diff options
Diffstat (limited to 'lass/2configs')
| -rw-r--r-- | lass/2configs/baseX.nix | 9 | ||||
| -rw-r--r-- | lass/2configs/default.nix | 13 | ||||
| -rw-r--r-- | lass/2configs/fetchWallpaper.nix | 4 | ||||
| -rw-r--r-- | lass/2configs/git.nix | 3 | ||||
| -rw-r--r-- | lass/2configs/hfos.nix | 4 | ||||
| -rw-r--r-- | lass/2configs/hw/tp-x220.nix | 4 | ||||
| -rw-r--r-- | lass/2configs/nixpkgs.nix | 4 | ||||
| -rw-r--r-- | lass/2configs/radio.nix | 39 | ||||
| -rw-r--r-- | lass/2configs/retiolum.nix | 4 | ||||
| -rw-r--r-- | lass/2configs/screenlock.nix | 17 | ||||
| -rw-r--r-- | lass/2configs/smartd.nix | 17 | ||||
| -rw-r--r-- | lass/2configs/vim.nix | 167 | ||||
| -rw-r--r-- | lass/2configs/websites/domsen.nix | 83 | ||||
| -rw-r--r-- | lass/2configs/websites/fritz.nix | 9 | ||||
| -rw-r--r-- | lass/2configs/websites/lassulus.nix | 9 | ||||
| -rw-r--r-- | lass/2configs/xserver/default.nix | 35 | ||||
| -rw-r--r-- | lass/2configs/zsh.nix | 2 |
17 files changed, 265 insertions, 158 deletions
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 1e796015a..e879e8e58 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -7,12 +7,21 @@ in { ./xserver ./mpv.nix ./power-action.nix + ./screenlock.nix { hardware.pulseaudio = { enable = true; systemWide = true; }; } + { + krebs.per-user.lass.packages = [ + pkgs.sshuttle + ]; + security.sudo.extraConfig = '' + lass ALL= (root) NOPASSWD:SETENV: ${pkgs.sshuttle}/bin/.sshuttle-wrapped + ''; + } ]; users.extraUsers.mainUser.extraGroups = [ "audio" "video" ]; diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 6fea97728..911b7738a 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -9,7 +9,6 @@ with import <stockholm/lib>; ../2configs/mc.nix ../2configs/nixpkgs.nix ../2configs/vim.nix - ../2configs/zsh.nix ./backups.nix { users.extraUsers = @@ -56,6 +55,12 @@ with import <stockholm/lib>; SSL_CERT_FILE = ca-bundle; }; }) + { + #for sshuttle + environment.systemPackages = [ + pkgs.pythonPackages.python + ]; + } ]; networking.hostName = config.krebs.build.host.name; @@ -86,8 +91,6 @@ with import <stockholm/lib>; #why is this on in the first place? services.nscd.enable = false; - boot.tmpOnTmpfs = true; - # see tmpfiles.d(5) systemd.tmpfiles.rules = [ "d /tmp 1777 root root - -" ]; @@ -156,13 +159,17 @@ with import <stockholm/lib>; promptInit = '' if test $UID = 0; then PS1='\[\033[1;31m\]\w\[\033[0m\] ' + PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"' elif test $UID = 1337; then PS1='\[\033[1;32m\]\w\[\033[0m\] ' + PROMPT_COMMAND='echo -ne "\033]0;$$ $PWD\007"' else PS1='\[\033[1;33m\]\u@\w\[\033[0m\] ' + PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"' fi if test -n "$SSH_CLIENT"; then PS1='\[\033[35m\]\h'" $PS1" + PROMPT_COMMAND='echo -ne "\033]0;$$ $HOSTNAME $USER@$PWD\007"' fi ''; }; diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix index a724e2e45..cf084ea8f 100644 --- a/lass/2configs/fetchWallpaper.nix +++ b/lass/2configs/fetchWallpaper.nix @@ -8,5 +8,9 @@ in { unitConfig.ConditionPathExists = "!/var/run/ppp0.pid"; url = "prism/wallpaper.png"; }; + systemd.services.fetchWallpaper = { + after = [ "xmonad.service" ]; + wantedBy = [ "xmonad.service" ]; + }; } diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index ded0922b8..d7ec39f2d 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -56,7 +56,8 @@ let channel = "#retiolum"; server = "ni.r"; verbose = config.krebs.build.host.name == "prism"; - branches = [ "master" ]; + # TODO define branches in some kind of option per repo + branches = [ "master" "newest" "nin" ]; }; }; }; diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix index f6f09e226..7d4d544aa 100644 --- a/lass/2configs/hfos.nix +++ b/lass/2configs/hfos.nix @@ -7,7 +7,7 @@ with import <stockholm/lib>; isNormalUser = true; extraGroups = [ "libvirtd" ]; openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5NnADMRySix1kcxQwseHfem/SCDmkbvwc+ZZu7HFz4zss1k4Fh1knsukMY83zlno8p/8bBPWyixLTxuZHNy26af8GP95bvV3brnpRmrijkE4dOlpd+wvPcIyTKNunJvMzNDP/ry9g2GczEZKGWvQZudq/nI54HaCaRWM2kzEMEg8Rr9SGlZEKo8B+8HGVsz1a8USOnm8dqYP9dmfLdpy/s+7yWJSPh8wokvWeOOrahirOhO99ZfXm2gcdHqSKvbD2+4EYEm5w8iFrbYBT2wZ3u9ZOiooL/JuEBBdnDrcqZqeaTw0vOdKPvkUP8/rzRjvIwSkynMSD8fixpdGRNeIB riot@lagrange" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMkyCwdwBrsbs3qrNQcy/SqQpex4aaQoAMuT+NDefFc8KVHOMfmkDccEyAggDTgQhUrEVIvo/fFUmGBd9sm1vN1IthO2Qh5nX+qiK/A2R7sxci0Ry6piU03R27JfpZqi6g8TSPNi1C9rC8eBqOfO3OB8oQOkFmM48Q9cmS8AV3ERLR0LaHoEqUbs86JELbtHrMdKk4Hzo8zTM/isP3GO8iDHRt4dBS/03Ve7+WVxgNwWU2HW3a3jJd3tWHrqGmS/ZfCEC/47eIj4WSW+JiH9Q0BarNEbkkMV1Mvm32MX52stGPd5FaIIUtFqD4745iVSiw8esUGFUxJ1RjWgUHr99h riot@vortex" config.krebs.users.lass.pubkey ]; }; @@ -21,12 +21,14 @@ with import <stockholm/lib>; krebs.iptables.tables.nat.PREROUTING.rules = [ { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 22"; target = "DNAT --to-destination 192.168.122.208:22"; } + { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 25"; target = "DNAT --to-destination 192.168.122.208:25"; } { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 80"; target = "DNAT --to-destination 192.168.122.208:1080"; } { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; } ]; krebs.iptables.tables.filter.FORWARD.rules = [ { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 22 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; } + { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 25 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; } { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 1080 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; } { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 1443 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; } ]; diff --git a/lass/2configs/hw/tp-x220.nix b/lass/2configs/hw/tp-x220.nix index 4a7d0bbcd..ec36fa96a 100644 --- a/lass/2configs/hw/tp-x220.nix +++ b/lass/2configs/hw/tp-x220.nix @@ -2,6 +2,9 @@ with import <stockholm/lib>; { + imports = [ + ../smartd.nix + ]; networking.wireless.enable = lib.mkDefault true; hardware.enableAllFirmware = true; @@ -36,6 +39,7 @@ with import <stockholm/lib>; boot = { kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" ]; extraModulePackages = [ config.boot.kernelPackages.tp_smapi ]; + kernelParams = [ "acpi_backlight=none" ]; }; hardware.opengl.extraPackages = [ diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 6885ef59d..27b7c2439 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -2,7 +2,7 @@ { krebs.build.source.nixpkgs.git = { - url = https://github.com/lassulus/nixpkgs; - ref = "819c1ab486a9c81d6a6b76c759aedece2df39037"; + url = https://github.com/nixos/nixpkgs; + ref = "39098270855c171f0824c09d071b606ae991ff87"; }; } diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 18574471e..6e96f8845 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -60,28 +60,20 @@ in { musicDirectory = "/home/radio/the_playlist/music"; extraConfig = '' audio_output { - type "shout" - encoding "ogg" - name "the_playlist" - host "localhost" - port "8000" - mount "/radio.ogg" - - # This is the source password in icecast.xml - password "${source-password}" - - # Set either quality or bit rate - # quality "5.0" - bitrate "128" - - format "44100:16:1" - - # Optional Parameters - user "source" - # description "here is my long description" - genre "good music" - } # end of audio_output - + type "shout" + encoding "ogg" + name "the_playlist" + host "localhost" + port "8000" + mount "/radio.ogg" + password "${source-password}" + bitrate "128" + + format "44100:16:2" + + user "source" + genre "good music" + } ''; }; @@ -138,8 +130,7 @@ in { }; }; - krebs.Reaktor = { - enable = true; + krebs.Reaktor.playlist = { nickname = "the_playlist|r"; channels = [ "#the_playlist" ]; extraEnviron = { diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index eba40532d..7a7bf95be 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -16,9 +16,9 @@ enable = true; connectTo = [ "prism" - "pigstarter" "gum" - "flap" + "ni" + "dishfire" ]; }; diff --git a/lass/2configs/screenlock.nix b/lass/2configs/screenlock.nix new file mode 100644 index 000000000..237127f69 --- /dev/null +++ b/lass/2configs/screenlock.nix @@ -0,0 +1,17 @@ +{ pkgs, config, ... }: + +{ + systemd.services.screenlock = { + before = [ "sleep.target" ]; + wantedBy = [ "sleep.target" ]; + environment = { + DISPLAY = ":${toString config.services.xserver.display}"; + }; + serviceConfig = { + SyslogIdentifier = "screenlock"; + ExecStart = "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f"; + Type = "forking"; + User = "lass"; + }; + }; +} diff --git a/lass/2configs/smartd.nix b/lass/2configs/smartd.nix new file mode 100644 index 000000000..859812bed --- /dev/null +++ b/lass/2configs/smartd.nix @@ -0,0 +1,17 @@ +{ config, pkgs, ... }: + +{ + services.smartd = { + enable = true; + devices = [ + { + device = "DEVICESCAN"; + options = toString [ + "-a" + "-m ${config.krebs.users.lass.mail}" + "-s (O/../.././09|S/../.././04|L/../../6/05)" + ]; + } + ]; + }; +} diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index bfaae24c8..c3eac8f38 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -5,6 +5,7 @@ let out = { environment.systemPackages = [ vim + pkgs.pythonPackages.flake8 ]; environment.etc.vimrc.source = vimrc; @@ -13,6 +14,91 @@ let environment.variables.VIMINIT = ":so /etc/vimrc"; }; + vimrc = pkgs.writeText "vimrc" '' + set nocompatible + + set autoindent + set backspace=indent,eol,start + set backup + set backupdir=${dirs.backupdir}/ + set directory=${dirs.swapdir}// + set hlsearch + set incsearch + set mouse=a + set noruler + set pastetoggle=<INS> + set runtimepath=${extra-runtimepath},$VIMRUNTIME + set shortmess+=I + set showcmd + set showmatch + set ttimeoutlen=0 + set undodir=${dirs.undodir} + set undofile + set undolevels=1000000 + set undoreload=1000000 + set viminfo='20,<1000,s100,h,n${files.viminfo} + set visualbell + set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o + set wildmenu + set wildmode=longest,full + + set title + set titleold= + set titlestring=(vim)\ %t%(\ %M%)%(\ (%{expand(\"%:p:h\")})%)%(\ %a%)\ -\ %{v:servername} + + set et ts=2 sts=2 sw=2 + + filetype plugin indent on + + set t_Co=256 + colorscheme hack + syntax on + + au Syntax * syn match Garbage containedin=ALL /\s\+$/ + \ | syn match TabStop containedin=ALL /\t\+/ + \ | syn keyword Todo containedin=ALL TODO + + au BufRead,BufNewFile *.hs so ${hs.vim} + + au BufRead,BufNewFile *.nix so ${nix.vim} + + au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile + + "Syntastic config + let g:syntastic_python_checkers=['flake8'] + + nmap <esc>q :buffer + nmap <M-q> :buffer + + cnoremap <C-A> <Home> + + noremap <C-c> :q<cr> + vnoremap < <gv + vnoremap > >gv + + nnoremap <esc>[5^ :tabp<cr> + nnoremap <esc>[6^ :tabn<cr> + nnoremap <esc>[5@ :tabm -1<cr> + nnoremap <esc>[6@ :tabm +1<cr> + + nnoremap <f1> :tabp<cr> + nnoremap <f2> :tabn<cr> + inoremap <f1> <esc>:tabp<cr> + inoremap <f2> <esc>:tabn<cr> + + " <C-{Up,Down,Right,Left> + noremap <esc>Oa <nop> | noremap! <esc>Oa <nop> + noremap <esc>Ob <nop> | noremap! <esc>Ob <nop> + noremap <esc>Oc <nop> | noremap! <esc>Oc <nop> + noremap <esc>Od <nop> | noremap! <esc>Od <nop> + " <[C]S-{Up,Down,Right,Left> + noremap <esc>[a <nop> | noremap! <esc>[a <nop> + noremap <esc>[b <nop> | noremap! <esc>[b <nop> + noremap <esc>[c <nop> | noremap! <esc>[c <nop> + noremap <esc>[d <nop> | noremap! <esc>[d <nop> + vnoremap u <nop> + ''; + extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ pkgs.vimPlugins.Gundo pkgs.vimPlugins.Syntastic @@ -126,87 +212,6 @@ let exec ${pkgs.vim}/bin/vim "$@" ''; - vimrc = pkgs.writeText "vimrc" '' - set nocompatible - - set autoindent - set backspace=indent,eol,start - set backup - set backupdir=${dirs.backupdir}/ - set directory=${dirs.swapdir}// - set hlsearch - set incsearch - set mouse=a - set noruler - set pastetoggle=<INS> - set runtimepath=${extra-runtimepath},$VIMRUNTIME - set shortmess+=I - set showcmd - set showmatch - set ttimeoutlen=0 - set undodir=${dirs.undodir} - set undofile - set undolevels=1000000 - set undoreload=1000000 - set viminfo='20,<1000,s100,h,n${files.viminfo} - set visualbell - set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o - set wildmenu - set wildmode=longest,full - - set et ts=2 sts=2 sw=2 - - filetype plugin indent on - - set t_Co=256 - colorscheme hack - syntax on - - au Syntax * syn match Garbage containedin=ALL /\s\+$/ - \ | syn match TabStop containedin=ALL /\t\+/ - \ | syn keyword Todo containedin=ALL TODO - - au BufRead,BufNewFile *.hs so ${hs.vim} - - au BufRead,BufNewFile *.nix so ${nix.vim} - - au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile - - "Syntastic config - let g:syntastic_python_checkers=['flake8'] - - nmap <esc>q :buffer - nmap <M-q> :buffer - - cnoremap <C-A> <Home> - - noremap <C-c> :q<cr> - vnoremap < <gv - vnoremap > >gv - - nnoremap <esc>[5^ :tabp<cr> - nnoremap <esc>[6^ :tabn<cr> - nnoremap <esc>[5@ :tabm -1<cr> - nnoremap <esc>[6@ :tabm +1<cr> - - nnoremap <f1> :tabp<cr> - nnoremap <f2> :tabn<cr> - inoremap <f1> <esc>:tabp<cr> - inoremap <f2> <esc>:tabn<cr> - - " <C-{Up,Down,Right,Left> - noremap <esc>Oa <nop> | noremap! <esc>Oa <nop> - noremap <esc>Ob <nop> | noremap! <esc>Ob <nop> - noremap <esc>Oc <nop> | noremap! <esc>Oc <nop> - noremap <esc>Od <nop> | noremap! <esc>Od <nop> - " <[C]S-{Up,Down,Right,Left> - noremap <esc>[a <nop> | noremap! <esc>[a <nop> - noremap <esc>[b <nop> | noremap! <esc>[b <nop> - noremap <esc>[c <nop> | noremap! <esc>[c <nop> - noremap <esc>[d <nop> | noremap! <esc>[d <nop> - vnoremap u <nop> - ''; - hs.vim = pkgs.writeText "hs.vim" '' syn region String start=+\[[[:alnum:]]*|+ end=+|]+ diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 2bbfe7333..e79973a66 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -7,7 +7,6 @@ let genid_signed ; inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;}) - ssl servePage serveOwncloud serveWordpress; @@ -25,47 +24,16 @@ let in { imports = [ ./sqlBackup.nix - (ssl [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ]) (servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ]) - (ssl [ "karlaskop.de" "www.karlaskop.de" ]) (servePage [ "karlaskop.de" "www.karlaskop.de" ]) - (ssl [ "makeup.apanowicz.de" "www.makeup.apanowicz.de" ]) (servePage [ "makeup.apanowicz.de" "www.makeup.apanowicz.de" ]) - (ssl [ "pixelpocket.de" ]) (servePage [ "pixelpocket.de" ]) - (ssl [ "o.ubikmedia.de" ]) (serveOwncloud [ "o.ubikmedia.de" ]) - (ssl [ - "ubikmedia.de" - "aldona.ubikmedia.de" - "apanowicz.de" - "nirwanabluete.de" - "aldonasiech.com" - "360gradvideo.tv" - "ubikmedia.eu" - "facts.cloud" - "youthtube.xyz" - "illucloud.eu" - "illucloud.de" - "illucloud.com" - "www.ubikmedia.de" - "www.aldona.ubikmedia.de" - "www.apanowicz.de" - "www.nirwanabluete.de" - "www.aldonasiech.com" - "www.360gradvideo.tv" - "www.ubikmedia.eu" - "www.facts.cloud" - "www.youthtube.xyz" - "www.illucloud.eu" - "www.illucloud.de" - "www.illucloud.com" - ]) (serveWordpress [ "ubikmedia.de" "apanowicz.de" @@ -88,6 +56,16 @@ in { "www.illucloud.eu" "www.illucloud.de" "www.illucloud.com" + "www.ubikmedia.de" + "aldona2.ubikmedia.de" + "apanowicz.ubikmedia.de" + "cinevita.ubikmedia.de" + "factscloud.ubikmedia.de" + "illucloud.ubikmedia.de" + "joemisch.ubikmedia.de" + "karlaskop.ubikmedia.de" + "nb.ubikmedia.de" + "youthtube.ubikmedia.de" ]) ]; @@ -134,17 +112,26 @@ in { ''; internet-aliases = [ { from = "dominik@apanowicz.de"; to = "dominik_a@gmx.de"; } + { from = "dma@ubikmedia.de"; to = "domsen"; } + { from = "dma@ubikmedia.eu"; to = "domsen"; } { from = "mail@jla-trading.com"; to = "jla-trading"; } + { from = "jms@ubikmedia.eu"; to = "jms"; } + { from = "ms@ubikmedia.eu"; to = "ms"; } + { from = "nrg@ubikmedia.eu"; to = "nrg"; } + { from = "ubik@ubikmedia.eu"; to = "domsen, jms, ms, nrg"; } + + { from = "testuser@lassul.us"; to = "testuser"; } ]; sender_domains = [ "jla-trading.com" + "ubikmedia.eu" ]; ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem"; ssl_key = "/var/lib/acme/lassul.us/key.pem"; }; users.users.domsen = { - uid = genid "domsen"; + uid = genid_signed "domsen"; description = "maintenance acc for domsen"; home = "/home/domsen"; useDefaultShell = true; @@ -153,10 +140,38 @@ in { }; users.users.jla-trading = { - uid = genid "jla-trading"; + uid = genid_signed "jla-trading"; home = "/home/jla-trading"; useDefaultShell = true; createHome = true; }; + + users.users.jms = { + uid = genid_signed "jms"; + home = "/home/jms"; + useDefaultShell = true; + createHome = true; + }; + + users.users.ms = { + uid = genid_signed "ms"; + home = "/home/ms"; + useDefaultShell = true; + createHome = true; + }; + + users.users.nrg = { + uid = genid_signed "nrg"; + home = "/home/nrg"; + useDefaultShell = true; + createHome = true; + }; + + users.users.testuser = { + uid = genid_signed "testuser"; + home = "/home/testuser"; + useDefaultShell = true; + createHome = true; + }; } diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix index 00e987116..9bf7e4a9c 100644 --- a/lass/2configs/websites/fritz.nix +++ b/lass/2configs/websites/fritz.nix @@ -7,7 +7,6 @@ let head ; inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;}) - ssl servePage serveWordpress ; @@ -29,28 +28,20 @@ in { imports = [ ./sqlBackup.nix - (ssl [ "radical-dreamers.de" "www.radical-dreamers.de" ]) (serveWordpress [ "radical-dreamers.de" "www.radical-dreamers.de" ]) - (ssl [ "gs-maubach.de" "www.gs-maubach.de" ]) (serveWordpress [ "gs-maubach.de" "www.gs-maubach.de" ]) - (ssl [ "spielwaren-kern.de" "www.spielwaren-kern.de" ]) (serveWordpress [ "spielwaren-kern.de" "www.spielwaren-kern.de" ]) - (ssl [ "familienpraxis-korntal.de" "www.familienpraxis-korntal.de" ]) (servePage [ "familienpraxis-korntal.de" "www.familienpraxis-korntal.de" ]) - (ssl [ "ttf-kleinaspach.de" "www.ttf-kleinaspach.de" ]) (serveWordpress [ "ttf-kleinaspach.de" "www.ttf-kleinaspach.de" ]) - (ssl [ "eastuttgart.de" "www.eastuttgart.de" ]) (serveWordpress [ "eastuttgart.de" "www.eastuttgart.de" ]) - (ssl [ "habsys.de" "www.habsys.de" "habsys.eu" "www.habsys.eu" ]) (servePage [ "habsys.de" "www.habsys.de" "habsys.eu" "www.habsys.eu" ]) - (ssl [ "goldbarrendiebstahl.radical-dreamers.de" ]) (serveWordpress [ "goldbarrendiebstahl.radical-dreamers.de" ]) ]; diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index cfdda05db..024d2eeb2 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -83,6 +83,7 @@ in { locations."/tinc".extraConfig = '' alias ${config.krebs.tinc_graphs.workingDir}/external; ''; + # TODO make this work! locations."= /ddate".extraConfig = let script = pkgs.writeBash "test" '' echo "hello world" @@ -100,6 +101,14 @@ in { fastcgi_param SCRIPT_NAME ${script}; ''; + locations."/init".extraConfig = let + initscript = pkgs.init.override { + pubkey = config.krebs.users.lass.pubkey; + }; + in '' + alias ${initscript}; + ''; + enableSSL = true; extraConfig = "listen 80;"; sslCertificate = "/var/lib/acme/lassul.us/fullchain.pem"; diff --git a/lass/2configs/xserver/default.nix b/lass/2configs/xserver/default.nix index 53c8f9444..cba4db766 100644 --- a/lass/2configs/xserver/default.nix +++ b/lass/2configs/xserver/default.nix @@ -2,6 +2,24 @@ with import <stockholm/lib>; let user = config.krebs.build.user; + + copyqConfig = pkgs.writeDash "copyq-config" '' + ${pkgs.copyq}/bin/copyq config check_clipboard true + ${pkgs.copyq}/bin/copyq config check_selection true + ${pkgs.copyq}/bin/copyq config copy_clipboard true + ${pkgs.copyq}/bin/copyq config copy_selection true + + ${pkgs.copyq}/bin/copyq config activate_closes true + ${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0 + ${pkgs.copyq}/bin/copyq config clipboard_tab &clipboard + ${pkgs.copyq}/bin/copyq config disable_tray true + ${pkgs.copyq}/bin/copyq config hide_tabs true + ${pkgs.copyq}/bin/copyq config hide_toolbar true + ${pkgs.copyq}/bin/copyq config item_popup_interval true + ${pkgs.copyq}/bin/copyq config maxitems 1000 + ${pkgs.copyq}/bin/copyq config move true + ${pkgs.copyq}/bin/copyq config text_wrap true + ''; in { environment.systemPackages = [ @@ -109,4 +127,21 @@ in { User = user.name; }; }; + + systemd.services.copyq = { + wantedBy = [ "multi-user.target" ]; + requires = [ "xserver.service" ]; + environment = { + DISPLAY = ":${toString config.services.xserver.display}"; + }; + serviceConfig = { + SyslogIdentifier = "copyq"; + ExecStart = "${pkgs.copyq}/bin/copyq"; + ExecStartPost = copyqConfig; + Restart = "always"; + RestartSec = "2s"; + StartLimitBurst = 0; + User = user.name; + }; + }; } diff --git a/lass/2configs/zsh.nix b/lass/2configs/zsh.nix index 442a1d4d9..4d33aa79d 100644 --- a/lass/2configs/zsh.nix +++ b/lass/2configs/zsh.nix @@ -118,5 +118,5 @@ fi ''; }; - users.users.${config.krebs.build.user.name}.shell = "/run/current-system/sw/bin/zsh"; + users.users.mainUser.shell = "/run/current-system/sw/bin/zsh"; } |