summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/lass/default.nix36
-rw-r--r--krebs/5pkgs/simple/kpaste/default.nix4
-rw-r--r--lass/1systems/morpheus/config.nix25
-rw-r--r--lass/1systems/morpheus/physical.nix47
-rw-r--r--lass/2configs/hass/default.nix1
-rw-r--r--lass/2configs/hass/lib.nix2
-rw-r--r--lass/2configs/pass.nix2
-rw-r--r--lass/2configs/vim.nix23
-rw-r--r--makefu/1systems/omo/config.nix13
-rw-r--r--makefu/1systems/omo/hw/omo.nix19
-rw-r--r--makefu/1systems/omo/source.nix1
-rw-r--r--makefu/2configs/urlwatch/default.nix14
-rw-r--r--makefu/5pkgs/awesomecfg/full.cfg28
13 files changed, 167 insertions, 48 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 9c2c0e94c..2a75cc1bb 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -565,6 +565,42 @@ in {
ci = false;
syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ";
};
+ morpheus = {
+ cores = 1;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.0.19";
+ ip6.addr = r6 "012f";
+ aliases = [
+ "morpheus.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAptrlSKQKsBH2QMQxllZR94S/fXneajpJifRjXR5bi+7ME2ThdQXY
+ T7yWiKaUuBJThWged9PdPltLUEMmv+ubQqpWHZq442VWSS36r1yMSGpUeKK+oYMN
+ /Sfu+1yC4m2uXno95wpJZIcDfbbn26jT6ldJ4Yd97zyrXKljvcdrz3wZzQq0tojh
+ S5Q59x/aQMJbnQpnlFnMIEVgULuFPW16+vPGsXIPdYNggaF1avcBaFl8i3M0EZVz
+ Swn4hArDynDJhR7M0QdlwOpOh7O+1iOnmXqqei3LxMVHb+YtzfHgxOPxggUsy7CR
+ bj9uBR9loGwgmZwaxXd1Vfbw8kn/feOb9FcW73u+SZyzwEA9HFRV0jGQe3P9mGfI
+ Bwe02DOTVXEB8jTAGCw5T3bXLIOX8kqdlCECuAWFfrt8H+GjZDuGUWRcMn32orMz
+ sMvkab95ZOHK6Q31mrhILOIOdyZWKPZIabL3HF6CZtu52h6MDHbmGS0w0OJYhj2+
+ VnT9ZBoaeooVg8QOE43rCXvmL5vzhLKrj4s/53wTGG5SpzLs9Q9rrJVgAnz4YQ7j
+ 3Ov5q3Zxyr+vO6O7Pb5X49vCQw/jzK41S0/15GEmKcoxXemzeZCpX1mbeeTUtLvA
+ U7OJwldrElzictBJ1gT94L4BDvoGZVqAkXJCJPamfsWaiw6SsMqtTfECAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ wiregrill = {
+ ip6.addr = w6 "012f";
+ aliases = [
+ "morpheus.w"
+ ];
+ wireguard.pubkey = "BdiIHJjJQThmZD8DehxPGA+bboBHjljedwaRaV5yyDY=";
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXS60mmNWMdMRvaPxGn91Cm/hm7zY8xn5rkI4n2KG/f ";
+ };
hilum = {
cores = 1;
nets = {
diff --git a/krebs/5pkgs/simple/kpaste/default.nix b/krebs/5pkgs/simple/kpaste/default.nix
index 217cb8a44..9820c931d 100644
--- a/krebs/5pkgs/simple/kpaste/default.nix
+++ b/krebs/5pkgs/simple/kpaste/default.nix
@@ -1,6 +1,6 @@
{ curl, gnused, writeDashBin }:
writeDashBin "kpaste" ''
- ${curl}/bin/curl -sS http://p.r --data-binary @- |
- ${gnused}/bin/sed '$ {p;s/\<r\>/krebsco.de/}'
+ ${curl}/bin/curl -sS http://p.r --data-binary @"''${1:--}" |
+ ${gnused}/bin/sed '$ {p;s|http://p.r|https://p.krebsco.de|}'
''
diff --git a/lass/1systems/morpheus/config.nix b/lass/1systems/morpheus/config.nix
new file mode 100644
index 000000000..c3a8ea6c8
--- /dev/null
+++ b/lass/1systems/morpheus/config.nix
@@ -0,0 +1,25 @@
+{ config, pkgs, ... }:
+with import <stockholm/lib>;
+{
+ imports = [
+ <stockholm/lass>
+ <stockholm/lass/2configs/retiolum.nix>
+ ];
+
+ krebs.build.host = config.krebs.hosts.morpheus;
+
+ networking.wireless.enable = false;
+ networking.networkmanager.enable = true;
+
+ services.logind.lidSwitch = "ignore";
+ services.logind.lidSwitchDocked = "ignore";
+
+ environment.systemPackages = with pkgs; [
+ gitAndTools.hub
+ nix-review
+ firefox
+ ];
+
+ services.openssh.forwardX11 = true;
+ programs.x2goserver.enable = true;
+}
diff --git a/lass/1systems/morpheus/physical.nix b/lass/1systems/morpheus/physical.nix
new file mode 100644
index 000000000..3fb03cda4
--- /dev/null
+++ b/lass/1systems/morpheus/physical.nix
@@ -0,0 +1,47 @@
+{
+ imports = [
+ ./config.nix
+ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+ ];
+
+ boot.loader.grub.enable = true;
+ boot.loader.grub.version = 2;
+ boot.loader.grub.efiSupport = true;
+ boot.loader.grub.efiInstallAsRemovable = true;
+ boot.loader.grub.device = "nodev";
+
+ networking.hostId = "06442b9a";
+
+ fileSystems."/" = {
+ device = "/dev/pool/root";
+ fsType = "btrfs";
+ };
+
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/1F60-17C6";
+ fsType = "vfat";
+ };
+
+ fileSystems."/home" = {
+ device = "/dev/pool/home";
+ fsType = "btrfs";
+ };
+
+ fileSystems."/tmp" = {
+ device = "tmpfs";
+ fsType = "tmpfs";
+ options = ["nosuid" "nodev" "noatime"];
+ };
+ boot.initrd.luks = {
+ cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
+ devices = [{
+ name = "luksroot";
+ device = "/dev/nvme0n1p3";
+ }];
+ };
+
+ services.udev.extraRules = ''
+ SUBSYSTEM=="net", ATTR{address}=="f8:59:71:a9:05:65", NAME="wl0"
+ SUBSYSTEM=="net", ATTR{address}=="54:e1:ad:4f:06:83", NAME="et0"
+ '';
+}
diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix
index 639ba3d3f..a48c61a69 100644
--- a/lass/2configs/hass/default.nix
+++ b/lass/2configs/hass/default.nix
@@ -14,6 +14,7 @@ with import ./lib.nix { inherit lib; };
{ predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
{ predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass
{ predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass
+ { predicate = "-i wiregrill -p tcp --dport 8123"; target = "ACCEPT"; } # hass
];
services.home-assistant = {
diff --git a/lass/2configs/hass/lib.nix b/lass/2configs/hass/lib.nix
index 555cfae28..9281a19ec 100644
--- a/lass/2configs/hass/lib.nix
+++ b/lass/2configs/hass/lib.nix
@@ -99,7 +99,7 @@ rec {
conditions = [
{
condition = "template";
- value_template = "{{ trigger.to_state.attributes.illuminance < 13000 }}";
+ value_template = "{{ trigger.to_state.attributes.illuminance < 7500 }}";
}
{
condition = "template";
diff --git a/lass/2configs/pass.nix b/lass/2configs/pass.nix
index 156ebcae7..6b2a0142a 100644
--- a/lass/2configs/pass.nix
+++ b/lass/2configs/pass.nix
@@ -1,7 +1,7 @@
{ config, pkgs, ... }:
{
- krebs.per-user.lass.packages = with pkgs; [
+ users.users.lass.packages = with pkgs; [
(pass.withExtensions (ext: [ ext.pass-otp ]))
gnupg
];
diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix
index f55886e2e..0e4ac5394 100644
--- a/lass/2configs/vim.nix
+++ b/lass/2configs/vim.nix
@@ -127,7 +127,6 @@ let
extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [
pkgs.vimPlugins.ack-vim
- pkgs.vimPlugins.Gundo
pkgs.vimPlugins.undotree
pkgs.vimPlugins.vim-go
pkgs.vimPlugins.fzf-vim
@@ -155,26 +154,26 @@ let
let colors_name = ${toJSON name}
- hi Normal ctermbg=235
- hi Comment ctermfg=242
- hi Constant ctermfg=062
- hi Identifier ctermfg=068
+ hi Normal ctermbg=016
+ hi Comment ctermfg=255
+ hi Constant ctermfg=229
+ hi Identifier ctermfg=123
hi Function ctermfg=041
hi Statement ctermfg=167
hi PreProc ctermfg=167
- hi Type ctermfg=041
+ hi Type ctermfg=046
hi Delimiter ctermfg=251
- hi Special ctermfg=062
+ hi Special ctermfg=146
- hi Garbage ctermbg=088
- hi TabStop ctermbg=016
- hi NBSP ctermbg=094
+ hi Garbage ctermbg=124
+ hi TabStop ctermbg=020
+ hi NBSP ctermbg=056
hi NarrowNBSP ctermbg=097
hi Todo ctermfg=174 ctermbg=NONE
- hi NixCode ctermfg=148
+ hi NixCode ctermfg=190
hi NixData ctermfg=149
- hi NixQuote ctermfg=150
+ hi NixQuote ctermfg=119
hi diffNewFile ctermfg=207
hi diffFile ctermfg=207
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index cfe0d0a3f..34bd42592 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -11,19 +11,26 @@ in {
./hw/omo.nix
#./hw/tsp.nix
<stockholm/makefu>
- { environment.systemPackages = with pkgs;[ tmux picocom ];}
+ <stockholm/makefu/2configs/headless.nix>
<stockholm/makefu/2configs/support-nixos.nix>
+ <stockholm/makefu/2configs/nur.nix>
+
<stockholm/makefu/2configs/zsh-user.nix>
+ <stockholm/makefu/2configs/home-manager>
+ <stockholm/makefu/2configs/home-manager/cli.nix>
+ <stockholm/makefu/2configs/editor/neovim>
+
+
<stockholm/makefu/2configs/backup/state.nix>
<stockholm/makefu/2configs/exim-retiolum.nix>
# <stockholm/makefu/2configs/smart-monitor.nix>
<stockholm/makefu/2configs/mail-client.nix>
<stockholm/makefu/2configs/mosh.nix>
<stockholm/makefu/2configs/tools/core.nix>
+ <stockholm/makefu/2configs/tools/dev.nix>
<stockholm/makefu/2configs/tools/desktop.nix>
<stockholm/makefu/2configs/tools/mobility.nix>
{ environment.systemPackages = [ pkgs.esniper ]; }
- # <stockholm/makefu/2configs/disable_v6.nix>
#<stockholm/makefu/2configs/graphite-standalone.nix>
#<stockholm/makefu/2configs/share-user-sftp.nix>
@@ -108,7 +115,7 @@ in {
];
makefu.full-populate = true;
nixpkgs.config.allowUnfree = true;
- krebs.rtorrent = (builtins.trace (builtins.toJSON config.services.telegraf.extraConfig)) {
+ krebs.rtorrent = {
downloadDir = lib.mkForce "/media/cryptX/torrent";
extraConfig = ''
upload_rate = 500
diff --git a/makefu/1systems/omo/hw/omo.nix b/makefu/1systems/omo/hw/omo.nix
index 87af2a314..586ad98c4 100644
--- a/makefu/1systems/omo/hw/omo.nix
+++ b/makefu/1systems/omo/hw/omo.nix
@@ -80,18 +80,19 @@ in {
boot = {
initrd.luks = {
devices = let
- usbkey = name: device: {
- inherit name device keyFile;
+ usbkey = device: {
+ inherit device keyFile;
keyFileSize = 4096;
allowDiscards = true;
};
- in [
- (usbkey "luksroot" rootPartition)
- (usbkey "crypt0" cryptDisk0)
- (usbkey "crypt1" cryptDisk1)
- (usbkey "crypt2" cryptDisk2)
- (usbkey "crypt3" cryptDisk3)
- ];
+ in
+ {
+ luksroot = usbkey rootPartition;
+ crypt0 = usbkey cryptDisk0;
+ crypt1 = usbkey cryptDisk1;
+ crypt2 = usbkey cryptDisk2;
+ crypt3 = usbkey cryptDisk3;
+ };
};
loader.grub.device = lib.mkForce rootDisk;
diff --git a/makefu/1systems/omo/source.nix b/makefu/1systems/omo/source.nix
index 05c17377f..b56e855fc 100644
--- a/makefu/1systems/omo/source.nix
+++ b/makefu/1systems/omo/source.nix
@@ -2,4 +2,5 @@
name="omo";
torrent = true;
unstable = true;
+ home-manager = true;
}
diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix
index f93d47caa..b07a1e807 100644
--- a/makefu/2configs/urlwatch/default.nix
+++ b/makefu/2configs/urlwatch/default.nix
@@ -5,11 +5,15 @@ let
url = "https://github.com/${name}/releases.atom";
filter = "grepi:(<updated|<media.thumbnail)";
};
+ lidl = url: {
+ inherit url;
+ filter = "grepi:<!-- sf";
+ };
in {
krebs.urlwatch = {
enable = true;
mailto = config.krebs.users.makefu.mail;
- onCalendar = "*-*-* 05:00:00";
+ onCalendar = "*-*-* 03,15:13:37";
hooksFile = ./hook.py;
urls = [
## nixpkgs maintenance
@@ -30,7 +34,6 @@ in {
https://pypi.python.org/simple/pyserial/
https://pypi.python.org/simple/semantic_version/
# weird shit
- http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/
http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
@@ -40,18 +43,23 @@ in {
url = https://newellrubbermaid.secure.force.com/dymopkb/articles/en_US/FAQ/Dymo-Drivers-and-Downloads/?l=en_US&c=Segment:Dymo&fs=Search&pn=1 ;
filter = "grep:Software/Linux/dymo-cups-drivers";
}
+
+ # shopping
+ ( lidl https://www.lidl.de/de/parkside-nass-trockensauger-pnts-1500-d5/p303117 )
+
# TODO: dymo cups
] ++ map grss [
"amadvance/snapraid"
"radare/radare2"
"ovh/python-ovh"
"embray/d2to1"
- "Mic92/vicious"
+ "vicious-widgets/vicious"
"embray/d2to1"
"dorimanx/exfat-nofuse"
"rapid7/metasploit-framework"
"GothenburgBitFactory/taskserver"
"GothenburgBitFactory/taskwarrior"
+ "mhagger/cvs2svn"
];
};
}
diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg
index 83dd79b4d..2abfe503d 100644
--- a/makefu/5pkgs/awesomecfg/full.cfg
+++ b/makefu/5pkgs/awesomecfg/full.cfg
@@ -243,7 +243,7 @@ awful.screen.connect_for_each_screen(function(s)
set_wallpaper(s)
-- Each screen has its own tag table.
- awful.tag({ "tmp", "news", "www", "im", "work1","work2","net","misc","remote" }, s, awful.layout.layouts[1])
+ awful.tag({ "tmp", "ssh", "www", "im", "mail","work","net","misc","remote" }, s, awful.layout.layouts[1])
-- Create a promptbox for each screen
s.mypromptbox = awful.widget.prompt()
@@ -486,14 +486,12 @@ awful.rules.rules = {
focus = awful.client.focus.filter,
keys = clientkeys,
buttons = clientbuttons } },
- { rule = { class = "MPlayer" },
- properties = { floating = true } },
+ --{ rule = { class = "MPlayer" },
+ -- properties = { floating = true } },
{ rule = { class = "pinentry" },
properties = { floating = true } },
- { rule = { class = "gimp" },
- properties = { floating = true } },
- { rule = { class = "Anamnesis" },
- properties = { floating = true } },
+ --{ rule = { class = "gimp" },
+ -- properties = { floating = true } },
-- Set Firefox to always map on tags number 2 of screen 1.
-- { rule = { class = "Firefox" },
-- properties = { tag = tags[1][2] } },
@@ -571,16 +569,12 @@ local os = {
-- {{{ autostart
do
- local cmds =
- {
- -- "@networkmanagerapplet@/bin/nm-applet",
- -- "@blueman@/bin/blueman-applet",
- -- "@clipit@/bin/clipit"
- }
-
- for _,i in pairs(cmds) do
- awful.util.spawn(i)
- end
+ awful.spawn("urxvt", { tag = tags[1] }) # dev shell
+ awful.spawn("urxvt -e mosh makefu@gum.i", { tag = tags[2] })
+ awful.spawn("firefox", { tag = tags[3] })
+ awful.spawn("telegram-desktop", { tag = tags[4] })
+ awful.spawn("signal-desktop", { tag = tags[4] })
+ awful.spawn("urxvt -e mutt", { tag = tags[5] })
end
-- }}}