summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--jeschli/1systems/bln/config.nix43
-rw-r--r--jeschli/1systems/bln/dcso-vpn.nix44
-rw-r--r--jeschli/1systems/brauerei/config.nix60
-rw-r--r--jeschli/2configs/vim.nix34
-rw-r--r--jeschli/2configs/xserver/default.nix20
-rw-r--r--jeschli/5pkgs/simple/xmonad-jeschli/default.nix9
-rw-r--r--krebs/1systems/onebutton/config.nix30
-rw-r--r--krebs/1systems/onebutton/source.nix2
-rw-r--r--krebs/2configs/buildbot-stockholm.nix1
-rw-r--r--krebs/2configs/reaktor-krebs.nix3
-rw-r--r--krebs/3modules/krebs/default.nix3
-rw-r--r--krebs/3modules/lass/default.nix1
-rw-r--r--krebs/3modules/makefu/default.nix32
-rw-r--r--krebs/5pkgs/simple/Reaktor/plugins.nix50
-rw-r--r--krebs/5pkgs/simple/cholerab/default.nix7
-rw-r--r--krebs/5pkgs/simple/ftb/default.nix4
-rw-r--r--krebs/5pkgs/simple/thesauron/default.nix7
-rw-r--r--krebs/krops.nix2
-rw-r--r--lass/1systems/cabal/config.nix5
-rw-r--r--lass/1systems/helios/config.nix3
-rw-r--r--lass/1systems/mors/config.nix10
-rw-r--r--lass/1systems/prism/config.nix49
-rw-r--r--lass/2configs/baseX.nix4
-rw-r--r--lass/2configs/blue-host.nix1
-rw-r--r--lass/2configs/browsers.nix2
-rw-r--r--lass/2configs/dcso-dev.nix16
-rw-r--r--lass/2configs/dunst.nix6
-rw-r--r--lass/2configs/exim-smarthost.nix1
-rw-r--r--lass/2configs/git.nix12
-rw-r--r--lass/2configs/logf.nix2
-rw-r--r--lass/2configs/reaktor-coders.nix6
-rw-r--r--lass/2configs/repo-sync.nix2
-rw-r--r--lass/2configs/starcraft.nix53
-rw-r--r--lass/2configs/urxvt.nix8
-rw-r--r--lass/2configs/vim.nix28
-rw-r--r--lass/2configs/virtualbox.nix2
-rw-r--r--lass/2configs/websites/domsen.nix8
-rw-r--r--lass/2configs/websites/lassulus.nix16
-rw-r--r--lass/2configs/websites/util.nix2
-rw-r--r--lass/2configs/wine.nix1
-rw-r--r--lass/3modules/xjail.nix10
-rw-r--r--lass/5pkgs/custom/xmonad-lass/default.nix26
-rw-r--r--makefu/0tests/data/secrets/nsupdate-hub.nix1
-rw-r--r--makefu/0tests/data/secrets/uhub.sql0
-rw-r--r--makefu/1systems/gum/config.nix53
-rw-r--r--makefu/1systems/gum/hardware-config.nix46
-rw-r--r--makefu/1systems/kexec/config.nix25
-rw-r--r--makefu/1systems/kexec/source.nix3
-rw-r--r--makefu/1systems/nextgum/config.nix248
-rw-r--r--makefu/1systems/nextgum/hardware-config.nix80
-rw-r--r--makefu/1systems/nextgum/source.nix5
-rw-r--r--makefu/1systems/nextgum/transfer-config.nix7
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix1
-rw-r--r--makefu/2configs/hub.nix102
-rw-r--r--makefu/source.nix4
55 files changed, 1028 insertions, 172 deletions
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index c5f8101ea..371a7052d 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -11,8 +11,22 @@
<stockholm/jeschli/2configs/xserver>
];
- boot.loader.systemd-boot.enable = true;
+# boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
+ boot.loader.efi.efiSysMountPoint = "/boot";
+ boot.loader.grub = {
+ devices = [ "nodev" ];
+ efiSupport = true;
+ enable = true;
+ extraEntries = ''
+ menuentry "Debian" {
+ insmod ext2
+ insmod chain
+ chainloader /EFI/debian/grubx64.efi
+ }
+ '';
+ version = 2;
+ };
jeschliFontSize = 20;
@@ -56,7 +70,6 @@
sqlite
# internet
thunderbird
- hipchat
chromium
google-chrome
# programming languages
@@ -78,6 +91,7 @@
texlive.combined.scheme-full
pandoc
redis
+ vagrant
# document viewer
zathura
];
@@ -92,14 +106,25 @@
services.printing.enable = true;
services.printing.drivers = [ pkgs.postscript-lexmark ];
- # Enable the X11 windowing system.
- services.xserver.videoDrivers = [ "nvidia" ];
+ services.redis.enable = true;
+
+ services.xserver = {
+
+ desktopManager.session = lib.mkForce [];
+
+ enable = true;
+ display = 11;
+ tty = 11;
+
+ dpi = 200;
+
+ videoDrivers = [ "nvidia" ];
+ synaptics = {
+ enable = false;
+ };
+
+ };
-# services.xserver.windowManager.xmonad.enable = true;
-# services.xserver.windowManager.xmonad.enableContribAndExtras = true;
-# services.xserver.displayManager.sddm.enable = true;
-# services.xserver.dpi = 100;
-# fonts.fontconfig.dpi = 100;
users.extraUsers.jeschli = {
isNormalUser = true;
diff --git a/jeschli/1systems/bln/dcso-vpn.nix b/jeschli/1systems/bln/dcso-vpn.nix
new file mode 100644
index 000000000..0a5623bf0
--- /dev/null
+++ b/jeschli/1systems/bln/dcso-vpn.nix
@@ -0,0 +1,44 @@
+with import <stockholm/lib>;
+{ ... }:
+
+{
+
+ users.extraUsers = {
+ dcsovpn = rec {
+ name = "dcsovpn";
+ uid = genid "dcsovpn";
+ description = "user for running dcso openvpn";
+ home = "/home/${name}";
+ };
+ };
+
+ users.extraGroups.dcsovpn.gid = genid "dcsovpn";
+
+ services.openvpn.servers = {
+ dcso = {
+ config = ''
+ client
+ dev tun
+ tun-mtu 1356
+ mssfix
+ proto udp
+ float
+ remote 217.111.55.41 1194
+ nobind
+ user dcsovpn
+ group dcsovpn
+ persist-key
+ persist-tun
+ ca ${toString <secrets/dcsovpn/ca.pem>}
+ cert ${toString <secrets/dcsovpn/cert.pem>}
+ key ${toString <secrets/dcsovpn/cert.key>}
+ verb 3
+ mute 20
+ auth-user-pass ${toString <secrets/dcsovpn/login.txt>}
+ route-method exe
+ route-delay 2
+ '';
+ updateResolvConf = true;
+ };
+ };
+}
diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix
index 49f439a06..5a6ad7652 100644
--- a/jeschli/1systems/brauerei/config.nix
+++ b/jeschli/1systems/brauerei/config.nix
@@ -1,5 +1,5 @@
# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’).
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:
{
imports = [
<stockholm/jeschli>
@@ -8,6 +8,7 @@
<stockholm/jeschli/2configs/emacs.nix>
<stockholm/jeschli/2configs/xdg.nix>
<stockholm/jeschli/2configs/xserver>
+ <stockholm/jeschli/2configs/virtualbox.nix>
];
krebs.build.host = config.krebs.hosts.brauerei;
@@ -24,9 +25,10 @@
preLVM = true;
allowDiscards = true;
} ];
- # networking.hostName = "nixos";
+# networking.hostName = "brauerei";
# Define your hostname.
- networking.wireless.enable = true;
+# networking.wireless.enable = true;
+ networking.networkmanager.enable = true;
# Enables wireless support via wpa_supplicant.
# Select internationalisation properties.
# i18n = {
@@ -66,12 +68,25 @@
chromium
google-chrome
# programming languages
+ elixir
+ elmPackages.elm
exercism
go
gcc
ghc
python35
python35Packages.pip
+ (vagrant.override {
+ bundlerEnv = bundlerEnv.override {
+ bundler = bundler.overrideAttrs (old: {
+ name = "bundler-1.16.1";
+ src = fetchurl {
+ url = "https://rubygems.org/gems/bundler-1.16.1.gem";
+ sha256 = "1s2nq4qnffxg3kwrk7cnwxcvfihlhxm9absl2l6d3qckf3sy1f22";
+ };
+ });
+ };
+ })
# go tools
golint
gotools
@@ -84,6 +99,7 @@
jetbrains.webstorm
jetbrains.goland
# document viewer
+ evince
zathura
# xorg
xorg.xbacklight
@@ -100,33 +116,29 @@
# Enable the OpenSSH daemon.
services.openssh.enable = true;
- # Open ports in the firewall.
- # networking.firewall.allowedTCPPorts = [ ... ];
- # networking.firewall.allowedUDPPorts = [ ... ];
- # Or disable the firewall altogether.
- # networking.firewall.enable = false;
+ services.xserver = {
- # Enable CUPS to print documents.
- # services.printing.enable = true;
+ # Don't install feh into systemPackages
+ # refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
+ desktopManager.session = lib.mkForce [];
- # Enable the X11 windowing system.
- # services.xserver.enable = true;
- # services.xserver.layout = "us";
- # services.xserver.xkbOptions = "eurosign:e";
+ enable = true;
+ display = 11;
+ tty = 11;
+
+ dpi = 96;
- # Enable touchpad support.
- # services.xserver.libinput.enable = true;
+# videoDrivers = [ "nvidia" ];
+ synaptics = {
+ enable = true;
+ twoFingerScroll = true;
+ accelFactor = "0.035";
+ };
+ };
- # Enable the KDE Desktop Environment.
- # services.xserver.displayManager.sddm.enable = true;
- # services.xserver.desktopManager.plasma5.enable = true;
- # services.xserver.displayManager.sddm.enable = true;
- # services.xserver.windowManager.xmonad.enable = true;
- # services.xserver.windowManager.xmonad.enableContribAndExtras = true;
- #
- # Define a user account. Don't forget to set a password with ‘passwd’.
users.extraUsers.jeschli = { # TODO: define as krebs.users
isNormalUser = true;
+ extraGroups = ["docker" "vboxusers"];
uid = 1000;
};
users.extraUsers.jamie = {
diff --git a/jeschli/2configs/vim.nix b/jeschli/2configs/vim.nix
index c13113f1c..586016f60 100644
--- a/jeschli/2configs/vim.nix
+++ b/jeschli/2configs/vim.nix
@@ -11,16 +11,24 @@ let
sha256 = "08l7ricd3j5h2bj9i566byh39v9n5wj5mj75f2c8a5dsc732b2k7";
};
};
- customPlugins.vim-jsx = pkgs.vimUtils.buildVimPlugin {
- name = "vim-jsx";
- src = pkgs.fetchFromGitHub {
- owner = "mxw";
- repo = "vim-jsx";
- rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a";
- sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a";
- };
- };
-
+ customPlugins.vim-jsx = pkgs.vimUtils.buildVimPlugin {
+ name = "vim-jsx";
+ src = pkgs.fetchFromGitHub {
+ owner = "mxw";
+ repo = "vim-jsx";
+ rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a";
+ sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a";
+ };
+ };
+ customPlugins.vim-fileline = pkgs.vimUtils.buildVimPlugin {
+ name = "file-line-1.0";
+ src = pkgs.fetchFromGitHub {
+ owner = "bogado";
+ repo = "file-line";
+ rev = "1.0";
+ sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0";
+ };
+ };
in {
environment.systemPackages = [
(pkgs.vim_configurable.customize {
@@ -33,6 +41,8 @@ in {
setStatements = ''
set autowrite
set clipboard=unnamedplus
+ set listchars=trail:¶
+ set mouse=a
set nocompatible
set path+=**
set ruler
@@ -40,7 +50,6 @@ in {
set undofile "turn on the feature
set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
set wildmenu
- set listchars=trail:¶
'';
remapStatements = ''
imap jk <Esc>
@@ -91,13 +100,14 @@ in {
{ names = [
"ctrlp"
"easymotion"
+ "elm-vim"
+ "vim-fileline"
"molokai"
"nerdtree"
"snipmate"
"surround"
"Syntastic"
"undotree"
- "elm-vim"
];
}
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
diff --git a/jeschli/2configs/xserver/default.nix b/jeschli/2configs/xserver/default.nix
index 748d12258..ec3977c7e 100644
--- a/jeschli/2configs/xserver/default.nix
+++ b/jeschli/2configs/xserver/default.nix
@@ -34,26 +34,6 @@ in {
};
};
- services.xserver = {
-
- # Don't install feh into systemPackages
- # refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
- desktopManager.session = mkForce [];
-
- enable = true;
- display = 11;
- tty = 11;
-
- dpi = 200;
-
- videoDrivers = [ "nvidia" ];
- synaptics = {
- enable = true;
- twoFingerScroll = true;
- accelFactor = "0.035";
- };
- };
-
systemd.services.display-manager.enable = false;
systemd.services.xmonad = {
diff --git a/jeschli/5pkgs/simple/xmonad-jeschli/default.nix b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix
index 60dbbc50c..5aa3c2f96 100644
--- a/jeschli/5pkgs/simple/xmonad-jeschli/default.nix
+++ b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix
@@ -90,7 +90,7 @@ mainNoArgs = do
, startupHook = do
setWMName "LG3D"
whenJustM (liftIO (lookupEnv "XMONAD_STARTUP_HOOK"))
- (\path -> forkFile path [] Nothing)
+ (\path -> forkFile path [] Nothing) <+> setWMName "LG3D"
, normalBorderColor = "#1c1c1c"
, focusedBorderColor = "#f000b0"
, handleEventHook = handleShutdownEvent
@@ -130,13 +130,16 @@ spawnTermAt ws = do
let env' = ("XMONAD_SPAWN_WORKSPACE", ws) : env
forkFile urxvtcPath [] (Just env')
+
myKeys :: XConfig Layout -> Map (KeyMask, KeySym) (X ())
myKeys conf = Map.fromList $
[ ((_4 , xK_Escape ), forkFile "/run/wrappers/bin/slock" [] Nothing)
, ((_4S , xK_c ), kill)
- , ((_4 , xK_p ), forkFile "${pkgs.pass}/bin/passmenu" ["--type"] Nothing)
-
+ , ((_4 , xK_p ), spawn "${pkgs.writeDash "my-dmenu" ''
+ export PATH=$PATH:${pkgs.dmenu}/bin
+ exec dmenu_run "$@"
+ ''}")
, ((_4 , xK_x ), chooseAction spawnTermAt)
, ((_4C , xK_x ), spawnRootTerm)
diff --git a/krebs/1systems/onebutton/config.nix b/krebs/1systems/onebutton/config.nix
index dca00a206..b87aef5a3 100644
--- a/krebs/1systems/onebutton/config.nix
+++ b/krebs/1systems/onebutton/config.nix
@@ -16,6 +16,36 @@
services.nixosManual.enable = false;
services.journald.extraConfig = "SystemMaxUse=50M";
}
+ {
+ systemd.services.mpc-booter = let
+ mpc = "${pkgs.mpc_cli}/bin/mpc -h mpd.shack -p 6600";
+ url = "http://lassul.us:8000/radio.ogg";
+ say = pkgs.writeDash "say" ''
+ tmpfile=$(${pkgs.coreutils}/bin/mktemp)
+ echo "$@" > $tmpfile
+ ${pkgs.curl}/bin/curl -i -H "content-type: text/plain" -X POST -d "@$tmpfile" gobbelz.shack/say/
+ rm "$tmpfile"
+ '';
+ in {
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network-online.target" ];
+ serviceConfig = {
+ RemainAfterExit = "yes";
+ Type = "oneshot";
+ ExecStart = pkgs.writeDash "mpc-boot" ''
+ until ${mpc} stats;do
+ echo "waiting for mpd.shack to appear"
+ sleep 1
+ done
+ ${say} "Willkommen im Shack wertes Mitglied"
+
+ ${say} "Lassulus Super Radio wurde gestartet"
+ ${mpc} add ${url}
+ ${mpc} play
+ '';
+ };
+ };
+ }
];
krebs.build.host = config.krebs.hosts.onebutton;
# NixOS wants to enable GRUB by default
diff --git a/krebs/1systems/onebutton/source.nix b/krebs/1systems/onebutton/source.nix
index 8f25881c9..6842bfaab 100644
--- a/krebs/1systems/onebutton/source.nix
+++ b/krebs/1systems/onebutton/source.nix
@@ -4,7 +4,7 @@ let
nixpkgs = pkgs.fetchFromGitHub {
owner = "nixos";
repo = "nixpkgs-channels";
- rev = "6c064e6b"; # only binary cache for unstable arm6
+ rev = "nixos-unstable"; # only binary cache for unstable arm6
sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd";
};
in import <stockholm/krebs/source.nix> {
diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix
index 04b1c999f..62a5f9ab5 100644
--- a/krebs/2configs/buildbot-stockholm.nix
+++ b/krebs/2configs/buildbot-stockholm.nix
@@ -63,6 +63,7 @@ in
grab_repo = steps.Git(
repourl=stockholm_repo,
mode='full',
+ submodules=True,
)
'';
builder = {
diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix
index fa51b84f0..2e63f1385 100644
--- a/krebs/2configs/reaktor-krebs.nix
+++ b/krebs/2configs/reaktor-krebs.nix
@@ -13,6 +13,9 @@ with import <stockholm/lib>;
};
plugins = with pkgs.ReaktorPlugins; [
sed-plugin
+ task-add
+ task-delete
+ task-list
] ++
(attrValues (todo "agenda"))
;
diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix
index a938f8ec9..e6eb3d287 100644
--- a/krebs/3modules/krebs/default.nix
+++ b/krebs/3modules/krebs/default.nix
@@ -174,5 +174,8 @@ in {
mail = "spam@krebsco.de";
pubkey = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwuAZB3wtAvBJFYh+gWdyGaZU4mtqM2dFXmh2rORlbXeh02msu1uv07ck1VKkQ4LgvCBcBsAOeVa1NTz99eLqutwgcqMCytvRNUCibcoEWwHObsK53KhDJj+zotwlFhnPPeK9+EpOP4ngh/tprJikttos5BwBwe2K+lfiid3fmVPZcTTYa77nCwijimMvWEx6CEjq1wiXMUc4+qcEn8Swbwomz/EEQdNE2hgoC3iMW9RqduTFdIJWnjVi0KaxenX9CvQRGbVK5SSu2gwzN59D/okQOCP6+p1gL5r3QRHSLSSRiEHctVQTkpKOifrtLZGSr5zArEmLd/cOVyssHQPCX repo-sync@wolf'';
};
+ buildbotSlave = {
+ pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7cre2crQMI6O4XtIfIiGl1GUqIi060fJlOQJgG0/NH";
+ };
};
}
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index fd74983fa..e2322e171 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -66,6 +66,7 @@ with import <stockholm/lib>;
ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
+ radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
'';
};
nets = rec {
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index d7a750c6e..c5404f96d 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -520,6 +520,38 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5ZmJSypW3LXIJ67DdbxMxCfLtORFkl5jEuD131S5Tr";
};
+ nextgum = rec {
+ ci = true;
+ cores = 8;
+ nets = rec {
+ internet = {
+ ip4.addr = "144.76.26.247";
+ ip6.addr = "2a01:4f8:191:12f6::2";
+ aliases = [
+ "nextgum.i"
+ ];
+ };
+ retiolum = {
+ via = internet;
+ ip4.addr = "10.243.0.213";
+ ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3";
+ aliases = [
+ "nextgum.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAucCebFmS96WorD+Br4UQudmAhMlLpacErjwA/u2argBTT2nGHTR8
+ aN4e0xf3IYLA+iogLIW/JuQfKLe8evEK21iZ3jleW8N7mbCulhasi/0lqWlirrpO
+ npJAiSNF1m7ijoylkEKxtmehze+8ojprUT2hx1ImMlHMWGxvs+TmBbZBMgxAGMJh
+ 6cMMDJQi+4d9XrJQ3+XUVK3MkviLA91oIAXsLdFptL6b12siUaz4StQXDJUHemBF
+ 3ZwlO+W2Es69ifEhmV6NaDDRcSRdChGbHTz1OU8wYaFNaxWla/iprQQ+jEUldpcN
+ VC18QGYRUAgZ0PCIpKurjWNehJFB3zXt+wIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum";
+ };
gum = rec {
ci = true;
diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix
index 2df76fb2f..db578c457 100644
--- a/krebs/5pkgs/simple/Reaktor/plugins.nix
+++ b/