Merge branch 'master' of prism.r:stockholm

18 files changed, 122 insertions, 76 deletions

diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix
index 6674b3db5..8ec744584 100644
--- a/lass/1systems/daedalus/config.nix
+++ b/lass/1systems/daedalus/config.nix
@@ -41,6 +41,7 @@ with import <stockholm/lib>;
         skype
         wine
       ];
+      nixpkgs.config.firefox.enableAdobeFlash = true;
       services.xserver.enable = true;
       services.xserver.displayManager.lightdm.enable = true;
       services.xserver.desktopManager.plasma5.enable = true;
diff --git a/lass/1systems/dishfire/config.nix b/lass/1systems/dishfire/config.nix
index 416edeb82..7993c763e 100644
--- a/lass/1systems/dishfire/config.nix
+++ b/lass/1systems/dishfire/config.nix
@@ -43,6 +43,7 @@
       networking.dhcpcd.allowInterfaces = [
         "enp*"
         "eth*"
+        "ens*"
       ];
     }
     {
diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix
index 8bd9735a9..fc30a3478 100644
--- a/lass/1systems/helios/config.nix
+++ b/lass/1systems/helios/config.nix
@@ -120,8 +120,6 @@ with import <stockholm/lib>;
     ];
   };
 
-  programs.ssh.startAgent = lib.mkForce true;
-
   services.tlp.enable = true;
 
   services.xserver.videoDrivers = [ "nvidia" ];
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index ad133802f..c231a0b10 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -30,6 +30,7 @@ with import <stockholm/lib>;
     <stockholm/lass/2configs/otp-ssh.nix>
     <stockholm/lass/2configs/c-base.nix>
     <stockholm/lass/2configs/br.nix>
+    <stockholm/lass/2configs/ableton.nix>
     {
       #risk of rain port
       krebs.iptables.tables.filter.INPUT.rules = [
@@ -70,10 +71,6 @@ with import <stockholm/lib>;
       ];
     }
     {
-      #ps vita stuff
-      boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
-    }
-    {
       services.tor = {
         enable = true;
         client.enable = true;
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 1cca76331..0b2c10f92 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -234,8 +234,7 @@ in {
     }
     <stockholm/lass/2configs/exim-smarthost.nix>
     <stockholm/lass/2configs/ts3.nix>
-    <stockholm/lass/2configs/bitlbee.nix>
-    <stockholm/lass/2configs/weechat.nix>
+    <stockholm/lass/2configs/IM.nix>
     <stockholm/lass/2configs/privoxy-retiolum.nix>
     <stockholm/lass/2configs/radio.nix>
     <stockholm/lass/2configs/repo-sync.nix>
@@ -303,6 +302,13 @@ in {
         }
       ];
     }
+    {
+      krebs.repo-sync.repos.stockholm.timerConfig = {
+        OnBootSec = "5min";
+        OnUnitInactiveSec = "2min";
+        RandomizedDelaySec = "2min";
+      };
+    }
   ];
 
   krebs.build.host = config.krebs.hosts.prism;
diff --git a/lass/2configs/IM.nix b/lass/2configs/IM.nix
new file mode 100644
index 000000000..80cebf099
--- /dev/null
+++ b/lass/2configs/IM.nix
@@ -0,0 +1,68 @@
+with (import <stockholm/lib>);
+{ config, lib, pkgs, ... }:
+
+let
+  tmux = pkgs.writeDash "tmux" ''
+    exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" ''
+      set-option -g prefix `
+      unbind-key C-b
+      bind ` send-prefix
+
+      set-option -g status off
+      set-option -g default-terminal screen-256color
+
+      #use session instead of windows
+      bind-key c new-session
+      bind-key p switch-client -p
+      bind-key n switch-client -n
+      bind-key C-s switch-client -l
+    ''} "$@"
+  '';
+in {
+
+  services.bitlbee = {
+    enable = true;
+    portNumber = 6666;
+    plugins = [
+      pkgs.bitlbee-facebook
+      pkgs.bitlbee-steam
+      pkgs.bitlbee-discord
+    ];
+    libpurple_plugins = [ pkgs.telegram-purple ];
+  };
+
+  users.extraUsers.chat = {
+    home = "/home/chat";
+    uid = genid "chat";
+    useDefaultShell = true;
+    createHome = true;
+    openssh.authorizedKeys.keys = with config.krebs.users; [
+      lass.pubkey
+      lass-shodan.pubkey
+      lass-icarus.pubkey
+      lass-android.pubkey
+    ];
+  };
+
+  # mosh
+  krebs.iptables.tables.filter.INPUT.rules = [
+    { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
+    { predicate = "-p tcp --dport 9999"; target = "ACCEPT";}
+  ];
+
+  systemd.services.chat = {
+    description = "chat environment setup";
+    after = [ "network.target" ];
+    wantedBy = [ "multi-user.target" ];
+
+    restartIfChanged = false;
+
+    serviceConfig = {
+      User = "chat";
+      RemainAfterExit = true;
+      Type = "oneshot";
+      ExecStart = "${tmux} -2 new-session -d -s IM ${pkgs.weechat}/bin/weechat";
+      ExecStop = "${tmux} kill-session -t IM";
+    };
+  };
+}
diff --git a/lass/2configs/ableton.nix b/lass/2configs/ableton.nix
new file mode 100644
index 000000000..9d6f481b0
--- /dev/null
+++ b/lass/2configs/ableton.nix
@@ -0,0 +1,20 @@
+{ config, pkgs, ... }: let
+  mainUser = config.users.extraUsers.mainUser;
+in {
+  users.users= {
+    ableton = {
+      isNormalUser = true;
+      extraGroups = [
+        "audio"
+        "video"
+      ];
+      packages = [
+        pkgs.wine
+        pkgs.winetricks
+      ];
+    };
+  };
+  security.sudo.extraConfig = ''
+    ${mainUser.name} ALL=(ableton) NOPASSWD: ALL
+  '';
+}
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 6f5533b0d..59ea0ecb7 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -53,7 +53,7 @@ in {
 
   time.timeZone = "Europe/Berlin";
 
-  programs.ssh.startAgent = false;
+  programs.ssh.startAgent = true;
   services.openssh.forwardX11 = true;
 
   services.printing = {
diff --git a/lass/2configs/bitlbee.nix b/lass/2configs/bitlbee.nix
deleted file mode 100644
index b23628dc5..000000000
--- a/lass/2configs/bitlbee.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ config, pkgs, ... }:
-
-{
-  services.bitlbee = {
-    enable = true;
-    portNumber = 6666;
-    plugins = [
-      pkgs.bitlbee-facebook
-      pkgs.bitlbee-steam
-    ];
-  };
-}
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 0e00dc2fd..c68aee330 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -1,5 +1,5 @@
-{ config, pkgs, ... }:
 with import <stockholm/lib>;
+{ config, pkgs, ... }:
 {
   imports = [
     ../2configs/binary-cache/client.nix
@@ -78,7 +78,7 @@ with import <stockholm/lib>;
 
   users.mutableUsers = false;
 
-  services.timesyncd.enable = true;
+  services.timesyncd.enable = mkForce true;
 
   #why is this on in the first place?
   services.nscd.enable = false;
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 2d848773f..94191fcb7 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -49,6 +49,11 @@ with import <stockholm/lib>;
       { from = "aliexpress@lassul.us"; to = lass.mail; }
       { from = "business@lassul.us"; to = lass.mail; }
       { from = "payeer@lassul.us"; to = lass.mail; }
+      { from = "github@lassul.us"; to = lass.mail; }
+      { from = "bitwala@lassul.us"; to = lass.mail; }
+      { from = "bitstamp@lassul.us"; to = lass.mail; }
+      { from = "bitcoin.de@lassul.us"; to = lass.mail; }
+      { from = "ableton@lassul.us"; to = lass.mail; }
     ];
     system-aliases = [
       { from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix
index 61cc7cfe0..2541df3a6 100644
--- a/lass/2configs/reaktor-coders.nix
+++ b/lass/2configs/reaktor-coders.nix
@@ -21,6 +21,7 @@ with import <stockholm/lib>;
         -XFlexibleInstances -XMultiParamTypeClasses \
         -XOverloadedStrings -XFunctionalDependencies \'';
     in [
+      sed-plugin
       url-title
       (buildSimpleReaktorPlugin "lambdabot-pl" {
         pattern = "^@pl (?P<args>.*)$$";
@@ -64,8 +65,7 @@ with import <stockholm/lib>;
       })
       (buildSimpleReaktorPlugin "random-unicorn-porn" {
         pattern = "^!rup$$";
-        script = pkgs.writePython2 "rup" ''
-          #!${pkgs.python2}/bin/python
+        script = pkgs.writePython2 [] "rup" ''
           t1 = """
                               _.
                            ;=',_ ()
diff --git a/lass/2configs/security-workarounds.nix b/lass/2configs/security-workarounds.nix
index 537c8a59b..c3d07d5fe 100644
--- a/lass/2configs/security-workarounds.nix
+++ b/lass/2configs/security-workarounds.nix
@@ -5,4 +5,6 @@ with import <stockholm/lib>;
   boot.extraModprobeConfig = ''
     install dccp /run/current-system/sw/bin/false
   '';
+
+  boot.kernelPackages = pkgs.linuxPackages_latest;
 }
diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix
index f6c736fbc..5fe9e1450 100644
--- a/lass/2configs/vim.nix
+++ b/lass/2configs/vim.nix
@@ -103,7 +103,6 @@ let
     cnoreabbrev Ack Ack!
 
     " copy/paste from/to xclipboard
-    noremap x "_x
     set clipboard=unnamedplus
   '';
 
diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix
deleted file mode 100644
index d5496ac09..000000000
--- a/lass/2configs/weechat.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
-  inherit (import <stockholm/lib>) genid;
-in {
-  krebs.per-user.chat.packages = with pkgs; [
-    mosh
-    weechat
-  ];
-
-  users.extraUsers.chat = {
-    home = "/home/chat";
-    uid = genid "chat";
-    useDefaultShell = true;
-    createHome = true;
-    openssh.authorizedKeys.keys = with config.krebs.users; [
-      lass.pubkey
-      lass-shodan.pubkey
-      lass-icarus.pubkey
-      lass-android.pubkey
-    ];
-  };
-
-  # mosh
-  krebs.iptables.tables.filter.INPUT.rules = [
-    { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
-  ];
-
-  #systemd.services.chat = {
-  #  description = "chat environment setup";
-  #  after = [ "network.target" ];
-  #  wantedBy = [ "multi-user.target" ];
-
-  #  path = with pkgs; [
-  #    weechat
-  #    tmux
-  #  ];
-
-  #  restartIfChanged = true;
-
-  #  serviceConfig = {
-  #    User = "chat";
-  #    Restart = "always";
-  #    ExecStart = "${pkgs.tmux}/bin/tmux new -s IM weechat";
-  #  };
-  #};
-}
diff --git a/lass/3modules/news.nix b/lass/3modules/news.nix
index 06b80df8d..b6061736c 100644
--- a/lass/3modules/news.nix
+++ b/lass/3modules/news.nix
@@ -38,7 +38,7 @@ let
     };
     ircServer = mkOption {
       type = types.str;
-      default = "echelon.r";
+      default = "localhost";
       description = "to which server the bot should connect";
     };
   };
diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix
index d3f76903d..2dd352bd4 100644
--- a/lass/5pkgs/xmonad-lass.nix
+++ b/lass/5pkgs/xmonad-lass.nix
@@ -66,7 +66,7 @@ main' = do
             { terminal           = myTerm
             , modMask            = mod4Mask
             , layoutHook         = smartBorders $ myLayoutHook
-            , manageHook         = placeHook (smart (1,0)) <+> floatNextHook
+            , manageHook         = placeHook (smart (1,0)) <+> floatNextHook <+> floatHooks
             , startupHook =
                 whenJustM (liftIO (lookupEnv "XMONAD_STARTUP_HOOK"))
                           (\path -> forkFile path [] Nothing)
@@ -80,6 +80,14 @@ myLayoutHook = defLayout
   where
     defLayout = minimize $ ((avoidStruts $ Tall 1 (3/100) (1/2) ||| Full ||| Mirror (Tall 1 (3/100) (1/2))) ||| FixedColumn 2 80 80 1 ||| simplestFloat)
 
+floatHooks = composeAll . concat $
+    [ [ title =? t --> doFloat | t <- myTitleFloats]
+    , [ className =? c --> doFloat | c <- myClassFloats ] ]
+  where
+      myTitleFloats = [] -- for the KDE "open link" popup from konsole
+      myClassFloats = ["Pinentry"] -- for gpg passphrase entry
+
+
 myKeyMap :: [([Char], X ())]
 myKeyMap =
     [ ("M4-<F11>", spawn "${config.lass.screenlock.command}")
diff --git a/lass/source.nix b/lass/source.nix
index bf992d4d2..a6314694c 100644
--- a/lass/source.nix
+++ b/lass/source.nix
@@ -10,7 +10,7 @@ in
       nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
       nixpkgs.git = {
         url = https://github.com/nixos/nixpkgs;
-        ref = "af7e479";
+        ref = "0b30c1d";
       };
       secrets = getAttr builder {
         buildbot.file = toString <stockholm/lass/2configs/tests/dummy-secrets>;