summaryrefslogtreecommitdiffstats
path: root/lass
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-10-27 15:02:39 +0200
committertv <tv@krebsco.de>2018-10-27 15:02:39 +0200
commit212bc39249f9792cbedf2e9a6b3fed90c52c63e7 (patch)
treede2a5cf0be852b8beb8317481649460194f40d5b /lass
parent34e1f09bf5e233bee78ee63166d2a1d9944a51f9 (diff)
parent24f4e8dcf0eca55378fa018a9ed980625222653d (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass')
-rw-r--r--lass/1systems/mors/config.nix2
-rw-r--r--lass/1systems/prism/config.nix10
-rw-r--r--lass/1systems/prism/physical.nix84
-rw-r--r--lass/2configs/baseX.nix1
-rw-r--r--lass/2configs/exim-smarthost.nix1
-rw-r--r--lass/2configs/games.nix1
-rw-r--r--lass/2configs/git.nix28
-rw-r--r--lass/2configs/mail.nix1
-rw-r--r--lass/2configs/radio.nix86
-rw-r--r--lass/2configs/reaktor-coders.nix18
-rw-r--r--lass/2configs/urxvt.nix2
-rw-r--r--lass/2configs/vim.nix15
-rw-r--r--lass/2configs/websites/domsen.nix6
-rw-r--r--lass/2configs/websites/lassulus.nix5
-rw-r--r--lass/3modules/xjail.nix7
-rw-r--r--lass/5pkgs/custom/xmonad-lass/default.nix5
-rw-r--r--lass/krops.nix5
17 files changed, 150 insertions, 127 deletions
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index 69954a3e9..6d65b58c2 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -77,6 +77,7 @@ with import <stockholm/lib>;
environment.systemPackages = [
pkgs.ovh-zone
pkgs.bank
+ pkgs.adb-sync
];
}
{
@@ -143,7 +144,6 @@ with import <stockholm/lib>;
OnCalendar = "00:37";
};
- nix.package = pkgs.nixUnstable;
programs.adb.enable = true;
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
virtualisation.docker.enable = true;
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index f83721070..bf7de6fc5 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -291,16 +291,6 @@ with import <stockholm/lib>;
];
}
{
- services.nginx = {
- enable = true;
- virtualHosts."radio.lassul.us" = {
- forceSSL = true;
- enableACME = true;
- locations."/".extraConfig = ''
- proxy_pass http://localhost:8000;
- '';
- };
- };
}
{
lass.nichtparasoup.enable = true;
diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix
index 83f127c22..56348d0ab 100644
--- a/lass/1systems/prism/physical.nix
+++ b/lass/1systems/prism/physical.nix
@@ -3,27 +3,39 @@
imports = [
./config.nix
{
- networking.interfaces.et0.ipv4.addresses = [
- {
- address = config.krebs.build.host.nets.internet.ip4.addr;
+ boot.kernelParams = [ "net.ifnames=0" ];
+ networking = {
+ defaultGateway = "46.4.114.225";
+ # Use google's public DNS server
+ nameservers = [ "8.8.8.8" ];
+ interfaces.eth0 = {
+ ipAddress = "46.4.114.247";
prefixLength = 27;
- }
- {
- address = "46.4.114.243";
- prefixLength = 27;
- }
- ];
- networking.defaultGateway = "46.4.114.225";
- networking.nameservers = [
- "8.8.8.8"
- ];
- services.udev.extraRules = ''
- SUBSYSTEM=="net", ATTR{address}=="08:60:6e:e7:87:04", NAME="et0"
- '';
+ };
+ };
+ # TODO use this network config
+ #networking.interfaces.et0.ipv4.addresses = [
+ # {
+ # address = config.krebs.build.host.nets.internet.ip4.addr;
+ # prefixLength = 27;
+ # }
+ # {
+ # address = "46.4.114.243";
+ # prefixLength = 27;
+ # }
+ #];
+ #networking.defaultGateway = "46.4.114.225";
+ #networking.nameservers = [
+ # "8.8.8.8"
+ #];
+ #services.udev.extraRules = ''
+ # SUBSYSTEM=="net", ATTR{address}=="08:60:6e:e7:87:04", NAME="et0"
+ #'';
}
{
imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
+ networking.hostId = "fb4173ea";
boot.loader.grub = {
devices = [
"/dev/sda"
@@ -40,45 +52,25 @@
boot.kernelModules = [ "kvm-intel" ];
- fileSystems."/" = {
- device = "/dev/pool/nix_root";
- fsType = "ext4";
- };
-
- fileSystems."/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
-
- fileSystems."/var/download" = {
- device = "/dev/pool/download";
- fsType = "ext4";
- };
+ sound.enable = false;
+ nixpkgs.config.allowUnfree = true;
+ time.timeZone = "Europe/Berlin";
- fileSystems."/srv/http" = {
- device = "/dev/pool/http";
- fsType = "ext4";
+ fileSystems."/" = {
+ device = "rpool/root/nixos";
+ fsType = "zfs";
};
fileSystems."/home" = {
- device = "/dev/pool/home";
- fsType = "ext4";
+ device = "rpool/home";
+ fsType = "zfs";
};
- fileSystems."/bku" = {
- device = "/dev/pool/bku";
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/b67c3370-1597-4ce8-8a46-e257ca32150d";
fsType = "ext4";
};
- swapDevices = [
- { label = "swap1"; }
- { label = "swap2"; }
- ];
-
- sound.enable = false;
- nixpkgs.config.allowUnfree = true;
- time.timeZone = "Europe/Berlin";
}
];
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 95aac2d18..e8a2539f3 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -71,7 +71,6 @@ in {
lm_sensors
ncdu
nix-index
- nix-repl
nmap
pavucontrol
powertop
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 846000a3a..6ef3c8595 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -89,6 +89,7 @@ with import <stockholm/lib>;
{ from = "cis@lassul.us"; to = lass.mail; }
{ from = "afra@lassul.us"; to = lass.mail; }
{ from = "ksp@lassul.us"; to = lass.mail; }
+ { from = "ccc@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix
index 81f53bf69..17c3cf3be 100644
--- a/lass/2configs/games.nix
+++ b/lass/2configs/games.nix
@@ -57,7 +57,6 @@ let
in {
environment.systemPackages = with pkgs; [
- (dwarf-fortress.override { theme = dwarf-fortress-packages.phoebus-theme; })
doom1
doom2
vdoom1
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index 97def9df3..c5b5c01fb 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -50,18 +50,38 @@ let
cgit.desc = "take a description of your disk layout and produce a format script";
cgit.section = "software";
};
+ go = {
+ cgit.desc = "url shortener";
+ cgit.section = "software";
+ };
krebspage = {
cgit.desc = "homepage of krebs";
cgit.section = "configuration";
};
+ krops = {
+ cgit.desc = "krebs deployment";
+ cgit.section = "software";
+ };
news = {
cgit.desc = "take a rss feed and a timeout and print it to stdout";
cgit.section = "software";
};
+ newsbot-js = {
+ cgit.desc = "print rss feeds to irc channels";
+ cgit.section = "software";
+ };
+ nix-user-chroot = {
+ cgit.desc = "Fork of nix-user-chroot by lethalman";
+ cgit.section = "software";
+ };
nix-writers = {
cgit.desc = "high level writers for nix";
cgit.section = "software";
};
+ nixos-generators = {
+ cgit.desc = "custom image builders";
+ cgit.section = "software";
+ };
nixpkgs = {
cgit.desc = "nixpkgs fork";
cgit.section = "configuration";
@@ -81,14 +101,6 @@ let
cgit.desc = "Good Music collection + tools";
cgit.section = "art";
};
- nix-user-chroot = {
- cgit.desc = "Fork of nix-user-chroot by lethalman";
- cgit.section = "software";
- };
- krops = {
- cgit.desc = "krebs deployment";
- cgit.section = "software";
- };
xmonad-stockholm = {
cgit.desc = "krebs xmonad modules";
cgit.section = "configuration";
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 9246abfed..e50689254 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -210,6 +210,7 @@ in {
environment.systemPackages = [
msmtp
mutt
+ pkgs.notmuch
pkgs.much
tag-new-mails
tag-old-mails
diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index a83d51f1d..bf6855804 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -36,8 +36,9 @@ in {
home = "/home/${name}";
useDefaultShell = true;
createHome = true;
- openssh.authorizedKeys.keys = [
- config.krebs.users.lass.pubkey
+ openssh.authorizedKeys.keys = with config.krebs.users; [
+ lass.pubkey
+ lass-mors.pubkey
];
};
};
@@ -131,6 +132,30 @@ in {
};
};
+ systemd.services.radio-recent = let
+ recentlyPlayed = pkgs.writeDash "recentlyPlayed" ''
+ LIMIT=1000 #how many tracks to keep in the history
+ HISTORY_FILE=/tmp/played
+ while :; do
+ ${pkgs.mpc_cli}/bin/mpc idle player > /dev/null
+ ${pkgs.mpc_cli}/bin/mpc current -f %file%
+ done | while read track; do
+ echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
+ echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
+ done
+ '';
+ in {
+ description = "radio recently played";
+ after = [ "mpd.service" "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ restartIfChanged = true;
+
+ serviceConfig = {
+ ExecStart = recentlyPlayed;
+ };
+ };
+
krebs.Reaktor.playlist = {
nickname = "the_playlist|r";
channels = [
@@ -157,27 +182,40 @@ in {
})
];
};
- services.nginx.virtualHosts."lassul.us".locations."/the_playlist".extraConfig = let
- html = pkgs.writeText "index.html" ''
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <title>lassulus playlist</title>
- </head>
- <body>
- <div style="display:inline-block;margin:0px;padding:0px;overflow:hidden">
- <iframe src="https://kiwiirc.com/client/irc.freenode.org/?nick=kiwi_test|?&theme=cli#the_playlist" frameborder="0" style="overflow:hidden;overflow-x:hidden;overflow-y:hidden;height:95%;width:100%;position:absolute;top:0px;left:0px;right:0px;bottom:0px" height="95%" width="100%"></iframe>
- </div>
- <div style="position:absolute;bottom:1px;display:inline-block;background-color:red;">
- <audio controls autoplay="autoplay"><source src="http://lassul.us:8000/radio.ogg" type="audio/ogg">Your browser does not support the audio element.</audio>
- </div>
- <!-- page content -->
- </body>
- </html>
+ services.nginx = {
+ enable = true;
+ virtualHosts."radio.lassul.us" = {
+ forceSSL = true;
+ enableACME = true;
+ locations."/".extraConfig = ''
+ proxy_pass http://localhost:8000;
+ '';
+ locations."/recent".extraConfig = ''
+ alias /tmp/played;
+ '';
+ };
+ virtualHosts."lassul.us".locations."/the_playlist".extraConfig = let
+ html = pkgs.writeText "index.html" ''
+ <!DOCTYPE html>
+ <html lang="en">
+ <head>
+ <meta charset="utf-8">
+ <title>lassulus playlist</title>
+ </head>
+ <body>
+ <div style="display:inline-block;margin:0px;padding:0px;overflow:hidden">
+ <iframe src="https://kiwiirc.com/client/irc.freenode.org/?nick=kiwi_test|?&theme=cli#the_playlist" frameborder="0" style="overflow:hidden;overflow-x:hidden;overflow-y:hidden;height:95%;width:100%;position:absolute;top:0px;left:0px;right:0px;bottom:0px" height="95%" width="100%"></iframe>
+ </div>
+ <div style="position:absolute;bottom:1px;display:inline-block;background-color:red;">
+ <audio controls autoplay="autoplay"><source src="http://lassul.us:8000/radio.ogg" type="audio/ogg">Your browser does not support the audio element.</audio>
+ </div>
+ <!-- page content -->
+ </body>
+ </html>
+ '';
+ in ''
+ default_type "text/html";
+ alias ${html};
'';
- in ''
- default_type "text/html";
- alias ${html};
- '';
+ };
}
diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix
index 44d8984d7..7cdcdf20c 100644
--- a/lass/2configs/reaktor-coders.nix
+++ b/lass/2configs/reaktor-coders.nix
@@ -63,24 +63,6 @@ with import <stockholm/lib>;
-e "@kind $1"
'';
})
- (buildSimpleReaktorPlugin "random-unicorn-porn" {
- pattern = "^!rup$$";
- script = pkgs.writePython2 "rup" {} ''
- t1 = """
- _.
- ;=',_ ()
- 8===D~~ S" .--`||
- sS \__ ||
- __.' ( \-->||
- _=/ _./-\/ ||
- 8===D~~ ((\( /-' -'l ||
- ) |/ \\ (_))
- \\ \\
- '~ '~
- """
- print(t1)
- '';
- })
(buildSimpleReaktorPlugin "ping" {
pattern = "^!ping (?P<args>.*)$$";
script = pkgs.writeDash "ping" ''
diff --git a/lass/2configs/urxvt.nix b/lass/2configs/urxvt.nix
index fa63ddf25..82f3fb2e6 100644
--- a/lass/2configs/urxvt.nix
+++ b/lass/2configs/urxvt.nix
@@ -5,7 +5,7 @@ with import <stockholm/lib>;
services.urxvtd.enable = true;
krebs.xresources.resources.urxvt = ''
- URxvt*SaveLines: 1000000
+ URxvt.saveLines: 100000
URxvt*scrollBar: false
URxvt*urgentOnBell: true
URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select
diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix
index 823d9a8ca..4f7bd4437 100644
--- a/lass/2configs/vim.nix
+++ b/lass/2configs/vim.nix
@@ -2,20 +2,13 @@
with import <stockholm/lib>;
let
- unstable_nixpkgs = import (pkgs.fetchFromGitHub {
- owner = "NixOS";
- repo = "nixpkgs";
- rev = "a8c71037e041725d40fbf2f3047347b6833b1703";
- sha256 = "1z4cchcw7qgjhy0x6mnz7iqvpswc2nfjpdynxc54zpm66khfrjqw";
- }) {};
out = {
environment.systemPackages = [
(hiPrio vim)
- pkgs.python35Packages.flake8
(pkgs.writeDashBin "govet" ''
go vet "$@"
'')
- (hiPrio (unstable_nixpkgs.python3.withPackages (ps: [
+ (hiPrio (pkgs.python3.withPackages (ps: [
ps.python-language-server
ps.pyls-isort
])))
@@ -70,6 +63,8 @@ let
au Syntax * syn match Garbage containedin=ALL /\s\+$/
\ | syn match TabStop containedin=ALL /\t\+/
\ | syn keyword Todo containedin=ALL TODO
+ \ | syn match NBSP '\%xa0'
+ \ | syn match NarrowNBSP '\%u202F'
au BufRead,BufNewFile *.hs so ${hs.vim}
@@ -135,7 +130,7 @@ let
pkgs.vimPlugins.undotree
pkgs.vimPlugins.vim-go
pkgs.vimPlugins.fzf-vim
- unstable_nixpkgs.vimPlugins.LanguageClient-neovim
+ pkgs.vimPlugins.LanguageClient-neovim
(pkgs.vimUtils.buildVimPlugin {
name = "file-line-1.0";
src = pkgs.fetchFromGitHub {
@@ -172,6 +167,8 @@ let
hi Garbage ctermbg=088
hi TabStop ctermbg=016
+ hi NBSP ctermbg=094
+ hi NarrowNBSP ctermbg=097
hi Todo ctermfg=174 ctermbg=NONE
hi NixCode ctermfg=148
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index e1c1313ea..828cab95f 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -66,6 +66,12 @@ in {
])
];
+ services.mysql.ensureDatabases = [ "ubikmedia_de" "o_ubikmedia_de" ];
+ services.mysql.ensureUsers = [
+ { ensurePermissions = { "ubikmedia_de.*" = "ALL"; }; name = "nginx"; }
+ { ensurePermissions = { "o_ubikmedia_de.*" = "ALL"; }; name = "nginx"; }
+ ];
+
services.nginx.virtualHosts."ubikmedia.de".locations."/piwika".extraConfig = ''
try_files $uri $uri/ /index.php?$args;
'';
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 4c29831a2..b72b20928 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -145,8 +145,9 @@ in {
home = "/srv/http/lassul.us";
useDefaultShell = true;
createHome = true;
- openssh.authorizedKeys.keys = [
- config.krebs.users.lass.pubkey
+ openssh.authorizedKeys.keys = with config.krebs.users; [
+ lass.pubkey
+ lass-mors.pubkey
];
};
}
diff --git a/lass/3modules/xjail.nix b/lass/3modules/xjail.nix
index 5b450ed42..974e11c6e 100644
--- a/lass/3modules/xjail.nix
+++ b/lass/3modules/xjail.nix
@@ -120,10 +120,13 @@ with import <stockholm/lib>;
${pkgs.coreutils}/bin/kill $WM_PID
${pkgs.coreutils}/bin/kill $XEPHYR_PID
'';
+ # TODO fix xephyr which doesn't honor resizes anymore
sudo_ = pkgs.writeDash "${cfg.name}-sudo" (if cfg.vglrun then ''
/var/run/wrappers/bin/sudo -u ${cfg.name} -i ${vglrun_} "$@"
'' else ''
- /var/run/wrappers/bin/sudo -u ${cfg.name} -i env DISPLAY=:${cfg.display} ${cfg.script} "$@"
+ #/var/run/wrappers/bin/sudo -u ${cfg.name} -i env DISPLAY=:${cfg.display} ${cfg.script} "$@"
+ /var/run/wrappers/bin/sudo -u ${cfg.name} -i ${cfg.script} "$@"
+
'');
vglrun_ = pkgs.writeDash "${cfg.name}-vglrun" ''
DISPLAY=:${cfg.display} ${pkgs.virtualgl}/bin/vglrun ${cfg.extraVglrunArgs} ${cfg.script} "$@"
@@ -163,7 +166,7 @@ with import <stockholm/lib>;
lass.xjail-bins = mapAttrs' (name: cfg:
nameValuePair name (pkgs.writeScriptBin cfg.name ''
- ${scripts.${name}.existing} "$@"
+ ${scripts.${name}.sudo} "$@"
'')
) config.lass.xjail;
};
diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix
index 3bff9d450..087d54eca 100644
--- a/lass/5pkgs/custom/xmonad-lass/default.nix
+++ b/lass/5pkgs/custom/xmonad-lass/default.nix
@@ -31,6 +31,7 @@ import XMonad.Actions.CycleWS (toggleWS)
import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace)
import XMonad.Actions.DynamicWorkspaces (withWorkspace)
import XMonad.Actions.GridSelect (GSConfig(..), gridselectWorkspace, navNSearch)
+import XMonad.Actions.Minimize (minimizeWindow, maximizeWindow, withLastMinimized)
import XMonad.Hooks.EwmhDesktops (ewmh)
import XMonad.Hooks.FloatNext (floatNext)
import XMonad.Hooks.FloatNext (floatNextHook)
@@ -39,7 +40,7 @@ import XMonad.Hooks.Place (placeHook, smart)
import XMonad.Hooks.UrgencyHook (focusUrgent)
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
import XMonad.Layout.FixedColumn (FixedColumn(..))
-import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin))
+import XMonad.Layout.Minimize (minimize)
import XMonad.Layout.NoBorders (smartBorders)
import XMonad.Layout.SimplestFloat (simplestFloat)
import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
@@ -135,7 +136,7 @@ myKeyMap =
, ("M4-C-v", withWorkspace autoXPConfig (windows . copy))
, ("M4-m", withFocused minimizeWindow)
- , ("M4-S-m", sendMessage RestoreNextMinimizedWin)
+ , ("M4-S-m", withLastMinimized maximizeWindow)
, ("M4-q", windowPromptGoto infixAutoXPConfig)
, ("M4-C-q", windowPromptBringCopy infixAutoXPConfig)
diff --git a/lass/krops.nix b/lass/krops.nix
index 4e045c6db..a898164c3 100644
--- a/lass/krops.nix
+++ b/lass/krops.nix
@@ -22,13 +22,14 @@
in {
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
- deploy = pkgs.krops.writeDeploy "${name}-deploy" {
+ deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeDeploy "${name}-deploy" {
source = source { test = false; };
- target = "root@${name}/var/src";
+ inherit target;
};
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
test = { target }: pkgs.krops.writeTest "${name}-test" {
+ force = true;
inherit target;
source = source { test = true; };
};