summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/base.nix7
-rw-r--r--lass/2configs/browsers.nix13
-rw-r--r--lass/2configs/cbase.nix93
-rw-r--r--lass/2configs/retiolum.nix2
-rw-r--r--lass/2configs/weechat.nix13
5 files changed, 115 insertions, 13 deletions
diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix
index d2c96fdaa..51a6d9da8 100644
--- a/lass/2configs/base.nix
+++ b/lass/2configs/base.nix
@@ -54,8 +54,8 @@ with config.krebs.lib;
#secrets-common = "/home/lass/secrets/common";
stockholm = "/home/lass/stockholm";
nixpkgs = {
- url = https://github.com/Lassulus/nixpkgs;
- rev = "d0e3cca04edd5d1b3d61f188b4a5f61f35cdf1ce";
+ url = https://github.com/NixOS/nixpkgs;
+ rev = "40c586b7ce2c559374df435f46d673baf711c543";
dev = "/home/lass/src/nixpkgs";
};
} // optionalAttrs config.krebs.build.host.secure {
@@ -104,6 +104,9 @@ with config.krebs.lib;
#stuff for dl
aria2
+
+ #neat utils
+ krebspaste
];
programs.bash = {
diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix
index eb764068b..47a16d4cb 100644
--- a/lass/2configs/browsers.nix
+++ b/lass/2configs/browsers.nix
@@ -1,6 +1,8 @@
{ config, lib, pkgs, ... }:
let
+ inherit (config.krebs.lib) genid;
+
mainUser = config.users.extraUsers.mainUser;
createChromiumUser = name: extraGroups: packages:
{
@@ -8,6 +10,7 @@ let
inherit name;
inherit extraGroups;
home = "/home/${name}";
+ uid = genid name;
useDefaultShell = true;
createHome = true;
};
@@ -28,6 +31,7 @@ let
inherit name;
inherit extraGroups;
home = "/home/${name}";
+ uid = genid name;
useDefaultShell = true;
createHome = true;
};
@@ -48,16 +52,17 @@ in {
environment.systemPackages = [
(pkgs.writeScriptBin "browser-select" ''
- BROWSER=$(echo -e "ff\ncr\nfb\ngm\nflash" | dmenu)
+ BROWSER=$(echo -e "ff\ncr\nwk\nfb\ngm\nflash" | dmenu)
$BROWSER $@
'')
];
imports = [
- ( createFirefoxUser "ff" [ "audio" ] [ ] )
+ ( createFirefoxUser "ff" [ "audio" ] [ pkgs.firefox ] )
( createChromiumUser "cr" [ "audio" ] [ pkgs.chromium ] )
- ( createChromiumUser "fb" [ ] [ pkgs.chromium ] )
- ( createChromiumUser "gm" [ ] [ pkgs.chromium ] )
+ ( createChromiumUser "wk" [ "audio" ] [ pkgs.chromium ] )
+ ( createChromiumUser "fb" [ "audio" ] [ pkgs.chromium ] )
+ ( createChromiumUser "gm" [ "audio" ] [ pkgs.chromium ] )
( createChromiumUser "flash" [ "audio" ] [ pkgs.flash ] )
];
diff --git a/lass/2configs/cbase.nix b/lass/2configs/cbase.nix
new file mode 100644
index 000000000..9d13bc30d
--- /dev/null
+++ b/lass/2configs/cbase.nix
@@ -0,0 +1,93 @@
+{ config, lib, pkgs, ... }:
+
+let
+ inherit (config.krebs.lib) genid;
+
+in {
+
+ users.extraUsers = {
+ cbasevpn = rec {
+ name = "cbasevpn";
+ uid = genid "cbasevpn";
+ description = "user for running c-base openvpn";
+ home = "/home/${name}";
+ };
+ };
+
+ users.extraGroups.cbasevpn.gid = genid "cbasevpn";
+
+ services.openvpn.servers = {
+ c-base = {
+ config = ''
+ client
+ dev tap
+ proto tcp
+ remote vpn.ext.c-base.org 1194
+ resolv-retry infinite
+ nobind
+ user cbasevpn
+ group cbasevpn
+ persist-key
+ persist-tun
+
+ auth-nocache
+ #auth-user-pass
+ auth-user-pass ${toString <secrets/cbase.txt>}
+
+ comp-lzo
+ verb 3
+
+ #script-security 2
+ #up /etc/openvpn/update-resolv-conf
+ #down /etc/openvpn/update-resolv-conf
+
+ <ca>
+ -----BEGIN CERTIFICATE-----
+ MIIDUjCCArugAwIBAgIJAOOk8EXgjsf5MA0GCSqGSIb3DQEBBQUAMHoxCzAJBgNV
+ BAYTAkRFMQswCQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZj
+ LWJhc2UxGzAZBgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEfMB0GCSqGSIb3DQEJ
+ ARYQYWRtYXhAYy1iYXNlLm9yZzAeFw0wOTAyMTMwOTE1MzdaFw0xOTAyMTEwOTE1
+ MzdaMHoxCzAJBgNVBAYTAkRFMQswCQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGlu
+ MQ8wDQYDVQQKEwZjLWJhc2UxGzAZBgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEf
+ MB0GCSqGSIb3DQEJARYQYWRtYXhAYy1iYXNlLm9yZzCBnzANBgkqhkiG9w0BAQEF
+ AAOBjQAwgYkCgYEAt3wEgXbqFKxs8z/E4rv13hkRi6J+QdshNzntm7rTOmUsXKE7
+ IEwoJSglrmsDPv4UqE86A7bjW7YYSFjhzxFRkTEHJanyOCF48ZPItVl7Eq7T81co
+ uR+6lAhxnLDrwnPJCC83NzAa6lw8U1DsQRDkayKlrQrtZq6++pFFEvZvt1cCAwEA
+ AaOB3zCB3DAdBgNVHQ4EFgQUqkSbdXS90+HtqXDeAI+PcyTSSHEwgawGA1UdIwSB
+ pDCBoYAUqkSbdXS90+HtqXDeAI+PcyTSSHGhfqR8MHoxCzAJBgNVBAYTAkRFMQsw
+ CQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZjLWJhc2UxGzAZ
+ BgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEfMB0GCSqGSIb3DQEJARYQYWRtYXhA
+ Yy1iYXNlLm9yZ4IJAOOk8EXgjsf5MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
+ BQADgYEAOBANG1H4uEEWk3sbeQoSMeA3LFG1+6MgFGk2WAdeHYuV9GKYBq6/PLP5
+ ffw+FNkiDjLSeSQO88vHYJr2V1v8n/ZoCIT+1VBcDWXTpGz0YxDI1iBauO3tUPzK
+ wGs46RA/S0YwiZw64MaUHd88ZVadjKy9kNoO3w6/vpAS6s/Mh+o=
+ -----END CERTIFICATE-----
+ </ca>
+ key-direction 1
+ <tls-auth>
+ #
+ # 2048 bit OpenVPN static key
+ #
+ -----BEGIN OpenVPN Static key V1-----
+ 5d49aa8c9cec18de7ab6e0b5cd09a368
+ d3f1b8b77e055e448804fa0e14f487cb
+ 491681742f96b54a23fb8639aa9ed14e
+ c40b86a5546b888c4f3873f23c956e87
+ 169076ec869127ffc85353fd5928871c
+ da19776b79f723abb366fae6cdfe4ad6
+ 7ef667b7d05a7b78dfd5ea1d2da276dc
+ 5f6c82313fe9c1178c7256b8d1d081b0
+ 4c80bc8f21add61fbc52c158579edc1d
+ bbde230afb9d0e531624ce289a17098a
+ 3261f9144a9a2a6f0da4250c9eed4086
+ 187ec6fa757a454de743a349e32af193
+ e9f8b49b010014bdfb3240d992f2f234
+ 581d0ce05d4e07a2b588ad9b0555b704
+ 9d5edc28efde59226ec8942feed690a1
+ 2acd0c8bc9424d6074d0d495391023b6
+ -----END OpenVPN Static key V1-----
+ </tls-auth>
+ '';
+ };
+ };
+}
diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix
index f8a63706e..1646cdea9 100644
--- a/lass/2configs/retiolum.nix
+++ b/lass/2configs/retiolum.nix
@@ -16,8 +16,6 @@
enable = true;
connectTo = [
"prism"
- "cloudkrebs"
- "echelon"
"pigstarter"
"gum"
"flap"
diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix
index 6a257f0bb..98f5df42a 100644
--- a/lass/2configs/weechat.nix
+++ b/lass/2configs/weechat.nix
@@ -1,14 +1,17 @@
{ config, lib, pkgs, ... }:
-{
- krebs.per-user.chat.packages = [
- pkgs.weechat
- pkgs.tmux
+let
+ inherit (config.krebs.lib) genid;
+in {
+ krebs.per-user.chat.packages = with pkgs; [
+ mosh
+ tmux
+ weechat
];
users.extraUsers.chat = {
home = "/home/chat";
- uid = lib.genid "chat";
+ uid = genid "chat";
useDefaultShell = true;
createHome = true;
openssh.authorizedKeys.keys = [