summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/2configs/mud.nix2
-rw-r--r--krebs/3modules/external/kmein.nix22
-rw-r--r--krebs/3modules/iptables.nix4
-rw-r--r--krebs/5pkgs/simple/untilport/default.nix2
-rw-r--r--krebs/nixpkgs-unstable.json8
-rw-r--r--krebs/nixpkgs.json8
-rw-r--r--lass/2configs/alacritty.nix99
-rw-r--r--lass/2configs/baseX.nix21
-rw-r--r--lass/2configs/fysiirc.nix18
-rw-r--r--lass/2configs/hass/default.nix1
-rw-r--r--lass/2configs/hass/pyscript/.gitignore1
-rw-r--r--lass/2configs/hass/pyscript/default.nix26
-rw-r--r--lass/2configs/hass/pyscript/shell.nix51
-rw-r--r--lass/2configs/pipewire.nix13
-rw-r--r--lass/2configs/print.nix2
-rw-r--r--lass/2configs/themes.nix46
-rw-r--r--lass/2configs/xmonad.nix6
-rw-r--r--lass/5pkgs/l-gen-secrets/default.nix4
18 files changed, 302 insertions, 32 deletions
diff --git a/krebs/2configs/mud.nix b/krebs/2configs/mud.nix
index 30f232b64..a53596cc6 100644
--- a/krebs/2configs/mud.nix
+++ b/krebs/2configs/mud.nix
@@ -5,7 +5,7 @@
MUD_SERVER=''${MUD_SERVER:-127.0.0.1}
MUD_PORT=''${MUD_PORT:-8080}
- if $(${pkgs.netcat-openbsd}/bin/nc -z "$MUD_SERVER" "$MUD_PORT"); then
+ if $(${pkgs.libressl.nc}/bin/nc -z "$MUD_SERVER" "$MUD_PORT"); then
${nvim}/bin/nvim \
+"let g:instant_username = \"$MUD_NICKNAME\"" \
+":InstantJoinSession $MUD_SERVER $MUD_PORT" \
diff --git a/krebs/3modules/external/kmein.nix b/krebs/3modules/external/kmein.nix
index 6e4457eae..52ca718dd 100644
--- a/krebs/3modules/external/kmein.nix
+++ b/krebs/3modules/external/kmein.nix
@@ -116,6 +116,28 @@ in
wireguard.pubkey = "09yVPHL/ucvqc6V5n7vFQ2Oi1LBMdwQZDL+7jBwy+iQ=";
};
};
+ tahina = {
+ nets.retiolum = {
+ ip4.addr = "10.243.2.74";
+ aliases = [ "tahina.r" "tahina.kmein.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAtX6RpdFl9AqCF6Jy9ZhGY1bOUnEw5x3wm8gBK/aFb5592G3sGbWV
+ 5Vv1msdLcoYQ5X4sgp3wizE5tbW7SiRVBwVB4mfYxe5KSiFJvTmXdp/VtKXs/hD8
+ VXNBjCdPeFOZ4Auh4AT+eibA/lW5veOnBkrsD/GkEcAkKb2MMEoxv4VqLDKuNzPv
+ EfE+mIb/J3vJmfpLG/+VGLrCuyShjPR2z0o5KMg8fI4ukcg6vwWwGE3Qd8JkSYMz
+ iy9oIGo/AJNyOUG0vQXL1JU/LFBXKty515UmXR2hO/Xi1w92DT8lxfLYRgoseT2u
+ i4aHmfl49LGkpQVIFejj6R0FrZBd5R2ElmQbmxSKS1PO9VheOOm02fgVXRpeoh6R
+ FdDkFWWmELW921UtEB2jSIMkf5xW8XmlJlGveaDnkld07aQlshnnOUfIs3r7H+T9
+ 9g1QxiE7EFeoLrfIkgT81F+iL6RazSbf9DcTxvrKv+cZBrZKdcurcTtX0wFFD4wZ
+ 0tzYPTcAnv/ytacf2/jv/Vm3xNFyjrBLM6ZtJtZ6NAJvD+OW4G/o2941KCu1Mqz/
+ VFAJW3djrqfASNCU1GqtHV0wdJMN8EszDNYdJ7pyw6+rG2PeYCVfE7wNe3b6zYqY
+ tUYhU1xkQQD4xgOMX3AdSI/JGjxMBBKlJXafwdDW8LMBWBPt+9Xq2vMCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "m8fnOzCx2KVsQx/616+AzVW5OTgAjBGDoT/PpKuyx+I";
+ };
+ };
zaatar = {
nets.retiolum = {
ip4.addr = "10.243.2.34";
diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix
index 3bab13b0e..7007090c0 100644
--- a/krebs/3modules/iptables.nix
+++ b/krebs/3modules/iptables.nix
@@ -125,8 +125,8 @@ let
(interface: interfaceConfig: [
(map (port: { predicate = "-i ${interface} -p tcp --dport ${toString port}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPorts)
(map (port: { predicate = "-i ${interface} -p udp --dport ${toString port}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPorts)
- (map (portRange: { predicate = "-i ${interface} -p tcp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPortRanges)
- (map (portRange: { predicate = "-i ${interface} -p udp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPortRanges)
+ (map (portRange: { predicate = "-i ${interface} -p tcp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) interfaceConfig.allowedTCPPortRanges)
+ (map (portRange: { predicate = "-i ${interface} -p udp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) interfaceConfig.allowedUDPPortRanges)
])
config.networking.firewall.interfaces
);
diff --git a/krebs/5pkgs/simple/untilport/default.nix b/krebs/5pkgs/simple/untilport/default.nix
index 61bcc2b89..2930fd1eb 100644
--- a/krebs/5pkgs/simple/untilport/default.nix
+++ b/krebs/5pkgs/simple/untilport/default.nix
@@ -13,6 +13,6 @@ pkgs.writeDashBin "untilport" ''
if [ $# -ne 2 ]; then
usage
else
- until ${pkgs.netcat-openbsd}/bin/nc -z "$@"; do sleep 1; done
+ until ${pkgs.libressl.nc}/bin/nc -z "$@"; do sleep 1; done
fi
''
diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json
index 71367c2f1..0ab773cb1 100644
--- a/krebs/nixpkgs-unstable.json
+++ b/krebs/nixpkgs-unstable.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "7f9b6e2babf232412682c09e57ed666d8f84ac2d",
- "date": "2022-02-21T09:47:16+01:00",
- "path": "/nix/store/4vd9z4b2s4jfn96ypdfavizy6908l71h-nixpkgs",
- "sha256": "03nb8sbzgc3c0qdr1jbsn852zi3qp74z4qcy7vrabvvly8rbixp2",
+ "rev": "ff9efb0724de5ae0f9db9df2debefced7eb1571d",
+ "date": "2022-04-12T21:26:28-03:00",
+ "path": "/nix/store/85qw9pp6zxy2dcgshm2xkhhhccrnp8hy-nixpkgs",
+ "sha256": "188h461pilsiym2dqzl17vx1g9pb816cwdi0az9mbw207w721avz",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index e7760128f..5daeb5f44 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "47cd6702934434dd02bc53a67dbce3e5493e33a2",
- "date": "2022-03-04T16:09:08+01:00",
- "path": "/nix/store/xbb640k873m7nmchdrnijl0f9n540ys6-nixpkgs",
- "sha256": "1rvp9gx7n0gppc86bcysaybw79zl3y8yninsgz6rawdjprzvg7y6",
+ "rev": "2f06b87f64bc06229e05045853e0876666e1b023",
+ "date": "2022-04-14T11:00:29-03:00",
+ "path": "/nix/store/bxspkr9qcbkzgrx16axi2qqbny9hcbvz-nixpkgs",
+ "sha256": "1d7zg96xw4qsqh7c89pgha9wkq3rbi9as3k3d88jlxy2z0ns0cy2",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
diff --git a/lass/2configs/alacritty.nix b/lass/2configs/alacritty.nix
new file mode 100644
index 000000000..a57dc7c25
--- /dev/null
+++ b/lass/2configs/alacritty.nix
@@ -0,0 +1,99 @@
+{ config, lib, pkgs, ... }: let
+
+ alacritty-cfg = extrVals: builtins.toJSON ({
+ font = {
+ normal = {
+ family = "Inconsolata";
+ style = "Regular";
+ };
+ bold = {
+ family = "Inconsolata";
+ style = "Bold";
+ };
+ italic = {
+ family = "Inconsolata";
+ style = "Italic";
+ };
+ bold_italic = {
+ family = "Inconsolata";
+ style = "Bold Italic";
+ };
+ size = 8;
+ };
+ live_config_reload = true;
+ window.dimensions = {
+ columns = 80;
+ lines = 20;
+ };
+ # window.opacity = 0;
+ hints.enabled = [
+ {
+ regex = ''(mailto:|gemini:|gopher:|https:|http:|news:|file:|git:|ssh:|ftp:)[^\u0000-\u001F\u007F-\u009F<>"\s{-}\^⟨⟩`]+'';
+ command = "/run/current-system/sw/bin/xdg-open";
+ post_processing = true;
+ mouse.enabled = true;
+ binding = {
+ key = "U";
+ mods = "Alt";
+ };
+ }
+ ];
+ } // extrVals);
+
+ alacritty = pkgs.symlinkJoin {
+ name = "alacritty";
+ paths = [
+ (pkgs.writeDashBin "alacritty" ''
+ ${pkgs.alacritty}/bin/alacritty --config-file /var/theme/config/alacritty.yaml "$@"
+ '')
+ pkgs.alacritty
+ ];
+ };
+
+in {
+ environment.etc = {
+ "themes/light/alacritty.yaml".text = alacritty-cfg {
+ colors = {
+ # Default colors
+ primary = {
+ # hard contrast: background = '#f9f5d7'
+ # background = "#fbf1c7";
+ background = "#f9f5d7";
+ # soft contrast: background = '#f2e5bc'
+ foreground = "#3c3836";
+ };
+
+ # Normal colors
+ normal = {
+ black = "#fbf1c7";
+ red = "#cc241d";
+ green = "#98971a";
+ yellow = "#d79921";
+ blue = "#458588";
+ magenta = "#b16286";
+ cyan = "#689d6a";
+ white = "#7c6f64";
+ };
+
+ # Bright colors
+ bright = {
+ black = "#928374";
+ red = "#9d0006";
+ green = "#79740e";
+ yellow = "#b57614";
+ blue = "#076678";
+ magenta = "#8f3f71";
+ cyan = "#427b58";
+ white = "#3c3836";
+ };
+ };
+ };
+ "themes/dark/alacritty.yaml".text = alacritty-cfg {
+ colors.primary = {
+ background = "#000000";
+ foreground = "#ffffff";
+ };
+ };
+ };
+ environment.systemPackages = [ alacritty ];
+}
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 59d1e0182..22a3037d7 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -4,6 +4,7 @@ let
user = config.krebs.build.user;
in {
imports = [
+ ./alacritty.nix
./mpv.nix
./power-action.nix
./copyq.nix
@@ -13,6 +14,7 @@ in {
./pipewire.nix
./tmux.nix
./xmonad.nix
+ ./themes.nix
{
krebs.per-user.lass.packages = [
pkgs.sshuttle
@@ -55,7 +57,7 @@ in {
environment.systemPackages = with pkgs; [
acpi
acpilight
- ag
+ ripgrep
cabal2nix
dic
dmenu
@@ -96,12 +98,17 @@ in {
'')
];
- fonts.fonts = with pkgs; [
- hack-font
- hasklig
- symbola
- xlibs.fontschumachermisc
- ];
+ fonts = {
+ fontDir.enable = true;
+ enableGhostscriptFonts = true;
+
+ fonts = with pkgs; [
+ hack-font
+ xorg.fontschumachermisc
+ terminus_font_ttf
+ inconsolata
+ ];
+ };
services.udev.extraRules = ''
SUBSYSTEM=="backlight", ACTION=="add", \
diff --git a/lass/2configs/fysiirc.nix b/lass/2configs/fysiirc.nix
index f3c1d5b7c..e12eda42e 100644
--- a/lass/2configs/fysiirc.nix
+++ b/lass/2configs/fysiirc.nix
@@ -54,14 +54,20 @@ in {
name = "reaktor2-fysiweb-github";
};
script = ''. ${pkgs.writeDash "github-irc" ''
- set -efu
+ set -xefu
case "$Method $Request_URI" in
"POST /")
- payload=$(head -c "$req_content_length" \
- | sed 's/+/ /g;s/%\(..\)/\\x\1/g;' \
- | xargs -0 echo -e \
- )
- echo "$payload" | ${format-github-message}/bin/format-github-message
+ payload=$(head -c "$req_content_length")
+ echo "$payload" >&2
+ payload2=$payload
+ payload2=$(echo "$payload" | tr '\n' ' ' | tr -d '\r')
+ if [ "$payload" != "$payload2" ]; then
+ echo "payload has been mangled" >&2
+ else
+ echo "payload not mangled" >&2
+ fi
+ echo "$payload2" > /tmp/last_fysi_payload
+ echo "$payload2" | ${format-github-message}/bin/format-github-message
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix
index 8f93e0cec..cc8189f51 100644
--- a/lass/2configs/hass/default.nix
+++ b/lass/2configs/hass/default.nix
@@ -19,6 +19,7 @@ let
in {
imports = [
+ ./pyscript
./zigbee.nix
./rooms/bett.nix
./rooms/essen.nix
diff --git a/lass/2configs/hass/pyscript/.gitignore b/lass/2configs/hass/pyscript/.gitignore
new file mode 100644
index 000000000..282debf56
--- /dev/null
+++ b/lass/2configs/hass/pyscript/.gitignore
@@ -0,0 +1 @@
+hass_token
diff --git a/lass/2configs/hass/pyscript/default.nix b/lass/2configs/hass/pyscript/default.nix
new file mode 100644
index 000000000..c56967e4b
--- /dev/null
+++ b/lass/2configs/hass/pyscript/default.nix
@@ -0,0 +1,26 @@
+{ config, lib, pkgs, ... }:
+{
+ systemd.tmpfiles.rules = [
+ "L+ /var/lib/hass/custom_components/pyscript - - - - ${pkgs.fetchzip {
+ url = "https://github.com/custom-components/pyscript/releases/download/1.3.2/hass-custom-pyscript.zip";
+ sha256 = "0cqdjj46s5xp4mqxb0ic790jm1xp3z0zr2n9f7bsfl5zpvdshl8z";
+ stripRoot = false;
+ }}"
+ ];
+
+ services.home-assistant = {
+ package = (pkgs.home-assistant.overrideAttrs (old: {
+ doInstallCheck = false;
+ })).override {
+ extraPackages = pp: [ pp.croniter ];
+ };
+ config.pyscript = {
+ allow_all_imports = true;
+ hass_is_global = true;
+ };
+ };
+
+ networking.firewall.interfaces.retiolum.allowedTCPPortRanges = [
+ { from = 50321; to = 50341; } # for ipython interactive debugging
+ ];
+}
diff --git a/lass/2configs/hass/pyscript/shell.nix b/lass/2configs/hass/pyscript/shell.nix
new file mode 100644
index 000000000..3cfac0275
--- /dev/null
+++ b/lass/2configs/hass/pyscript/shell.nix
@@ -0,0 +1,51 @@
+{ pkgs ? import <nixpkgs> {} }: let
+
+ hass_host = "styx.r";
+ hass_token = builtins.readFile ./hass_token;
+
+ mach-nix = import (builtins.fetchGit {
+ url = "https://github.com/DavHau/mach-nix/";
+ ref = "refs/tags/3.4.0";
+ }) {
+ pkgs = pkgs;
+ };
+ pyenv = mach-nix.mkPython {
+ requirements = ''
+ hass_pyscript_kernel
+ '';
+ };
+ jupyter = import (builtins.fetchGit {
+ url = https://github.com/tweag/jupyterWith;
+ ref = "master";
+ }) {};
+
+ pyscriptKernel = {
+ spec = pkgs.runCommand "pyscript" {} ''
+ mkdir -p $out/kernels/pyscript
+ cp ${kernel_json} $out/kernels/pyscript/kernel.json
+ cp ${pyscript_conf} $out/kernels/pyscript/pyscript.conf
+ '';
+ runtimePackages = [ pyenv ];
+ };
+
+ kernel_json = pkgs.writeText "kernel.json" (builtins.toJSON {
+ argv = [
+ "${pyenv}/bin/python3" "-m" "hass_pyscript_kernel"
+ "-f" "{connection_file}"
+ ];
+ display_name = "hass_pyscript";
+ language = "python";
+ });
+
+ pyscript_conf = pkgs.writeText "pyscript.conf" ''
+ [homeassistant]
+ hass_host = ${hass_host}
+ hass_url = http://''${hass_host}:8123
+ hass_token = ${hass_token}
+ '';
+
+ jupyterEnvironment = jupyter.jupyterlabWith {
+ kernels = [ pyscriptKernel ];
+ };
+
+in jupyterEnvironment.env
diff --git a/lass/2configs/pipewire.nix b/lass/2configs/pipewire.nix
index 24de0e9ed..f6ccd48d4 100644
--- a/lass/2configs/pipewire.nix
+++ b/lass/2configs/pipewire.nix
@@ -10,7 +10,7 @@
environment.systemPackages = with pkgs; [
alsaUtils
- pulseaudioLight
+ pulseaudio
ponymix
];
@@ -22,4 +22,15 @@
pulse.enable = true;
jack.enable = true;
};
+
+ systemd.services.wireplumber = {
+ environment = {
+ HOME = "/var/lib/wireplumber";
+ DISPLAY = ":0";
+ };
+ path = [
+ pkgs.dbus
+ ];
+ serviceConfig.StateDirectory = "wireplumber";
+ };
}
diff --git a/lass/2configs/print.nix b/lass/2configs/print.nix
index e2d021641..c2b3e8377 100644
--- a/lass/2configs/print.nix
+++ b/lass/2configs/print.nix
@@ -3,7 +3,7 @@
services.printing = {
enable = true;
drivers = [
- pkgs.foomatic_filters
+ pkgs.foomatic-filters
pkgs.gutenprint
];
};
diff --git a/lass/2configs/themes.nix b/lass/2configs/themes.nix
new file mode 100644
index 000000000..dd98b2ef2
--- /dev/null
+++ b/lass/2configs/themes.nix
@@ -0,0 +1,46 @@
+{ config, lib, pkgs, ... }: let
+
+ switch-theme = pkgs.writers.writeDashBin "switch-theme" ''
+ if test -e "/etc/themes/$1"; then
+ ${pkgs.rsync}/bin/rsync --chown=lass:users -a --delete "/etc/themes/$1/" /var/theme/config/
+ echo "$1" > /var/theme/current_theme
+ chown lass:users /var/theme/current_theme
+ ${pkgs.procps}/bin/pkill -HUP xsettingsd
+
+ else
+ echo "theme $1 not found"
+ fi
+ '';
+
+in {
+ systemd.services.xsettingsd = {
+ wantedBy = [ "multi-user.target" ];
+ environment.DISPLAY = ":0";
+ serviceConfig = {
+ ExecStart = "${pkgs.xsettingsd}/bin/xsettingsd -c /var/theme/config/xsettings.conf";
+ User = "lass";
+ };
+ };
+ systemd.tmpfiles.rules = [
+ "d /var/theme/ 755 lass users"
+ ];
+ environment.systemPackages = [
+ switch-theme
+ ];
+ environment.etc = {
+ "themes/light/xsettings.conf".text = ''
+ Net/ThemeName "Adwaita"
+ '';
+ "themes/dark/xsettings.conf".text = ''
+ Net/ThemeName "Adwaita-dark"
+ '';
+ };
+ system.activationScripts.theme.text = ''
+ if test -e /var/theme/current_theme; then
+ ${switch-theme}/bin/switch-theme "$(cat /var/theme/current_theme)" ||
+ ${switch-theme}/bin/switch-theme dark
+ else
+ ${switch-theme}/bin/switch-theme dark
+ fi
+ '';
+}
diff --git a/lass/2configs/xmonad.nix b/lass/2configs/xmonad.nix
index 099900d90..495b43372 100644
--- a/lass/2configs/xmonad.nix
+++ b/lass/2configs/xmonad.nix
@@ -123,9 +123,9 @@ myKeyMap =
, ("M4-S-q", restart "xmonad" True)
- , ("<XF86AudioMute>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-mute @DEFAULT_SINK@ toggle")
- , ("<XF86AudioRaiseVolume>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ +4%")
- , ("<XF86AudioLowerVolume>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ -4%")
+ , ("<XF86AudioMute>", spawn "${pkgs.pulseaudio.out}/bin/pactl -- set-sink-mute @DEFAULT_SINK@ toggle")
+ , ("<XF86AudioRaiseVolume>", spawn "${pkgs.pulseaudio.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ +4%")
+ , ("<XF86AudioLowerVolume>", spawn "${pkgs.pulseaudio.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ -4%")
, ("<XF86MonBrightnessDown>", spawn "${pkgs.acpilight}/bin/xbacklight -time 0 -dec 1")
, ("<XF86MonBrightnessUp>", spawn "${pkgs.acpilight}/bin/xbacklight -time 0 -inc 1")
, ("M4-C-k", spawn "${pkgs.xorg.xkill}/bin/xkill")
diff --git a/lass/5pkgs/l-gen-secrets/default.nix b/lass/5pkgs/l-gen-secrets/default.nix
index 6cf28c3c2..d999a4334 100644
--- a/lass/5pkgs/l-gen-secrets/default.nix
+++ b/lass/5pkgs/l-gen-secrets/default.nix
@@ -8,8 +8,8 @@ pkgs.writeDashBin "l-gen-secrets" ''
${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null
${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null
${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null
- ${pkgs.wireguard}/bin/wg genkey > $TMPDIR/wiregrill.key
- ${pkgs.coreutils}/bin/cat $TMPDIR/wiregrill.key | ${pkgs.wireguard}/bin/wg pubkey > $TMPDIR/wiregrill.pub
+ ${pkgs.wireguard-tools}/bin/wg genkey > $TMPDIR/wiregrill.key
+ ${pkgs.coreutils}/bin/cat $TMPDIR/wiregrill.key | ${pkgs.wireguard-tools}/bin/wg pubkey > $TMPDIR/wiregrill.pub
cat <<EOF > $TMPDIR/hashedPasswords.nix
{
root = "$HASHED_PASSWORD";