From 1e957a12555d8086d9a42472d5d1abfe5a73ba30 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Jun 2016 22:07:29 +0200 Subject: k 3 l: RIP fastpoke --- krebs/3modules/lass/default.nix | 31 ------------------------------- 1 file changed, 31 deletions(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 48ba00494..d561f4c22 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -108,37 +108,6 @@ with config.krebs.lib; ssh.privkey.path = ; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQChm4sqQ2bUZj+2YnTf6G5HHRTpSe1jTUhJRnwcYPYZKF+CBqBncipRpuGlGXEsptNa+7ZMcQC0ySsz5SUOMt3Ih+NehVe/qt3VtRz0l0MgOWmH2qBwKK9Y4IuxrJQzUmP4UGlOGlFj9DORssSMOyFIG4eZ9k2qMn3xal0NVRfGTShKlouWsiUILZ8I+sDNE00z8DAYesgc1yazvRnjzvLkRxdNdpYiAFBbmXMpPKK95McRJaWsuNSeal9kd5p5PagWcgN4DZ6+ebzz3NKnmzk4j+vuHX0U9lTXBqKMlzzmM2YNLRtDPfrtJNyHqLpZUpFhJKqZCD+4/0zdrzRfC7Th+5czzUCSvHiKPVsqw5eOdiQX6EyzNAF5zpkpRp//QdUNNXC5/Ku6GKCO491+TuA8VCha0fOwBONccTLUI/hGNmCh88mLbukVoeGJrbYNCOA/6kEz7ZLEveU4i+TT7okhDElMsNk+AWCZ8/NdJQNX3/K6+JJ9qAn+/yC8LdjgYYJ2oU/aw5/HyOgiQ0z4n9UfQ7j+nHysY9CQb1b3guX7yjJoc3KpNXCXEztuIRHjFD1EP8NRTSmGjsa/VjLmTLSsqjD+7IE5mT0tO5RJvmagDgdJSr/iR5D9zjW7hx7ttvektrlp9g0v3CiCFVaW4l95hGYT0HaNBLJ5R0YHm0lD+Q=="; }; - fastpoke = { - nets = rec { - internet = { - ip4.addr = "193.22.164.36"; - aliases = [ - "fastpoke.internet" - ]; - }; - retiolum = { - via = internet; - ip4.addr = "10.243.253.152"; - ip6.addr = "42:422a:194f:ff3b:e196:2f82:5cf5:bc00"; - aliases = [ - "fastpoke.retiolum" - "fastpoke.r" - "cgit.fastpoke.retiolum" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAs4p5xsQYx06v+OkUbc09K6voFAbkvO66QdFoM71E10XyCeLP6iuq - DaIOFN4GrPR36pgyjqtJ+62G9uR+WsB/y14eio1p1ivDWgcpt5soOZAH5zVRRD9O - FBDlgVNwIJ6stMHy6OenEKWsfEiZRN3XstnqAqyykzjddglth1tJntn6kbZehzNQ - ezfIyN4XgaX2fhSu+UnAyLcV8wWnF9cMABjz7eKcSmRJgtG4ZiuDkbgiiEew7+pB - EPqOVQ80lJvzQKgO4PmVoAjD9A+AHnmLJNPDQQi8nIVilGCT60IX+XT1rt85Zpdy - rEaeriw/qsVJnberAhDAdQYYuM1ai2H5swIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRyEogeejET/UlqYYzrla3W2xG771oLK8uTFsVlVQFes4/c++Pp3KryJ/+avb/FQGlUb5YTO2SViZyAPTyw3Anv/8wxryB6ExDcfiiPL9D4Kgk559Gc1C+8vJu3Se3zB9huefllhdwsVkeFrInyWRarH3LNSbBq1TH2Rw/T4wyDVILu/QFxyqECdNzi6sufQ/92rEi3oDqlMbS8f45nbVm9CJpdn7ATwLW1PoBrrYkGll3P7ggOmR45rgldTVCLq3rIrIooiOaOhY1Leq+/sBeDa7fVeRFxFaLGYb9KFjQ4x2kL+3dDv0r726wKhrMQX75g/+Hqkv2di4/AGETI71b"; - }; cloudkrebs = { cores = 1; nets = rec { -- cgit v1.2.3 From 27522d311c70e616f34d61b631ca2d61e61fda36 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Jun 2016 22:09:05 +0200 Subject: k 3 l: add domsen-nas --- krebs/3modules/lass/default.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index d561f4c22..760c2d69d 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -108,6 +108,18 @@ with config.krebs.lib; ssh.privkey.path = ; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQChm4sqQ2bUZj+2YnTf6G5HHRTpSe1jTUhJRnwcYPYZKF+CBqBncipRpuGlGXEsptNa+7ZMcQC0ySsz5SUOMt3Ih+NehVe/qt3VtRz0l0MgOWmH2qBwKK9Y4IuxrJQzUmP4UGlOGlFj9DORssSMOyFIG4eZ9k2qMn3xal0NVRfGTShKlouWsiUILZ8I+sDNE00z8DAYesgc1yazvRnjzvLkRxdNdpYiAFBbmXMpPKK95McRJaWsuNSeal9kd5p5PagWcgN4DZ6+ebzz3NKnmzk4j+vuHX0U9lTXBqKMlzzmM2YNLRtDPfrtJNyHqLpZUpFhJKqZCD+4/0zdrzRfC7Th+5czzUCSvHiKPVsqw5eOdiQX6EyzNAF5zpkpRp//QdUNNXC5/Ku6GKCO491+TuA8VCha0fOwBONccTLUI/hGNmCh88mLbukVoeGJrbYNCOA/6kEz7ZLEveU4i+TT7okhDElMsNk+AWCZ8/NdJQNX3/K6+JJ9qAn+/yC8LdjgYYJ2oU/aw5/HyOgiQ0z4n9UfQ7j+nHysY9CQb1b3guX7yjJoc3KpNXCXEztuIRHjFD1EP8NRTSmGjsa/VjLmTLSsqjD+7IE5mT0tO5RJvmagDgdJSr/iR5D9zjW7hx7ttvektrlp9g0v3CiCFVaW4l95hGYT0HaNBLJ5R0YHm0lD+Q=="; }; + domsen-nas = { + nets = rec { + internet = { + aliases = [ + "domsen-nas.internet" + ]; + ip4.addr = "87.138.180.167"; + ssh.port = 2223; + }; + }; + ssh.pubkey = "ssh-dss AAAAB3NzaC1kc3MAAAEBAPH5Hcrc2QzIi7KQLf17N+aUuFfwb7uKxuojzmO3kyb3nMdn3s+rfTCJLWTJeHCeKb6yMpDF1XGXZwVN+omWV8CsA9tivOHYzZws3b0QB/JENjYmhHbNkKijm6EWXSyvsJ2RuFj0PC8+cv77ZFx7VTnrwZk6Excv7v51j+qo5BejLL1ZybISld/n3kQWE+GJqBYJ9zp/25XEl7macH02o58lRhfqygunDlKm4yiq34pfkA7FS4eHNzcXGvmtQlAHeDts1APbKq8OAoYoyCo0gjK9nbAwbfm0yqM51+eIo3H6xLWjSBdMI9guqndNJWps9PpKHa3bvM1xFB3vfoQZ6m8AAAAVAKf8ZCwMgP4ZpqwwNw4vIn1AuLnfAAABAQCVfUrpUWFvf/TXPucJde4CuAmtoMOrjpepAiXK7N9dwGyq/PbVxr4tnJ/RTyNGOFmBroc6/n0MnxR0qmkQPJNtM/Yz+kk+BCgwsyu2uenVOIX/eJFuQPQYiUdktTcgAyChMp99WF4yfKKgv1CDdMkpFi8xgBEN03s1sOKCRNwJ5rlpTNqh9LatuRyzWOIjNd7atkEYIQK92idJgqSmleo+UhJFfoOGjYlRbsnRVbvfqh7GVd7SSydhKhdb2eZjj2J8eMBwHNl1FLtqt02cnFW3FQDdXPbYYakN25z3F3sex/CPuBGJ0HRGq+y/Ynj/m99TPq9vLkzSUQPR4MmQ5feoAAABAG5L9ffMc/8T9dTeF7FEPlS54ka73M+pNY/5ehMykrrS9CVjFmvpeclnxkBpvjt3G5IlvkSsjUEE6kMk7mW9EV+USL0TTU/LavxXD8fLCSiIwResfLDRxjixjxVI1ouZeKNQ6B3tPOWOEIKR5nPlc7iy435nS77/NM3yBFH0KGdepr+3ZmdgWAjDLKjQhNyCz4Joc1IH1Vf5Ccvb6rsaJ91ajiq29iI2ZpLXXIQsS1ZYzO1Gr9xBTNgmzEmeLqFMcxDSJ+rLMF4VDjRdL2zz5BSmv/Ffj2nICMgv/gj3zzuk7zcMpnbvGyA3W8VWb6IjJDvww4rJ21Q2gHBC5XCohJs="; + }; cloudkrebs = { cores = 1; nets = rec { -- cgit v1.2.3 From 9cc197f10e9b2e0824875ef8a7cdebe0bab8102c Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Jun 2016 22:11:19 +0200 Subject: l 2 exim-smarthost: add nebenan@lassul.us --- lass/2configs/exim-smarthost.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index e9527fec5..1ba99c8cb 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -29,6 +29,7 @@ with config.krebs.lib; { from = "finanzamt@lassul.us"; to = lass.mail; } { from = "dominik@apanowicz.de"; to = "dma@ubikmedia.eu"; } { from = "netzclub@lassul.us"; to = lass.mail; } + { from = "nebenan@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } -- cgit v1.2.3 From d5ccef77d4d61f9451945ee1501513670eea8b66 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Jun 2016 22:16:02 +0200 Subject: l 2 radio: check remainingTime <150s --- lass/2configs/radio.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 12a4ddf26..d7cd20a36 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -138,7 +138,7 @@ in { restartIfChanged = true; serviceConfig = { - ExecStart = "${autoAdd} 100"; + ExecStart = "${autoAdd} 150"; }; }; -- cgit v1.2.3 From 3a92ac0e9b577be9f0d3d36fdfce977171b37560 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Jun 2016 22:42:14 +0200 Subject: l 3: add power-action --- lass/3modules/default.nix | 1 + lass/3modules/power-action.nix | 67 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 lass/3modules/power-action.nix diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 380d83a91..b3037205e 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -4,6 +4,7 @@ _: ./ejabberd ./folderPerms.nix ./mysql-backup.nix + ./power-action.nix ./urxvtd.nix ./wordpress_nginx.nix ./xresources.nix diff --git a/lass/3modules/power-action.nix b/lass/3modules/power-action.nix new file mode 100644 index 000000000..fd6dcf57e --- /dev/null +++ b/lass/3modules/power-action.nix @@ -0,0 +1,67 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.lass.power-action; + + out = { + options.lass.power-action = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "power-action"; + user = mkOption { + type = types.user; + default = { + name = "power-action"; + }; + }; + startAt = mkOption { + type = types.str; + default = "*:0/1"; + }; + plans = mkOption { + type = with types; attrsOf (submodule { + options = { + upperLimit = mkOption { + type = int; + }; + lowerLimit = mkOption { + type = int; + }; + action = mkOption { + type = path; + }; + }; + }); + }; + }; + + imp = { + systemd.services.power-action = { + serviceConfig = rec { + ExecStart = startScript; + User = cfg.user; + }; + startAt = cfg.startAt; + }; + users.users.${cfg.user.name} = { + inherit (cfg.user) name uid; + }; + }; + + startScript = pkgs.writeDash "power-action" '' + power="$(${powerlvl})" + ${concatStringsSep "\n" (mapAttrsToList writeRule cfg.plans)} + ''; + + writeRule = _: plan: + "if [ $power -ge ${toString plan.lowerLimit} ] && [ $power -le ${toString plan.upperLimit} ]; then ${plan.action}; fi"; + + powerlvl = pkgs.writeDash "powerlvl" '' + cat /sys/class/power_supply/BAT0/capacity + ''; + +in out -- cgit v1.2.3 From 1d47f59e8f446f0c9e774114138e9881e6f85742 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Jun 2016 13:28:15 +0200 Subject: l 2: use pulse.nix --- lass/2configs/baseX.nix | 6 +--- lass/2configs/pulse.nix | 88 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 89 insertions(+), 5 deletions(-) create mode 100644 lass/2configs/pulse.nix diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 7e969b3ed..7431617c2 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -8,6 +8,7 @@ in { #./urxvt.nix ./xserver ./mpv.nix + ./pulse.nix ]; users.extraUsers.mainUser.extraGroups = [ "audio" ]; @@ -16,11 +17,6 @@ in { virtualisation.libvirtd.enable = true; - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - programs.ssh.startAgent = false; security.setuidPrograms = [ "slock" ]; diff --git a/lass/2configs/pulse.nix b/lass/2configs/pulse.nix new file mode 100644 index 000000000..e86ea3b94 --- /dev/null +++ b/lass/2configs/pulse.nix @@ -0,0 +1,88 @@ +{ config, lib, pkgs, ... }: + +with config.krebs.lib; +let + pkg = pkgs.pulseaudioLight; + runDir = "/run/pulse"; + + alsaConf = pkgs.writeText "asound.conf" '' + ctl_type.pulse { + libs.native = ${pkgs.alsaPlugins}/lib/alsa-lib/libasound_module_ctl_pulse.so; + } + pcm_type.pulse { + libs.native = ${pkgs.alsaPlugins}/lib/alsa-lib/libasound_module_pcm_pulse.so; + } + ctl.!default { + type pulse + } + pcm.!default { + type pulse + } + ''; + + clientConf = pkgs.writeText "client.conf" '' + autospawn=no + default-server = unix:${runDir}/socket + ''; + + configFile = pkgs.writeText "default.pa" '' + .include ${pkg}/etc/pulse/default.pa + load-module ${toString [ + "module-native-protocol-unix" + "auth-anonymous=1" + "socket=${runDir}/socket" + ]} + ''; +in + +{ + environment = { + etc = { + "asound.conf".source = alsaConf; + # XXX mkForce is not strong enough (and neither is mkOverride) to create + # /etc/pulse/client.conf, see pulseaudio-hack below for a solution. + #"pulse/client.conf" = mkForce { source = clientConf; }; + #"pulse/client.conf".source = mkForce clientConf; + "pulse/default.pa".source = configFile; + }; + systemPackages = [ + pkg + ] ++ optionals config.services.xserver.enable [ + pkgs.pavucontrol + ]; + }; + + # Allow PulseAudio to get realtime priority using rtkit. + security.rtkit.enable = true; + + system.activationScripts.pulseaudio-hack = '' + ln -fns ${clientConf} /etc/pulse/client.conf + ''; + + systemd.services.pulse = { + wantedBy = [ "sound.target" ]; + before = [ "sound.target" ]; + environment = { + PULSE_RUNTIME_PATH = "${runDir}/home"; + }; + serviceConfig = { + ExecStart = "${pkg}/bin/pulseaudio"; + ExecStartPre = pkgs.writeDash "pulse-start" '' + install -o pulse -g audio -m 0750 -d ${runDir} + install -o pulse -g audio -m 0700 -d ${runDir}/home + ''; + PermissionsStartOnly = "true"; + User = "pulse"; + }; + }; + + users = { + groups.pulse.gid = config.users.users.pulse.uid; + users.pulse = { + uid = genid "pulse"; + group = "pulse"; + extraGroups = [ "audio" ]; + home = "${runDir}/home"; + }; + }; +} -- cgit v1.2.3 From 30a80d67df7a41baab1fc3557d220c0cbbd5cf0c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Jun 2016 13:26:22 +0200 Subject: l 2 buildbot-standalone: use make test --- lass/2configs/buildbot-standalone.nix | 60 ++++++++++++++++++++++++++++------- 1 file changed, 48 insertions(+), 12 deletions(-) diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index b70cf9da8..e36008335 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -1,6 +1,14 @@ { lib, config, pkgs, ... }: -{ - krebs.buildbot.master = let + +with config.krebs.lib; + +let + sshWrapper = pkgs.writeDash "ssh-wrapper" '' + ${pkgs.openssh}/bin/ssh -i ${shell.escape config.lass.build-ssh-privkey.path} "$@" + ''; + +in { + config.krebs.buildbot.master = let stockholm-mirror-url = http://cgit.prism/stockholm ; in { slaves = { @@ -44,11 +52,15 @@ grab_repo = steps.Git(repourl=stockholm_repo, mode='incremental') # TODO: get nixpkgs/stockholm paths from krebs - env = {"LOGNAME": "lass", "NIX_REMOTE": "daemon", "dummy_secrets": "true"} + env = { + "LOGNAME": "lass", + "NIX_REMOTE": "daemon", + "dummy_secrets": "true", + } # prepare nix-shell # the dependencies which are used by the test script - deps = [ "gnumake", "jq", "nix", "rsync" ] + deps = [ "gnumake", "jq", "nix", "rsync", "proot" ] # TODO: --pure , prepare ENV in nix-shell command: # SSL_CERT_FILE,LOGNAME,NIX_REMOTE nixshell = ["nix-shell", @@ -68,12 +80,11 @@ for i in [ "mors", "uriel", "shodan", "helios", "cloudkrebs", "echelon", "dishfire", "prism" ]: addShell(f,name="build-{}".format(i),env=env, command=nixshell + \ - ["nix-build \ - --show-trace --no-out-link \ - -I nixos-config=./lass/1systems/{}.nix \ - -I secrets=./lass/2configs/tests/dummy-secrets \ - -I stockholm=. \ - -A config.system.build.toplevel".format(i)]) + ["make \ + test \ + ssh=${sshWrapper} \ + target=build@localhost:${config.users.users.build.home}/testbuild \ + system={}".format(i)]) bu.append(util.BuilderConfig(name="build-all", slavenames=slavenames, @@ -115,7 +126,7 @@ }; }; - krebs.buildbot.slave = { + config.krebs.buildbot.slave = { enable = true; masterhost = "localhost"; username = "testslave"; @@ -125,7 +136,7 @@ NIX_PATH="nixpkgs=/var/src/nixpkgs"; }; }; - krebs.iptables = { + config.krebs.iptables = { tables = { filter.INPUT.rules = [ { predicate = "-p tcp --dport 8010"; target = "ACCEPT"; } @@ -133,4 +144,29 @@ ]; }; }; + + #ssh workaround for make test + options.lass.build-ssh-privkey = mkOption { + type = types.secret-file; + default = { + path = "${config.users.users.buildbotSlave.home}/ssh.privkey"; + owner = { inherit (config.users.users.buildbotSlave ) name uid;}; + source-path = toString + "/build.ssh.key"; + }; + }; + config.krebs.secret.files = { + build-ssh-privkey = config.lass.build-ssh-privkey; + }; + config.users.users = { + build = { + name = "build"; + uid = genid "build"; + home = "/home/build"; + useDefaultShell = true; + createHome = true; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP lass@mors" + ]; + }; + }; } -- cgit v1.2.3 From 75ba114468a8f025d5916f5b7fce34635d9bbc1a Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Jun 2016 13:50:52 +0200 Subject: l 2: override stockholm if dummy_secrets --- lass/2configs/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index deb3c46c2..9e0e37e48 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -59,12 +59,13 @@ with config.krebs.lib; user = config.krebs.users.lass; source = mapAttrs (_: mkDefault) ({ nixos-config = "symlink:stockholm/lass/1systems/${config.krebs.build.host.name}.nix"; - secrets = - if getEnv "dummy_secrets" == "true" + secrets = if getEnv "dummy_secrets" == "true" then toString else "/home/lass/secrets/${config.krebs.build.host.name}"; #secrets-common = "/home/lass/secrets/common"; - stockholm = "/home/lass/stockholm"; + stockholm = if getEnv "dummy_secrets" == "true" + then "/var/lib/buildbot/slave/build-all/build" + else "/home/lass/stockholm"; } // optionalAttrs config.krebs.build.host.secure { #secrets-master = "/home/lass/secrets/master"; }); -- cgit v1.2.3 From ab3a095a29bd69affcc7e2868a805a5680e3a876 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Jun 2016 16:09:36 +0200 Subject: l 2: bump nixpkgs f215f9e -> 7d93230 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index c893011a3..c6d8a5f8c 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs = { url = https://github.com/lassulus/nixpkgs; - rev = "f215f9e91e07473e61c9302aaa312c7350e98f0e"; + rev = "7d932301fe1d98a1ef1872a7124e8809279def74"; }; } -- cgit v1.2.3 From ae3a2a954d767127ae1c144685293c03a01cf1c8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Jun 2016 19:20:26 +0200 Subject: l 2 buildbot: build-all with method=build --- lass/2configs/buildbot-standalone.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index e36008335..7d3c236a6 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -84,6 +84,7 @@ in { test \ ssh=${sshWrapper} \ target=build@localhost:${config.users.users.build.home}/testbuild \ + method=build \ system={}".format(i)]) bu.append(util.BuilderConfig(name="build-all", -- cgit v1.2.3 From 61c57a2d533334a77d2a0c2cea3fee6380605a0f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Jun 2016 19:21:32 +0200 Subject: l 2 websites fritz: password protect some dirs --- lass/2configs/websites/fritz.nix | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix index c2b8ff116..03574d578 100644 --- a/lass/2configs/websites/fritz.nix +++ b/lass/2configs/websites/fritz.nix @@ -1,10 +1,10 @@ { config, pkgs, lib, ... }: +with lib; let inherit (import { config = {}; inherit lib; }) genid head - nameValuePair ; inherit (import {inherit lib pkgs;}) ssl @@ -58,6 +58,18 @@ in { "ttf_kleinaspach_de" ]; + #password protect some dirs + krebs.nginx.servers."biostase.de".locations = [ + (nameValuePair "/old_biostase.de" '' + auth_basic "Administrator Login"; + auth_basic_user_file /srv/http/biostase.de/old_biostase.de/.htaccess; + '') + (nameValuePair "/mysqldumper" '' + auth_basic "Administrator Login"; + auth_basic_user_file /srv/http/biostase.de/mysqldumper/.htaccess; + '') + ]; + users.users.root.openssh.authorizedKeys.keys = [ config.krebs.users.fritz.pubkey ]; -- cgit v1.2.3 From a6d1879739593d0bc53cf218f031b68410767d90 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Jun 2016 19:51:07 +0200 Subject: =?UTF-8?q?l=203=20power-action:=20fix=20some=20stuff=20(=C2=AF\?= =?UTF-8?q?=5F(=E3=83=84)=5F/=C2=AF)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lass/3modules/power-action.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lass/3modules/power-action.nix b/lass/3modules/power-action.nix index fd6dcf57e..631e651ff 100644 --- a/lass/3modules/power-action.nix +++ b/lass/3modules/power-action.nix @@ -1,13 +1,13 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let cfg = config.lass.power-action; out = { options.lass.power-action = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { @@ -43,7 +43,7 @@ let systemd.services.power-action = { serviceConfig = rec { ExecStart = startScript; - User = cfg.user; + User = cfg.user.name; }; startAt = cfg.startAt; }; -- cgit v1.2.3 From 6e2cbdfb734d24a5c4dfb37b9ccc0b093c07c1f6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Jun 2016 20:08:46 +0200 Subject: l 2 radio: remove unneeded sudo snippet --- lass/2configs/radio.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index d7cd20a36..3a38af286 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -54,10 +54,6 @@ in { mpc_cli ]; - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(${name}) NOPASSWD: ALL - ''; - services.mpd = { enable = true; group = "radio"; -- cgit v1.2.3 From 1b238cf556064996b9db9b4a86c232228a0e9114 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Jun 2016 21:51:45 +0200 Subject: l 3 power-action: add charging check --- lass/3modules/power-action.nix | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/lass/3modules/power-action.nix b/lass/3modules/power-action.nix index 631e651ff..06a316270 100644 --- a/lass/3modules/power-action.nix +++ b/lass/3modules/power-action.nix @@ -25,6 +25,16 @@ let plans = mkOption { type = with types; attrsOf (submodule { options = { + charging = mkOption { + type = nullOr bool; + default = null; + description = '' + check for charging status. + null = don't care + true = only if system is charging + false = only if system is discharging + ''; + }; upperLimit = mkOption { type = int; }; @@ -53,15 +63,31 @@ let }; startScript = pkgs.writeDash "power-action" '' + set -euf + power="$(${powerlvl})" + state="$(${state})" ${concatStringsSep "\n" (mapAttrsToList writeRule cfg.plans)} ''; + charging_check = plan: + if (plan.charging == null) then "" else + if plan.charging + then ''&& [ "$state" = "true" ]'' + else ''&& ! [ "$state" = "true" ]'' + ; writeRule = _: plan: - "if [ $power -ge ${toString plan.lowerLimit} ] && [ $power -le ${toString plan.upperLimit} ]; then ${plan.action}; fi"; + "if [ $power -ge ${toString plan.lowerLimit} ] && [ $power -le ${toString plan.upperLimit} ] ${charging_check plan}; then ${plan.action}; fi"; powerlvl = pkgs.writeDash "powerlvl" '' cat /sys/class/power_supply/BAT0/capacity ''; + state = pkgs.writeDash "state" '' + if [ "$(cat /sys/class/power_supply/BAT0/status)" = "Charging" ] + then echo "true" + else echo "false" + fi + ''; + in out -- cgit v1.2.3 From b408721046b0c84047d25f54764775d32264906d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Jun 2016 21:53:44 +0200 Subject: l 2: add power-action.nix --- lass/2configs/power-action.nix | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 lass/2configs/power-action.nix diff --git a/lass/2configs/power-action.nix b/lass/2configs/power-action.nix new file mode 100644 index 000000000..ca4b2afe8 --- /dev/null +++ b/lass/2configs/power-action.nix @@ -0,0 +1,23 @@ +{ config, pkgs, ... }: + +let + suspend = pkgs.writeDash "suspend" '' + ${pkgs.systemd}/bin/systemctl suspend + ''; + +in { + lass.power-action = { + enable = true; + plans.suspend = { + upperLimit = 10; + lowerLimit = 0; + charging = false; + action = pkgs.writeDash "suspend-wrapper" '' + /var/setuid-wrappers/sudo ${suspend} + ''; + }; + }; + security.sudo.extraConfig = '' + ${config.lass.power-action.user.name} ALL= (root) NOPASSWD: ${suspend} + ''; +} -- cgit v1.2.3 From d2120732b7643f1dd8770b4e7f75ee6b9c991cca Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 18 Jun 2016 22:01:10 +0200 Subject: l 2 baseX: import power-action.nix --- lass/2configs/baseX.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 7431617c2..744e8ed98 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -9,6 +9,7 @@ in { ./xserver ./mpv.nix ./pulse.nix + ./power-action.nix ]; users.extraUsers.mainUser.extraGroups = [ "audio" ]; -- cgit v1.2.3 From fa139f638e07be78393637b049a195b9abf01c30 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 19 Jun 2016 00:26:00 +0200 Subject: l 2 pulse: add /etc/pulse/daemon.conf --- lass/2configs/pulse.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lass/2configs/pulse.nix b/lass/2configs/pulse.nix index e86ea3b94..3be482191 100644 --- a/lass/2configs/pulse.nix +++ b/lass/2configs/pulse.nix @@ -25,6 +25,13 @@ let default-server = unix:${runDir}/socket ''; + daemonConf = pkgs.writeText "daemon.conf" '' + exit-idle-time=0 + flat-volumes = no + default-fragments = 4 + default-fragment-size-msec = 25 + ''; + configFile = pkgs.writeText "default.pa" '' .include ${pkg}/etc/pulse/default.pa load-module ${toString [ @@ -44,6 +51,7 @@ in #"pulse/client.conf" = mkForce { source = clientConf; }; #"pulse/client.conf".source = mkForce clientConf; "pulse/default.pa".source = configFile; + "pulse/daemon.pa".source = daemonConf; }; systemPackages = [ pkg -- cgit v1.2.3 From e37ac8ecd8dc7282953e83994dc6c4e3c78b7a85 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 19 Jun 2016 00:27:45 +0200 Subject: l 2 power-action: add low battery warning --- lass/2configs/power-action.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/lass/2configs/power-action.nix b/lass/2configs/power-action.nix index ca4b2afe8..0ff8547c7 100644 --- a/lass/2configs/power-action.nix +++ b/lass/2configs/power-action.nix @@ -5,9 +5,22 @@ let ${pkgs.systemd}/bin/systemctl suspend ''; + speak = text: + pkgs.writeDash "speak" '' + ${pkgs.espeak}/bin/espeak -v +whisper -s 110 "${text}" + ''; + in { lass.power-action = { enable = true; + plans.low-battery = { + upperLimit = 30; + lowerLimit = 25; + charging = false; + action = pkgs.writeDash "warn-low-battery" '' + ${speak "power level low"} + ''; + }; plans.suspend = { upperLimit = 10; lowerLimit = 0; @@ -17,6 +30,11 @@ in { ''; }; }; + + users.users.power-action.extraGroups = [ + "audio" + ]; + security.sudo.extraConfig = '' ${config.lass.power-action.user.name} ALL= (root) NOPASSWD: ${suspend} ''; -- cgit v1.2.3 From 914dabb84885df8162a49baba682c46ddba4c3d8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 19 Jun 2016 17:25:55 +0200 Subject: l 2 baseX: use hardware.pulseaudio again steam sound was broken --- lass/2configs/baseX.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 744e8ed98..6d26ff89a 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -8,9 +8,13 @@ in { #./urxvt.nix ./xserver ./mpv.nix - ./pulse.nix + #./pulse.nix ./power-action.nix ]; + hardware.pulseaudio = { + enable = true; + systemWide = true; + }; users.extraUsers.mainUser.extraGroups = [ "audio" ]; -- cgit v1.2.3 From 1b8c7bc87ac57a31d2d23aada81fe1d35546ff83 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 21 Jun 2016 15:43:45 +0200 Subject: l 5: use writeHaskell --- lass/5pkgs/default.nix | 4 +- lass/5pkgs/xmonad-lass.nix | 166 ++++++++++++++++++++++++++++++++++++ lass/5pkgs/xmonad-lass/.gitignore | 1 - lass/5pkgs/xmonad-lass/Main.hs | 149 -------------------------------- lass/5pkgs/xmonad-lass/Makefile | 6 -- lass/5pkgs/xmonad-lass/xmonad.cabal | 17 ---- 6 files changed, 167 insertions(+), 176 deletions(-) create mode 100644 lass/5pkgs/xmonad-lass.nix delete mode 100644 lass/5pkgs/xmonad-lass/.gitignore delete mode 100644 lass/5pkgs/xmonad-lass/Main.hs delete mode 100644 lass/5pkgs/xmonad-lass/Makefile delete mode 100644 lass/5pkgs/xmonad-lass/xmonad.cabal diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index 402fd1ffc..73e41790d 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -13,9 +13,7 @@ rs = pkgs.callPackage ./rs/default.nix {}; untilport = pkgs.callPackage ./untilport/default.nix {}; urban = pkgs.callPackage ./urban/default.nix {}; - xmonad-lass = - let src = pkgs.writeNixFromCabal "xmonad-lass.nix" ./xmonad-lass; in - pkgs.haskellPackages.callPackage src {}; + xmonad-lass = import ./xmonad-lass.nix { inherit pkgs; }; yt-next = pkgs.callPackage ./yt-next/default.nix {}; }; } diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix new file mode 100644 index 000000000..841821a7a --- /dev/null +++ b/lass/5pkgs/xmonad-lass.nix @@ -0,0 +1,166 @@ +{ pkgs, ... }: +pkgs.writeHaskell "xmonad-lass" { + executables.xmonad = { + extra-depends = [ + "containers" + "unix" + "X11" + "xmonad" + "xmonad-contrib" + "xmonad-stockholm" + ]; + text = '' +{-# LANGUAGE DeriveDataTypeable #-} -- for XS +{-# LANGUAGE FlexibleContexts #-} -- for xmonad' +{-# LANGUAGE LambdaCase #-} +{-# LANGUAGE ScopedTypeVariables #-} + + +module Main where +import XMonad + +import qualified XMonad.StackSet as W +import Control.Exception +import Data.List (isInfixOf) +import System.Environment (getArgs, withArgs, getEnv) +import System.IO (hPutStrLn, stderr) +import Text.Read (readEither) +import XMonad.Actions.CopyWindow (copy, kill1) +import XMonad.Actions.CycleWS (toggleWS) +import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace) +import XMonad.Actions.DynamicWorkspaces (withWorkspace) +import XMonad.Actions.GridSelect (GSConfig(..), gridselectWorkspace, navNSearch) +import XMonad.Hooks.FloatNext (floatNext) +import XMonad.Hooks.FloatNext (floatNextHook) +import XMonad.Hooks.ManageDocks (avoidStruts, ToggleStruts(ToggleStruts)) +import XMonad.Hooks.Place (placeHook, smart) +import XMonad.Hooks.UrgencyHook (focusUrgent) +import XMonad.Hooks.UrgencyHook (SpawnUrgencyHook(..), withUrgencyHook) +import XMonad.Layout.FixedColumn (FixedColumn(..)) +import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin)) +import XMonad.Layout.NoBorders (smartBorders) +import XMonad.Prompt (autoComplete, searchPredicate, XPConfig) +import XMonad.Prompt.Window (windowPromptGoto, windowPromptBringCopy) +import XMonad.Stockholm.Shutdown (sendShutdownEvent, handleShutdownEvent) +import XMonad.Util.EZConfig (additionalKeysP) + + +myTerm :: String +myTerm = "urxvtc" + +myFont :: String +myFont = "-schumacher-*-*-*-*-*-*-*-*-*-*-*-iso10646-*" + +main :: IO () +main = getArgs >>= \case + ["--shutdown"] -> sendShutdownEvent + _ -> mainNoArgs + +mainNoArgs :: IO () +mainNoArgs = do + workspaces0 <- getWorkspaces0 + xmonad' + $ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ") + $ def + { terminal = myTerm + , modMask = mod4Mask + , workspaces = workspaces0 + , layoutHook = smartBorders $ myLayoutHook + , manageHook = placeHook (smart (1,0)) <+> floatNextHook + , startupHook = spawn "echo emit XMonadStartup" + , normalBorderColor = "#1c1c1c" + , focusedBorderColor = "#f000b0" + , handleEventHook = handleShutdownEvent + } `additionalKeysP` myKeyMap + +myLayoutHook = defLayout + where + defLayout = minimize $ ((avoidStruts $ Tall 1 (3/100) (1/2) ||| Full ||| Mirror (Tall 1 (3/100) (1/2))) ||| FixedColumn 2 80 80 1) + + +xmonad' :: (LayoutClass l Window, Read (l Window)) => XConfig l -> IO () +xmonad' conf = do + path <- getEnv "XMONAD_STATE" + try (readFile path) >>= \case + Right content -> do + hPutStrLn stderr ("resuming from " ++ path ++ "; state = " ++ show content) + withArgs ("--resume" : lines content) (xmonad conf) + Left e -> do + hPutStrLn stderr (displaySomeException e) + xmonad conf + +getWorkspaces0 :: IO [String] +getWorkspaces0 = + try (getEnv "XMONAD_WORKSPACES0_FILE") >>= \case + Left e -> warn (displaySomeException e) + Right p -> try (readFile p) >>= \case + Left e -> warn (displaySomeException e) + Right x -> case readEither x of + Left e -> warn e + Right y -> return y + where + warn msg = hPutStrLn stderr ("getWorkspaces0: " ++ msg) >> return [] + +displaySomeException :: SomeException -> String +displaySomeException = displayException + + +myKeyMap :: [([Char], X ())] +myKeyMap = + [ ("M4-", spawn "i3lock -i /var/lib/wallpaper/wallpaper -f") + , ("M4-p", spawn "passmenu --type") + , ("", spawn "pactl -- set-sink-volume 0 +4%") + , ("", spawn "pactl -- set-sink-volume 0 -4%") + , ("", spawn "pactl -- set-sink-mute 0 toggle") + , ("", spawn "pactl -- set-source-mute 1 toggle") + , ("", gridselectWorkspace gridConfig W.view) + , ("", spawn "xbacklight -steps 1 -time 1 -inc 3") + , ("", spawn "xbacklight -steps 1 -time 1 -dec 3") + + , ("M4-a", focusUrgent) + , ("M4-S-r", renameWorkspace def) + , ("M4-S-a", addWorkspacePrompt def) + , ("M4-S-", removeEmptyWorkspace) + , ("M4-S-c", kill1) + , ("M4-", toggleWS) + , ("M4-S-", spawn myTerm) + , ("M4-x", floatNext True >> spawn myTerm) + , ("M4-f", floatNext True) + , ("M4-b", sendMessage ToggleStruts) + + , ("M4-v", withWorkspace autoXPConfig (windows . W.view)) + , ("M4-S-v", withWorkspace autoXPConfig (windows . W.shift)) + , ("M4-C-v", withWorkspace autoXPConfig (windows . copy)) + + , ("M4-m", withFocused minimizeWindow) + , ("M4-S-m", sendMessage RestoreNextMinimizedWin) + + , ("M4-q", windowPromptGoto infixAutoXPConfig) + , ("M4-C-q", windowPromptBringCopy infixAutoXPConfig) + + , ("M4-S-q", return ()) + ] + +autoXPConfig :: XPConfig +autoXPConfig = def + { autoComplete = Just 5000 + } + +infixAutoXPConfig :: XPConfig +infixAutoXPConfig = autoXPConfig + { searchPredicate = isInfixOf + } + +gridConfig :: GSConfig WorkspaceId +gridConfig = def + { gs_cellwidth = 100 + , gs_cellheight = 30 + , gs_cellpadding = 2 + , gs_navigate = navNSearch + , gs_font = myFont + } + + ''; + }; +} + diff --git a/lass/5pkgs/xmonad-lass/.gitignore b/lass/5pkgs/xmonad-lass/.gitignore deleted file mode 100644 index 616204547..000000000 --- a/lass/5pkgs/xmonad-lass/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/shell.nix diff --git a/lass/5pkgs/xmonad-lass/Main.hs b/lass/5pkgs/xmonad-lass/Main.hs deleted file mode 100644 index d7c66bf4d..000000000 --- a/lass/5pkgs/xmonad-lass/Main.hs +++ /dev/null @@ -1,149 +0,0 @@ -{-# LANGUAGE DeriveDataTypeable #-} -- for XS -{-# LANGUAGE FlexibleContexts #-} -- for xmonad' -{-# LANGUAGE LambdaCase #-} -{-# LANGUAGE ScopedTypeVariables #-} - - -module Main where -import XMonad - -import qualified XMonad.StackSet as W -import Control.Exception -import Data.List (isInfixOf) -import System.Environment (getArgs, withArgs, getEnv) -import System.IO (hPutStrLn, stderr) -import Text.Read (readEither) -import XMonad.Actions.CopyWindow (copy, kill1) -import XMonad.Actions.CycleWS (toggleWS) -import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace) -import XMonad.Actions.DynamicWorkspaces (withWorkspace) -import XMonad.Actions.GridSelect (GSConfig(..), gridselectWorkspace, navNSearch) -import XMonad.Hooks.FloatNext (floatNext) -import XMonad.Hooks.FloatNext (floatNextHook) -import XMonad.Hooks.ManageDocks (avoidStruts, ToggleStruts(ToggleStruts)) -import XMonad.Hooks.Place (placeHook, smart) -import XMonad.Hooks.UrgencyHook (focusUrgent) -import XMonad.Hooks.UrgencyHook (SpawnUrgencyHook(..), withUrgencyHook) -import XMonad.Layout.FixedColumn (FixedColumn(..)) -import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin)) -import XMonad.Layout.NoBorders (smartBorders) -import XMonad.Prompt (autoComplete, searchPredicate, XPConfig) -import XMonad.Prompt.Window (windowPromptGoto, windowPromptBringCopy) -import XMonad.Stockholm.Shutdown (sendShutdownEvent, handleShutdownEvent) -import XMonad.Util.EZConfig (additionalKeysP) - - -myTerm :: String -myTerm = "urxvtc" - -myFont :: String -myFont = "-schumacher-*-*-*-*-*-*-*-*-*-*-*-iso10646-*" - -main :: IO () -main = getArgs >>= \case - ["--shutdown"] -> sendShutdownEvent - _ -> mainNoArgs - -mainNoArgs :: IO () -mainNoArgs = do - workspaces0 <- getWorkspaces0 - xmonad' - $ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ") - $ def - { terminal = myTerm - , modMask = mod4Mask - , workspaces = workspaces0 - , layoutHook = smartBorders $ myLayoutHook - , manageHook = placeHook (smart (1,0)) <+> floatNextHook - , startupHook = spawn "echo emit XMonadStartup" - , normalBorderColor = "#1c1c1c" - , focusedBorderColor = "#f000b0" - , handleEventHook = handleShutdownEvent - } `additionalKeysP` myKeyMap - -myLayoutHook = defLayout - where - defLayout = minimize $ ((avoidStruts $ Tall 1 (3/100) (1/2) ||| Full ||| Mirror (Tall 1 (3/100) (1/2))) ||| FixedColumn 2 80 80 1) - - -xmonad' :: (LayoutClass l Window, Read (l Window)) => XConfig l -> IO () -xmonad' conf = do - path <- getEnv "XMONAD_STATE" - try (readFile path) >>= \case - Right content -> do - hPutStrLn stderr ("resuming from " ++ path ++ "; state = " ++ show content) - withArgs ("--resume" : lines content) (xmonad conf) - Left e -> do - hPutStrLn stderr (displaySomeException e) - xmonad conf - -getWorkspaces0 :: IO [String] -getWorkspaces0 = - try (getEnv "XMONAD_WORKSPACES0_FILE") >>= \case - Left e -> warn (displaySomeException e) - Right p -> try (readFile p) >>= \case - Left e -> warn (displaySomeException e) - Right x -> case readEither x of - Left e -> warn e - Right y -> return y - where - warn msg = hPutStrLn stderr ("getWorkspaces0: " ++ msg) >> return [] - -displaySomeException :: SomeException -> String -displaySomeException = displayException - - -myKeyMap :: [([Char], X ())] -myKeyMap = - [ ("M4-", spawn "i3lock -i /var/lib/wallpaper/wallpaper -f") - , ("M4-p", spawn "passmenu --type") - , ("", spawn "pactl -- set-sink-volume 0 +4%") - , ("", spawn "pactl -- set-sink-volume 0 -4%") - , ("", spawn "pactl -- set-sink-mute 0 toggle") - , ("", spawn "pactl -- set-source-mute 1 toggle") - , ("", gridselectWorkspace gridConfig W.view) - , ("", spawn "xbacklight -steps 1 -time 1 -inc 3") - , ("", spawn "xbacklight -steps 1 -time 1 -dec 3") - - , ("M4-a", focusUrgent) - , ("M4-S-r", renameWorkspace def) - , ("M4-S-a", addWorkspacePrompt def) - , ("M4-S-", removeEmptyWorkspace) - , ("M4-S-c", kill1) - , ("M4-", toggleWS) - , ("M4-S-", spawn myTerm) - , ("M4-x", floatNext True >> spawn myTerm) - , ("M4-f", floatNext True) - , ("M4-b", sendMessage ToggleStruts) - - , ("M4-v", withWorkspace autoXPConfig (windows . W.view)) - , ("M4-S-v", withWorkspace autoXPConfig (windows . W.shift)) - , ("M4-C-v", withWorkspace autoXPConfig (windows . copy)) - - , ("M4-m", withFocused minimizeWindow) - , ("M4-S-m", sendMessage RestoreNextMinimizedWin) - - , ("M4-q", windowPromptGoto infixAutoXPConfig) - , ("M4-C-q", windowPromptBringCopy infixAutoXPConfig) - - , ("M4-S-q", return ()) - ] - -autoXPConfig :: XPConfig -autoXPConfig = def - { autoComplete = Just 5000 - } - -infixAutoXPConfig :: XPConfig -infixAutoXPConfig = autoXPConfig - { searchPredicate = isInfixOf - } - -gridConfig :: GSConfig WorkspaceId -gridConfig = def - { gs_cellwidth = 100 - , gs_cellheight = 30 - , gs_cellpadding = 2 - , gs_navigate = navNSearch - , gs_font = myFont - } diff --git a/lass/5pkgs/xmonad-lass/Makefile b/lass/5pkgs/xmonad-lass/Makefile deleted file mode 100644 index cbb0776e6..000000000 --- a/lass/5pkgs/xmonad-lass/Makefile +++ /dev/null @@ -1,6 +0,0 @@ -.PHONY: ghci -ghci: shell.nix - nix-shell --command 'exec ghci -Wall' - -shell.nix: xmonad.cabal - cabal2nix --shell . > $@ diff --git a/lass/5pkgs/xmonad-lass/xmonad.cabal b/lass/5pkgs/xmonad-lass/xmonad.cabal deleted file mode 100644 index 37809b599..000000000 --- a/lass/5pkgs/xmonad-lass/xmonad.cabal +++ /dev/null @@ -1,17 +0,0 @@ -Author: lass -Build-Type: Simple -Cabal-Version: >= 1.2 -License: MIT -Name: xmonad-lass -Version: 0 - -Executable xmonad - Build-Depends: - base, - containers, - unix, - xmonad, - xmonad-contrib, - xmonad-stockholm - GHC-Options: -Wall -O3 -threaded -rtsopts - Main-Is: Main.hs -- cgit v1.2.3 From cd3da527790b062efcbacce97f45064d8c80dd52 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 21 Jun 2016 20:40:20 +0200 Subject: l 2 vim: use tv's config with neovim --- lass/2configs/vim.nix | 457 +++++++++++++++++++++++++++++++++++--------------- 1 file changed, 322 insertions(+), 135 deletions(-) diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 8295d9d49..105450fd8 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -1,158 +1,345 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: +with config.krebs.lib; let - customPlugins = { - mustang2 = pkgs.vimUtils.buildVimPlugin { - name = "Mustang2"; - src = pkgs.fetchFromGitHub { - owner = "croaker"; - repo = "mustang-vim"; - rev = "6533d7d21bf27cae94d9c2caa575f627f003dfd5"; - sha256 = "0zlmcrr04j3dkiivrhqi90f618lmnnnpvbz1b9msfs78cmgw9w67"; - }; - }; - unimpaired = pkgs.vimUtils.buildVimPlugin { - name = "unimpaired-vim"; - src = pkgs.fetchFromGitHub { - owner = "tpope"; - repo = "vim-unimpaired"; - rev = "11dc568dbfd7a56866a4354c737515769f08e9fe"; - sha256 = "1an941j5ckas8l3vkfhchdzjwcray16229rhv3a1d4pbxifwshi8"; - }; - }; - brogrammer = pkgs.vimUtils.buildVimPlugin { - name = "brogrammer"; - src = pkgs.fetchFromGitHub { - owner = "marciomazza"; - repo = "vim-brogrammer-theme"; - rev = "3e412d8e8909d8d89eb5a4cbe955b5bc0833a3c3"; - sha256 = "0am1qk8ls74z5ipgf9viacayq08y9i9vd7sxxiivwgsjh2ancbv6"; - }; - }; - file-line = pkgs.vimUtils.buildVimPlugin { - name = "file-line"; - src = pkgs.fetchFromGitHub { - owner = "bogado"; - repo = "file-line"; - rev = "f9ffa1879ad84ce4a386110446f395bc1795b72a"; - sha256 = "173n47w9zd01rcyrrmm194v79xq7d1ggzr19n1lsxrqfgr2c1rvk"; - }; - }; + out = { + environment.systemPackages = [ + vim + ]; + + environment.etc.vimrc.source = vimrc; + + environment.variables.EDITOR = mkForce "vim"; + environment.variables.VIMINIT = ":so /etc/vimrc"; }; -in { + extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ + pkgs.vimPlugins.undotree + pkgs.vimPlugins.Gundo + (pkgs.vimUtils.buildVimPlugin { + name = "file-line-1.0"; + src = pkgs.fetchgit { + url = git://github.com/bogado/file-line; + rev = "refs/tags/1.0"; + sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0"; + }; + }) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let + name = "hack"; + in { + name = "vim-color-${name}-1.0.2"; + destination = "/colors/${name}.vim"; + text = /* vim */ '' + set background=dark + hi clear + if exists("syntax_on") + syntax clear + endif + + let colors_name = ${toJSON name} + + hi Normal ctermbg=235 + hi Comment ctermfg=242 + hi Constant ctermfg=255 + hi Identifier ctermfg=253 + hi Function ctermfg=253 + hi Statement ctermfg=253 + hi PreProc ctermfg=251 + hi Type ctermfg=251 + hi Delimiter ctermfg=251 + hi Special ctermfg=255 + + hi Garbage ctermbg=088 + hi TabStop ctermbg=016 + hi Todo ctermfg=174 ctermbg=NONE + + hi NixCode ctermfg=040 + hi NixData ctermfg=046 + hi NixQuote ctermfg=071 - environment.systemPackages = [ - (pkgs.vim_configurable.customize { + hi diffNewFile ctermfg=207 + hi diffFile ctermfg=207 + hi diffLine ctermfg=207 + hi diffSubname ctermfg=207 + hi diffAdded ctermfg=010 + hi diffRemoved ctermfg=009 + ''; + }))) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let name = "vim"; + in { + name = "vim-syntax-${name}-1.0.0"; + destination = "/syntax/${name}.vim"; + text = /* vim */ '' + ${concatMapStringsSep "\n" (s: /* vim */ '' + syn keyword vimColor${s} ${s} + \ containedin=ALLBUT,vimComment,vimLineComment + hi vimColor${s} ctermfg=${s} + '') (map (i: lpad 3 "0" (toString i)) (range 0 255))} + ''; + }))) + ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let + name = "showsyntax"; + in { + name = "vim-plugin-${name}-1.0.0"; + destination = "/plugin/${name}.vim"; + text = /* vim */ '' + if exists('g:loaded_showsyntax') + finish + endif + let g:loaded_showsyntax = 0 - vimrcConfig.customRC = '' - set nocompatible - set t_Co=16 - syntax on - " TODO autoload colorscheme file - set background=dark - colorscheme brogrammer - filetype off - filetype plugin indent on + fu! ShowSyntax() + let id = synID(line("."), col("."), 1) + let name = synIDattr(id, "name") + let transName = synIDattr(synIDtrans(id),"name") + if name != transName + let name .= " (" . transName . ")" + endif + echo "Syntax: " . name + endfu - imap + command! -n=0 -bar ShowSyntax :call ShowSyntax() + ''; + }))) + ]; - set mouse=a - set ruler - set showmatch - set backspace=2 - set visualbell - set encoding=utf8 - set showcmd - set wildmenu + dirs = { + backupdir = "$HOME/.cache/vim/backup"; + swapdir = "$HOME/.cache/vim/swap"; + undodir = "$HOME/.cache/vim/undo"; + }; + files = { + viminfo = "$HOME/.cache/vim/info"; + }; - set title - set titleold= - set titlestring=%t%(\ %M%)%(\ (%{expand(\"%:p:h\")})%)%(\ %a%)\ -\ %{v:servername} + mkdirs = let + dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s)); + in assert out != ""; out; + alldirs = attrValues dirs ++ map dirOf (attrValues files); + in unique (sort lessThan alldirs); - set autoindent + vim = pkgs.writeDashBin "vim" '' + set -efu + (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs}) + exec ${pkgs.neovim}/bin/nvim "$@" + ''; - set ttyfast + vimrc = pkgs.writeText "vimrc" '' + set nocompatible - set pastetoggle= + set autoindent + set backspace=indent,eol,start + set backup + set backupdir=${dirs.backupdir}/ + set directory=${dirs.swapdir}// + set hlsearch + set incsearch + set mouse=a + set noruler + set pastetoggle= + set runtimepath=${extra-runtimepath},$VIMRUNTIME + set shortmess+=I + set showcmd + set showmatch + set ttimeoutlen=0 + set undodir=${dirs.undodir} + set undofile + set undolevels=1000000 + set undoreload=1000000 + set viminfo='20,<1000,s100,h,n${files.viminfo} + set visualbell + set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o + set wildmenu + set wildmode=longest,full + set et ts=2 sts=2 sw=2 - " Force Saving Files that Require Root Permission - command! W silent w !sudo tee "%" >/dev/null + filetype plugin indent on - nnoremap :q - vnoremap < >gv + set t_Co=256 + colorscheme hack + syntax on - nmap q :buffer + au Syntax * syn match Garbage containedin=ALL /\s\+$/ + \ | syn match TabStop containedin=ALL /\t\+/ + \ | syn keyword Todo containedin=ALL TODO + au BufRead,BufNewFile *.hs so ${hs.vim} - "Tabwidth - set ts=2 sts=2 sw=2 et + au BufRead,BufNewFile *.nix so ${nix.vim} - " create Backup/tmp/undo dirs - function! InitBackupDir() - let l:parent = $HOME . '/.vim/' - let l:backup = l:parent . 'backups/' - let l:tmpdir = l:parent . 'tmp/' - let l:undodi = l:parent . 'undo/' + au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile - if !isdirectory(l:parent) - call mkdir(l:parent) - endif - if !isdirectory(l:backup) - call mkdir(l:backup) - endif - if !isdirectory(l:tmpdir) - call mkdir(l:tmpdir) - endif - if !isdirectory(l:undodi) - call mkdir(l:undodi) - endif - endfunction - call InitBackupDir() - - " Backups & Files - set backup - set backupdir=~/.vim/backups - set directory=~/.vim/tmp// - set viminfo='20,<1000,s100,h,n~/.vim/tmp/info - set undodir=$HOME/.vim/undo - set undofile - - " highlight whitespaces - highlight ExtraWhitespace ctermbg=red guibg=red - match ExtraWhitespace /\s\+$/ - autocmd BufWinEnter * match ExtraWhitespace /\s\+$/ - autocmd InsertEnter * match ExtraWhitespace /\s\+\%#\@ za - nnoremap za - onoremap za - vnoremap zf - ''; - - vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; - vimrcConfig.vam.pluginDictionaries = [ - { names = [ - "brogrammer" - "file-line" - "Gundo" - ]; } - { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } + nmap q :buffer + nmap :buffer + + cnoremap + + noremap :q + + nnoremap [5^ :tabp + nnoremap [6^ :tabn + nnoremap [5@ :tabm -1 + nnoremap [6@ :tabm +1 + + nnoremap :tabp + nnoremap :tabn + inoremap :tabp + inoremap :tabn + + " + noremap Oa | noremap! Oa + noremap Ob | noremap! Ob + noremap Oc | noremap! Oc + noremap Od | noremap! Od + " <[C]S-{Up,Down,Right,Left> + noremap [a | noremap! [a + noremap [b | noremap! [b + noremap [c | noremap! [c + noremap [d | noremap! [d + vnoremap u + ''; + + hs.vim = pkgs.writeText "hs.vim" '' + syn region String start=+\[[[:alnum:]]*|+ end=+|]+ + + hi link ConId Identifier + hi link VarId Identifier + hi link hsDelimiter Delimiter + ''; + + nix.vim = pkgs.writeText "nix.vim" '' + setf nix + + " Ref + syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/ + syn match NixINT /\<[0-9]\+\>/ + syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ + syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ + syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/ + syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/ + syn region NixSTRING + \ matchgroup=NixSTRING + \ start='"' + \ skip='\\"' + \ end='"' + syn region NixIND_STRING + \ matchgroup=NixIND_STRING + \ start="'''" + \ skip="'''\('\|[$]\|\\[nrt]\)" + \ end="'''" + + syn match NixOther /[():/;=.,?\[\]]/ + + syn match NixCommentMatch /\(^\|\s\)#.*/ + syn region NixCommentRegion start="/\*" end="\*/" + + hi link NixCode Statement + hi link NixData Constant + hi link NixComment Comment + + hi link NixCommentMatch NixComment + hi link NixCommentRegion NixComment + hi link NixID NixCode + hi link NixINT NixData + hi link NixPATH NixData + hi link NixHPATH NixData + hi link NixSPATH NixData + hi link NixURI NixData + hi link NixSTRING NixData + hi link NixIND_STRING NixData + + hi link NixEnter NixCode + hi link NixOther NixCode + hi link NixQuote NixData + + syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings + syn cluster nix_ind_strings contains=NixIND_STRING + syn cluster nix_strings contains=NixSTRING + + ${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let + startAlts = filter isString [ + ''/\* ${lang} \*/'' + extraStart ]; + sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*''; + in /* vim */ '' + syn include @nix_${lang}_syntax syntax/${lang}.vim + unlet b:current_syntax - }) - ]; -} + syn match nix_${lang}_sigil + \ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X + \ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING + \ transparent + + syn region nix_${lang}_region_STRING + \ matchgroup=NixSTRING + \ start='"' + \ skip='\\"' + \ end='"' + \ contained + \ contains=@nix_${lang}_syntax + \ transparent + + syn region nix_${lang}_region_IND_STRING + \ matchgroup=NixIND_STRING + \ start="'''" + \ skip="'''\('\|[$]\|\\[nrt]\)" + \ end="'''" + \ contained + \ contains=@nix_${lang}_syntax + \ transparent + + syn cluster nix_ind_strings + \ add=nix_${lang}_region_IND_STRING + + syn cluster nix_strings + \ add=nix_${lang}_region_STRING + + syn cluster nix_has_dollar_curly + \ add=@nix_${lang}_syntax + '') { + c = {}; + cabal = {}; + haskell = {}; + sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"''; + vim.extraStart = + ''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"''; + })} + + " Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY. + syn clear shVarAssign + + syn region nixINSIDE_DOLLAR_CURLY + \ matchgroup=NixEnter + \ start="[$]{" + \ end="}" + \ contains=TOP + \ containedin=@nix_has_dollar_curly + \ transparent + + syn region nix_inside_curly + \ matchgroup=NixEnter + \ start="{" + \ end="}" + \ contains=TOP + \ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly + \ transparent + + syn match NixQuote /'''\([''$']\|\\.\)/he=s+2 + \ containedin=@nix_ind_strings + \ contained + + syn match NixQuote /\\./he=s+1 + \ containedin=@nix_strings + \ contained + + syn sync fromstart + + let b:current_syntax = "nix" + + set isk=@,48-57,_,192-255,-,' + ''; +in +out -- cgit v1.2.3 From 2915a48246b93896b7d8df5007a677df3add7a77 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Jun 2016 19:12:34 +0200 Subject: l 2 mail: save send emails in notmuch --- lass/2configs/mail.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index 72d6f987f..7c050005b 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -10,8 +10,9 @@ let account default: prism ''; - msmtp = pkgs.writeDashBin "msmtp" '' - exec ${pkgs.msmtp}/bin/msmtp -C ${msmtprc} $@ + msmtp = pkgs.writeBashBin "msmtp" '' + ${pkgs.coreutils}/bin/tee >(${pkgs.notmuch}/bin/notmuch insert +sent) | \ + ${pkgs.msmtp}/bin/msmtp -C ${msmtprc} $@ ''; muttrc = pkgs.writeText "muttrc" '' @@ -42,7 +43,7 @@ let set nm_record = yes set nm_record_tags = "-inbox me archive" set virtual_spoolfile=yes # enable virtual folders - set sendmail="msmtp" # enables parsing of outgoing mail + set sendmail="${msmtp}/bin/msmtp" # enables parsing of outgoing mail set use_from=yes set envelope_from=yes -- cgit v1.2.3 From 401d80610243f1eac1fcb123f51ce3ea6e2280da Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Jun 2016 19:21:11 +0200 Subject: l 2: rename cbase to c-base --- lass/1systems/mors.nix | 3 +- lass/2configs/c-base.nix | 93 ++++++++++++++++++++++++++++++++++++++++++++++++ lass/2configs/cbase.nix | 93 ------------------------------------------------ 3 files changed, 94 insertions(+), 95 deletions(-) create mode 100644 lass/2configs/c-base.nix delete mode 100644 lass/2configs/cbase.nix diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index beb5659d0..062e4c29d 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -26,11 +26,10 @@ ../2configs/teamviewer.nix ../2configs/libvirt.nix ../2configs/fetchWallpaper.nix - ../2configs/cbase.nix + ../2configs/c-base.nix ../2configs/mail.nix ../2configs/krebs-pass.nix ../2configs/umts.nix - #../2configs/buildbot-standalone.nix { #risk of rain port krebs.iptables.tables.filter.INPUT.rules = [ diff --git a/lass/2configs/c-base.nix b/lass/2configs/c-base.nix new file mode 100644 index 000000000..9d13bc30d --- /dev/null +++ b/lass/2configs/c-base.nix @@ -0,0 +1,93 @@ +{ config, lib, pkgs, ... }: + +let + inherit (config.krebs.lib) genid; + +in { + + users.extraUsers = { + cbasevpn = rec { + name = "cbasevpn"; + uid = genid "cbasevpn"; + description = "user for running c-base openvpn"; + home = "/home/${name}"; + }; + }; + + users.extraGroups.cbasevpn.gid = genid "cbasevpn"; + + services.openvpn.servers = { + c-base = { + config = '' + client + dev tap + proto tcp + remote vpn.ext.c-base.org 1194 + resolv-retry infinite + nobind + user cbasevpn + group cbasevpn + persist-key + persist-tun + + auth-nocache + #auth-user-pass + auth-user-pass ${toString } + + comp-lzo + verb 3 + + #script-security 2 + #up /etc/openvpn/update-resolv-conf + #down /etc/openvpn/update-resolv-conf + + + -----BEGIN CERTIFICATE----- + MIIDUjCCArugAwIBAgIJAOOk8EXgjsf5MA0GCSqGSIb3DQEBBQUAMHoxCzAJBgNV + BAYTAkRFMQswCQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZj + LWJhc2UxGzAZBgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEfMB0GCSqGSIb3DQEJ + ARYQYWRtYXhAYy1iYXNlLm9yZzAeFw0wOTAyMTMwOTE1MzdaFw0xOTAyMTEwOTE1 + MzdaMHoxCzAJBgNVBAYTAkRFMQswCQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGlu + MQ8wDQYDVQQKEwZjLWJhc2UxGzAZBgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEf + MB0GCSqGSIb3DQEJARYQYWRtYXhAYy1iYXNlLm9yZzCBnzANBgkqhkiG9w0BAQEF + AAOBjQAwgYkCgYEAt3wEgXbqFKxs8z/E4rv13hkRi6J+QdshNzntm7rTOmUsXKE7 + IEwoJSglrmsDPv4UqE86A7bjW7YYSFjhzxFRkTEHJanyOCF48ZPItVl7Eq7T81co + uR+6lAhxnLDrwnPJCC83NzAa6lw8U1DsQRDkayKlrQrtZq6++pFFEvZvt1cCAwEA + AaOB3zCB3DAdBgNVHQ4EFgQUqkSbdXS90+HtqXDeAI+PcyTSSHEwgawGA1UdIwSB + pDCBoYAUqkSbdXS90+HtqXDeAI+PcyTSSHGhfqR8MHoxCzAJBgNVBAYTAkRFMQsw + CQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZjLWJhc2UxGzAZ + BgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEfMB0GCSqGSIb3DQEJARYQYWRtYXhA + Yy1iYXNlLm9yZ4IJAOOk8EXgjsf5MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF + BQADgYEAOBANG1H4uEEWk3sbeQoSMeA3LFG1+6MgFGk2WAdeHYuV9GKYBq6/PLP5 + ffw+FNkiDjLSeSQO88vHYJr2V1v8n/ZoCIT+1VBcDWXTpGz0YxDI1iBauO3tUPzK + wGs46RA/S0YwiZw64MaUHd88ZVadjKy9kNoO3w6/vpAS6s/Mh+o= + -----END CERTIFICATE----- + + key-direction 1 + + # + # 2048 bit OpenVPN static key + # + -----BEGIN OpenVPN Static key V1----- + 5d49aa8c9cec18de7ab6e0b5cd09a368 + d3f1b8b77e055e448804fa0e14f487cb + 491681742f96b54a23fb8639aa9ed14e + c40b86a5546b888c4f3873f23c956e87 + 169076ec869127ffc85353fd5928871c + da19776b79f723abb366fae6cdfe4ad6 + 7ef667b7d05a7b78dfd5ea1d2da276dc + 5f6c82313fe9c1178c7256b8d1d081b0 + 4c80bc8f21add61fbc52c158579edc1d + bbde230afb9d0e531624ce289a17098a + 3261f9144a9a2a6f0da4250c9eed4086 + 187ec6fa757a454de743a349e32af193 + e9f8b49b010014bdfb3240d992f2f234 + 581d0ce05d4e07a2b588ad9b0555b704 + 9d5edc28efde59226ec8942feed690a1 + 2acd0c8bc9424d6074d0d495391023b6 + -----END OpenVPN Static key V1----- + + ''; + }; + }; +} diff --git a/lass/2configs/cbase.nix b/lass/2configs/cbase.nix deleted file mode 100644 index 9d13bc30d..000000000 --- a/lass/2configs/cbase.nix +++ /dev/null @@ -1,93 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (config.krebs.lib) genid; - -in { - - users.extraUsers = { - cbasevpn = rec { - name = "cbasevpn"; - uid = genid "cbasevpn"; - description = "user for running c-base openvpn"; - home = "/home/${name}"; - }; - }; - - users.extraGroups.cbasevpn.gid = genid "cbasevpn"; - - services.openvpn.servers = { - c-base = { - config = '' - client - dev tap - proto tcp - remote vpn.ext.c-base.org 1194 - resolv-retry infinite - nobind - user cbasevpn - group cbasevpn - persist-key - persist-tun - - auth-nocache - #auth-user-pass - auth-user-pass ${toString } - -