9tmz6BZFQKXlwIq+OMp+sSEdwYwW3Lu9+mNbBHPxVVJDWg/We9DXB0ezXPM5Bs1+FcehmkoGwkmgKaFCDt0sL+CfSnog/3wEkN21O/rQxVFqMmiJ7WUDGci6IKCFZ5ZjOsmmfHg5p3LYxU9xv33fNr2v+XauhrGbFtQ7eDz4kSywxN/aw73LN4d8em0V0UV8VPI3Qkw7MamDFwefA+K1TfK8pBzMeruU6N7HLuNkpkAp7kS+K4Zzd72aQtR37a5qMiFUbOxQ9B7iFypuPx0iu6ZwY1s/sM8t3kLmcDJ9O4FOTzlbpneet3as6iJ+Ckr/TlfKor2Tl5pWcXh2FXHoG8VUu5bYmIViJBrKihAlAQfQN0mJ9fdFTnCXVTtbYTy11s4eEVHgUlb7oSpgBnx5bnBONgApbsOX9zyoo8wz8KkZBcf1SQpkV5br8uUAHCcZtHuY6I3kKlv+8lJmgUipiYzMdTi7+dHa49gVEcEKL4ZnJ0msQkl4XT7JjKETLvumC4/TIqVuRu48wuYalkCR9OzxCsTXQ/msBJBztPdYLrEOXVb2HfzuCT+43UuMQ5rP/EoPy0TWQO9BaqfEXqvbOvWjVxj/GMvglQ2ChZTwHxwwTKB8qRVvJLnbZQwizQiSrkzjb6hRJfQ== u0_a165@localhost"
];
@@ -42,6 +43,10 @@ in {
};
};
+ krebs.per-user.dev.packages = [
+ pkgs.go
+ ];
+
security.sudo.extraConfig = ''
${mainUser.name} ALL=(dev) NOPASSWD: ALL
'';
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index f8b750093..0e00dc2fd 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -22,6 +22,7 @@ with import <stockholm/lib>;
config.krebs.users.lass.pubkey
config.krebs.users.lass-shodan.pubkey
config.krebs.users.lass-icarus.pubkey
+ config.krebs.users.lass-xerxes.pubkey
];
};
mainUser = {
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 763633dd9..2d848773f 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -48,6 +48,7 @@ with import <stockholm/lib>;
{ from = "tomtop@lassul.us"; to = lass.mail; }
{ from = "aliexpress@lassul.us"; to = lass.mail; }
{ from = "business@lassul.us"; to = lass.mail; }
+ { from = "payeer@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix
index d114a826d..6cea271c1 100644
--- a/lass/2configs/games.nix
+++ b/lass/2configs/games.nix
@@ -57,7 +57,7 @@ let
in {
environment.systemPackages = with pkgs; [
- dwarf_fortress
+ (dwarf-fortress.override { theme = dwarf-fortress-packages.phoebus-theme; })
doom1
doom2
vdoom1
diff --git a/lass/2configs/hw/gpd-pocket.nix b/lass/2configs/hw/gpd-pocket.nix
new file mode 100644
index 000000000..87b4c518b
--- /dev/null
+++ b/lass/2configs/hw/gpd-pocket.nix
@@ -0,0 +1,28 @@
+{ pkgs, ... }:
+
+let
+ dummy_firmware = pkgs.writeTextFile {
+ name = "brcmfmac4356-pcie.txt";
+ text = builtins.readFile ./brcmfmac4356-pcie.txt;
+ destination = "/lib/firmware/brcm/brcmfmac4356-pcie.txt";
+ };
+in {
+ #imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
+ hardware.firmware = [ dummy_firmware ];
+ hardware.enableRedistributableFirmware = true;
+
+ boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi" "sdhci_pci" ];
+ boot.kernelPackages = pkgs.linuxPackages_4_14;
+ boot.kernelParams = [
+ "fbcon=rotate:1"
+ ];
+ services.xserver.displayManager.sessionCommands = ''
+ (sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output DSI1 --rotate right)
+ (sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop 'Goodix Capacitive TouchScreen' 'Coordinate Transformation Matrix' 0 1 0 -1 0 1 0 0 1)
+ '';
+ services.xserver.dpi = 200;
+ fonts.fontconfig.dpi = 200;
+ lass.fonts.regular = "xft:Hack-Regular:pixelsize=22,xft:Symbola";
+ lass.fonts.bold = "xft:Hack-Bold:pixelsize=22,xft:Symbola";
+ lass.fonts.italic = "xft:Hack-RegularOblique:pixelsize=22,xft:Symbol";
+}
diff --git a/lass/2configs/hw/x220.nix b/lass/2configs/hw/x220.nix
index bf7decc40..f5651da13 100644
--- a/lass/2configs/hw/x220.nix
+++ b/lass/2configs/hw/x220.nix
@@ -29,4 +29,9 @@
options = ["nosuid" "nodev" "noatime"];
};
};
+
+ services.logind.extraConfig = ''
+ HandleLidSwitch=ignore
+ '';
+
}
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 77f0c79e3..25ca1f455 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -153,15 +153,15 @@ in {
};
security.acme.certs."cgit.lassul.us" = {
- email = "lassulus@gmail.com";
- webroot = "/var/lib/acme/acme-challenges";
+ email = "lassulus@lassul.us";
+ webroot = "/var/lib/acme/acme-challenge";
plugins = [
"account_key.json"
- "key.pem"
"fullchain.pem"
+ "key.pem"
];
group = "nginx";
- allowKeysForGroup = true;
+ user = "nginx";
};
@@ -170,6 +170,9 @@ in {
addSSL = true;
sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem";
sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem";
+ locations."/.well-known/acme-challenge".extraConfig = ''
+ root /var/lib/acme/acme-challenge;
+ '';
};
users.users.blog = {