From 21cbde1a0b2352a98a53efb8f131e9e9a6ed0866 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Feb 2017 18:36:23 +0100 Subject: m 5 awesomecfg: make taglist clickable --- makefu/5pkgs/awesomecfg/full.cfg | 84 ++++++++++++++++++++++++---------------- 1 file changed, 50 insertions(+), 34 deletions(-) diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg index d780e2a03..8036e5765 100644 --- a/makefu/5pkgs/awesomecfg/full.cfg +++ b/makefu/5pkgs/awesomecfg/full.cfg @@ -101,6 +101,7 @@ browser = "firefox" -- I suggest you to remap Mod4 to another key using xmodmap or other tools. -- However, you can use another modifier like Mod1, but it may interact with others. modkey = "@modkey@" +-- modkey = "Mod4" -- Table of layouts to cover with awful.layout.inc, order matters. awful.layout.layouts = @@ -116,10 +117,24 @@ awful.layout.layouts = -- awful.layout.suit.spiral.dwindle, awful.layout.suit.max, awful.layout.suit.max.fullscreen, --- awful.layout.suit.magnifier, + awful.layout.suit.magnifier, awful.layout.suit.corner.nw } -- }}} +-- {{{ Helper Functions +local function client_menu_toggle_fn() + local instance = nil + + return function () + if instance and instance.wibox.visible then + instance:hide() + instance = nil + else + instance = awful.menu.clients({ theme = { width = 250 } }) + end + end +end +-- }}} -- {{{ Wallpaper if beautiful.wallpaper then @@ -166,50 +181,51 @@ mytextclock = wibox.widget.textclock() -- Create a wibox for each screen and add it mywibox = {} mylayoutbox = {} -mytaglist = {} -mytaglist.buttons = awful.util.table.join( - awful.button({ }, 1, awful.tag.viewonly), - awful.button({ modkey }, 1, awful.client.movetotag), - awful.button({ }, 3, awful.tag.viewtoggle), - awful.button({ modkey }, 3, awful.client.toggletag), - awful.button({ }, 4, function(t) awful.tag.viewnext(awful.tag.getscreen(t)) end), - awful.button({ }, 5, function(t) awful.tag.viewprev(awful.tag.getscreen(t)) end) - ) -mytasklist = {} -mytasklist.buttons = awful.util.table.join( - awful.button({ }, 1, function (c) - if c == client.focus then - c.minimized = true - else - -- Without this, the following - -- :isvisible() makes no sense - c.minimized = false - if not c:isvisible() then - awful.tag.viewonly(c:tags()[1]) - end - -- This will also un-minimize - -- the client, if needed - client.focus = c - c:raise() + +-- Create a wibox for each screen and add it +local taglist_buttons = awful.util.table.join( + awful.button({ }, 1, function(t) t:view_only() end), + awful.button({ modkey }, 1, function(t) + if client.focus then + client.focus:move_to_tag(t) end end), - awful.button({ }, 3, function () - if instance then - instance:hide() - instance = nil - else - instance = awful.menu.clients({ width=250 }) + awful.button({ }, 3, awful.tag.viewtoggle), + awful.button({ modkey }, 3, function(t) + if client.focus then + client.focus:toggle_tag(t) end end), + awful.button({ }, 4, function(t) awful.tag.viewnext(t.screen) end), + awful.button({ }, 5, function(t) awful.tag.viewprev(t.screen) end) + ) + +local tasklist_buttons = awful.util.table.join( + awful.button({ }, 1, function (c) + if c == client.focus then + c.minimized = true + else + -- Without this, the following + -- :isvisible() makes no sense + c.minimized = false + if not c:isvisible() and c.first_tag then + c.first_tag:view_only() + end + -- This will also un-minimize + -- the client, if needed + client.focus = c + c:raise() + end + end), + awful.button({ }, 3, client_menu_toggle_fn()), awful.button({ }, 4, function () awful.client.focus.byidx(1) - if client.focus then client.focus:raise() end end), awful.button({ }, 5, function () awful.client.focus.byidx(-1) - if client.focus then client.focus:raise() end end)) + local function set_wallpaper(s) -- Wallpaper if beautiful.wallpaper then -- cgit v1.2.3 From 268e43841d1e44fd73d2e1f5bd3635bda0cabdb8 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Feb 2017 18:37:15 +0100 Subject: k 3 makefu: introduce -bob, add logging to wry,gum --- krebs/3modules/makefu/default.nix | 4 ++++ makefu/1systems/gum.nix | 3 ++- makefu/1systems/wry.nix | 1 + 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 1e63a26e2..8d2dbfa12 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -920,6 +920,10 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB inherit (makefu) mail pgp; pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOXG6iwvm6zUVk+OE9ZviO+WNosAHSZw4ku0RxWbXSlSG0RfzvV4IfByF3Dw+4a8yZQmjwNkQalUURh2fEqhBLBI9XNEIL7qIu17zheguyXzpE3Smy4pbI+fjdsnfFrw+WE2n/IO8N6ojdH6sMmnWwfkFZYqqofWyLB3WUN9wy2b2z0w/jc56+HxxyTl3rD7CttTs9ak67HqIn3/pNeHoOM+JQ/te8t4ageIlPi8yJJpqZgww1RUWCgPPwZ9DP6gQjo85he76x0h9jvhnFd7m9N1aGdRDcK55QyoY/9x07R24GRutohAB/KDWSkDWQv5BW7M1LCawpJcF3DDslD1i7 makefu@gum"; }; + makefu-bob = { + inherit (makefu) mail pgp; + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+fEK1bCB8cdDiBzXBXEWLFQyp/7xjNGQ5GyqHOtgxxe6Ypb0kAaWJaG3Ak/qI/nToGKwkQJLsuYNA3lZj2rFyBdoxnNO3kRFTc7NoaU5mC2BlHbpmn9dzvgiBoRAKAlzj/022u65SI19AFciKXtwqQfjuB3mPVOFOfCFB2SYjjWb8ffPnHp6PB5KKNLxaVPCbZgOdSju25/wB2lY00W8WIDOTqfbNClQnjkLsUZpTuRnvpHTemKtt1FH+WBZiMwMXRt19rm9LFSO7pvrZjdJz0l1TZVsODkbKZzQzSixoCPmdpPPAYaqrGUQpmukXk0xQtR3E2jEsk+FJv4AkIKqD"; + }; ciko = { mail = "wieczorek.stefan@googlemail.com"; }; diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index 18dc644fd..910493026 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -35,6 +35,7 @@ in { # ../2configs/opentracker.nix ../2configs/logging/central-stats-client.nix + ../2configs/logging/central-logging-client.nix ]; services.smartd.devices = [ { device = "/dev/sda";} ]; @@ -64,7 +65,7 @@ in { # access users.users = { root.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-omo.pubkey ]; - makefu.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ]; + makefu.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey config.krebs.users.makefu-bob.pubkey ]; }; # Chat diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index 9fd329d10..2457ab92e 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -25,6 +25,7 @@ in { # collectd ../2configs/logging/central-stats-client.nix + ../2configs/logging/central-logging-client.nix ../2configs/tinc/retiolum.nix # ../2configs/torrent.nix -- cgit v1.2.3 From 920436365aafe5d02153f2c16919d2a4c5644aaa Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 9 Feb 2017 15:32:37 +0100 Subject: l 2 websites: enable ipv6 on all sites --- lass/2configs/websites/lassulus.nix | 10 ++++++++-- lass/2configs/websites/util.nix | 8 +++++++- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 024d2eeb2..3a8979427 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -110,7 +110,10 @@ in { ''; enableSSL = true; - extraConfig = "listen 80;"; + extraConfig = '' + listen 80; + listen [::]:80; + ''; sslCertificate = "/var/lib/acme/lassul.us/fullchain.pem"; sslCertificateKey = "/var/lib/acme/lassul.us/key.pem"; }; @@ -123,7 +126,10 @@ in { root /var/lib/acme/acme-challenges; ''; enableSSL = true; - extraConfig = "listen 80;"; + extraConfig = '' + listen 80; + listen [::]:80; + ''; sslCertificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; sslCertificateKey = "/var/lib/acme/cgit.lassul.us/key.pem"; }; diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix index 6e236ab63..d596e9db9 100644 --- a/lass/2configs/websites/util.nix +++ b/lass/2configs/websites/util.nix @@ -17,7 +17,10 @@ rec { services.nginx.virtualHosts.${domain} = { enableACME = true; enableSSL = true; - extraConfig = "listen 80;"; + extraConfig = '' + listen 80; + listen [::]:80; + ''; serverAliases = domains; locations."/".extraConfig = '' root /srv/http/${domain}; @@ -35,6 +38,7 @@ rec { serverAliases = domains; extraConfig = '' listen 80; + listen [::]:80; # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; @@ -148,6 +152,8 @@ rec { serverAliases = domains; extraConfig = '' listen 80; + listen [::]:80; + root /srv/http/${domain}/; index index.php; access_log /tmp/nginx_acc.log; -- cgit v1.2.3 From 137c49b847a896009972a3fa7ad2f60358c0a643 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 9 Feb 2017 16:57:45 +0100 Subject: l 1 mors: add ipfs testing stuff --- lass/1systems/mors.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index a5eaaed9d..d0f835c64 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -126,6 +126,10 @@ with import ; # }; # }; #} + { + #ipfs-testing + services.ipfs.enable = true; + } ]; krebs.build.host = config.krebs.hosts.mors; -- cgit v1.2.3 From 51761c3b9ba7c994e269328ab68e71318c9fbc34 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 9 Feb 2017 16:57:54 +0100 Subject: l 2: allow ipv6-icmp --- lass/2configs/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index d1810c00c..2441f1b74 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -202,6 +202,7 @@ with import ; filter.INPUT.rules = [ { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; } { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } + { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; } { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; } -- cgit v1.2.3 From 118084afe153e07d22184f14de3d8fb333231387 Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 9 Feb 2017 22:32:42 +0100 Subject: n 2: update nixpkgs --- nin/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nin/2configs/nixpkgs.nix b/nin/2configs/nixpkgs.nix index 9d73afbe0..27a845bd5 100644 --- a/nin/2configs/nixpkgs.nix +++ b/nin/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "6b28bd0daf00b8e5e370a04347844cb8614138ff"; + ref = "d2cd8a0"; }; } -- cgit v1.2.3 From b381a8b54701378c5d92f1b9c11dd4d3c8deaf93 Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 9 Feb 2017 23:06:49 +0100 Subject: k 3 nin: add cgit alias for onondaga --- krebs/3modules/nin/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/krebs/3modules/nin/default.nix b/krebs/3modules/nin/default.nix index 3231c0e23..d5d13cd1a 100644 --- a/krebs/3modules/nin/default.nix +++ b/krebs/3modules/nin/default.nix @@ -38,6 +38,8 @@ with import ; aliases = [ "onondaga.retiolum" "onondaga.r" + "cgit.onondaga.r" + "cgit.onondaga.retiolum" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- -- cgit v1.2.3 From a947c088b3cb996abc9eb3cb89ffbf7efb0c196c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Feb 2017 10:33:44 +0100 Subject: l 2 nixpkgs: f7b7d8e -> 6651c72 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index aef9dd8b4..ad39848b6 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "f7b7d8e"; + ref = "6651c72"; }; } -- cgit v1.2.3 From 9f90562662f7fffa4aa97c704dd5d27325dbe9b7 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 12 Feb 2017 19:47:36 +0100 Subject: m 1 x: test dnscrypt --- makefu/1systems/x.nix | 6 +++--- makefu/2configs/dnscrypt.nix | 6 ++++++ 2 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 makefu/2configs/dnscrypt.nix diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index adbf372ab..08da92068 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -10,9 +10,10 @@ ../2configs/main-laptop.nix ../2configs/laptop-utils.nix ../2configs/laptop-backup.nix + ../2configs/dnscrypt.nix # testing - ../2configs/openvpn/vpngate.nix + # ../2configs/openvpn/vpngate.nix #../2configs/temp/share-samba.nix # ../2configs/mediawiki.nix # ../2configs/wordpress.nix @@ -26,7 +27,6 @@ #../2configs/elchos/stats.nix #../2configs/elchos/test/ftpservers.nix - ../2configs/laptop-backup.nix # ../2configs/tinc/siem.nix #../2configs/torrent.nix # temporary modules @@ -59,7 +59,7 @@ # hardware specifics are in here ../2configs/hw/tp-x230.nix ../2configs/hw/rtl8812au.nix - ../2configs/hw/bcm4352.nix + # mount points ../2configs/fs/sda-crypto-root-home.nix diff --git a/makefu/2configs/dnscrypt.nix b/makefu/2configs/dnscrypt.nix new file mode 100644 index 000000000..d810456f3 --- /dev/null +++ b/makefu/2configs/dnscrypt.nix @@ -0,0 +1,6 @@ +{ + services.dnscrypt-proxy.enable = true; + networking.extraResolvconfConf = '' + name_servers='127.0.0.1' + ''; +} -- cgit v1.2.3 From 444c3ee42485b97184ad8b457474b61326d6a013 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 12 Feb 2017 20:13:45 +0100 Subject: k 3 m: re-indent --- krebs/3modules/makefu/default.nix | 255 +++++++++++++++++++------------------- 1 file changed, 126 insertions(+), 129 deletions(-) diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 8d2dbfa12..650f7b7a2 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -5,50 +5,50 @@ with import ; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { drop = rec { - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.177.9"; - ip6.addr = "42:f63:ddf8:7520:cfec:9b61:d807:1dce"; - aliases = [ - "drop.retiolum" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA1QxukdeDqI47nm7/gd5Y9dZZbJULA02ak0A2cB4lmysJjgMFAfbl - 6qpH7HCZk6s+4eI7H+UHUF177W7Z1qq3bqGLmlgdMMAzuDNz9UvNLhrthZMp3tCI - GIFD28O1bKgDAYgsF/X21CRqEvgk3vRDp9yqIVIzQDmerOrZUx62Rx9Fssl/7ooW - 0319fxcTw6GZEp7RXNzgIobnWPydakh+/I0inP0rC6It/vM5Hi2bV71QPZUyJ78C - Szh4S8TznW7yMzTQaOENeaUKfqEyN+CW2OomVdWIBOvTJVpvfAut/kg1dyUGgHlT - F8OlAoNAyxCSxqbM0fY0wtqKD7FaYY9cbQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; + cores = 1; + nets = { + retiolum = { + ip4.addr = "10.243.177.9"; + ip6.addr = "42:f63:ddf8:7520:cfec:9b61:d807:1dce"; + aliases = [ + "drop.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA1QxukdeDqI47nm7/gd5Y9dZZbJULA02ak0A2cB4lmysJjgMFAfbl + 6qpH7HCZk6s+4eI7H+UHUF177W7Z1qq3bqGLmlgdMMAzuDNz9UvNLhrthZMp3tCI + GIFD28O1bKgDAYgsF/X21CRqEvgk3vRDp9yqIVIzQDmerOrZUx62Rx9Fssl/7ooW + 0319fxcTw6GZEp7RXNzgIobnWPydakh+/I0inP0rC6It/vM5Hi2bV71QPZUyJ78C + Szh4S8TznW7yMzTQaOENeaUKfqEyN+CW2OomVdWIBOvTJVpvfAut/kg1dyUGgHlT + F8OlAoNAyxCSxqbM0fY0wtqKD7FaYY9cbQIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; + }; }; fileleech = rec { - cores = 4; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech"; - nets = { - retiolum = { - ip4.addr = "10.243.113.98"; - ip6.addr = "42:5cf1:e7f2:3fd:cd4c:a1ee:ec71:7096"; - aliases = [ - "fileleech.retiolum" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA2W20+jYvuFUjPQ+E+7Xlabf8fW/XSnTTelfo2uRcJ3FMLYQ9H3rF - 8L8StPmxn8Q20FFH/MvRmgW8pU9z4RQ3nAi+utVYqAJQtOYA9FPMxssC08w82r0K - YC6sgc9MeRjnCjQxQrQs4fqA6KpqSLxRf2c6kfNwYRgCxFMns2ncxOiPOoGLZait - nJR3m0cSRm8yCTMbznlGH99+5+3HgvuBE/UYXmmGBs7w8DevaX76butzprZ8fm4z - e5C7R9ofdVW70GGksfSI81y5xODWMbfjTRHKm4OBX7NOCiOTwx1wu8bYDN3EzN6V - UM5PJfU42sViPEZmVuC8cDcP1xemHTkh9QIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; + cores = 4; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech"; + nets = { + retiolum = { + ip4.addr = "10.243.113.98"; + ip6.addr = "42:5cf1:e7f2:3fd:cd4c:a1ee:ec71:7096"; + aliases = [ + "fileleech.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA2W20+jYvuFUjPQ+E+7Xlabf8fW/XSnTTelfo2uRcJ3FMLYQ9H3rF + 8L8StPmxn8Q20FFH/MvRmgW8pU9z4RQ3nAi+utVYqAJQtOYA9FPMxssC08w82r0K + YC6sgc9MeRjnCjQxQrQs4fqA6KpqSLxRf2c6kfNwYRgCxFMns2ncxOiPOoGLZait + nJR3m0cSRm8yCTMbznlGH99+5+3HgvuBE/UYXmmGBs7w8DevaX76butzprZ8fm4z + e5C7R9ofdVW70GGksfSI81y5xODWMbfjTRHKm4OBX7NOCiOTwx1wu8bYDN3EzN6V + UM5PJfU42sViPEZmVuC8cDcP1xemHTkh9QIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; + }; }; pnp = { @@ -123,16 +123,16 @@ with import ; aliases = [ "ossim.siem" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAv5qv9R3E1AHJOhTnHJ2E5zWjItRdXSw/inpz/W+KcBeM/HSG0XEl - RyGAwty7VP4CiLp7CagWmtVsz/5ytnXJzLDeRLn5t+KzO6am0aOpvAt6ZggZXPhL - cQkn4IGi1TJE5tw+lzabBkUZm3zD1KEXpqJeZ6spA4e9lB/+T3Tx23g9WDEOKand - mAJrsdsvTCIiVJefidOAmgeZVVOV3ltBonNP1nqEy+5v4B3EBT/Uj7ImL2aRj/pd - dPs6dGV2LqSQvnrSbFZzuKVXKpD1M+wgT/5NQk/hVJJxBQC6rxvpg1XyQkepcLWL - WjvogOl4NjXStmKDX2+gPPFx6XTmwDenOwIDAQAB - -----END RSA PUBLIC KEY----- - ''; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAv5qv9R3E1AHJOhTnHJ2E5zWjItRdXSw/inpz/W+KcBeM/HSG0XEl + RyGAwty7VP4CiLp7CagWmtVsz/5ytnXJzLDeRLn5t+KzO6am0aOpvAt6ZggZXPhL + cQkn4IGi1TJE5tw+lzabBkUZm3zD1KEXpqJeZ6spA4e9lB/+T3Tx23g9WDEOKand + mAJrsdsvTCIiVJefidOAmgeZVVOV3ltBonNP1nqEy+5v4B3EBT/Uj7ImL2aRj/pd + dPs6dGV2LqSQvnrSbFZzuKVXKpD1M+wgT/5NQk/hVJJxBQC6rxvpg1XyQkepcLWL + WjvogOl4NjXStmKDX2+gPPFx6XTmwDenOwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; }; }; @@ -169,7 +169,7 @@ with import ; XGzTT4TJpBGnq0jfhFwhVjfCjLuGj29MCkvg0nqObQ07qYrjdQI4W1GnGOuyXkvQ teyxjUXYbp0doTGxKvQaTWp+JapeEaJPN2MDOhrRFjPrzgo3aW9+97UCAwEAAQ== -----END RSA PUBLIC KEY----- - ''; + ''; }; }; }; @@ -228,16 +228,15 @@ with import ; "vbob.retiolum" ]; tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA+0TIo0dS9LtSdrmH0ClPHLO7dHtV9Dj7gaBAsbyuwxAI5cQgYKwr - 4G6t7IcJW+Gu2bh+LKtPP91+zYXq4Qr1nAaKw4ajsify6kpxsCBzknmwi6ibIJMI - AK114dr/XSk/Pc6hOSA8kqDP4c0MZXwitRBiNjrWbTrQh6GJ3CXhmpZ2lJkoAyNP - hjdPerbTUrhQlNW8FanyQQzOgN5I7/PXsZShmb3iNKz1Ban5yWKFCVpn8fjWQs5o - Un2AKowH4Y+/g8faGemL8uy/k5xrHSrn05L92TPDUpAXrcZXzo6ao1OBiwJJVl7s - AVduOY18FU82GUw7edR0e/b2UC6hUONflwIDAQAB - -----END RSA PUBLIC KEY----- - - ''; + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA+0TIo0dS9LtSdrmH0ClPHLO7dHtV9Dj7gaBAsbyuwxAI5cQgYKwr + 4G6t7IcJW+Gu2bh+LKtPP91+zYXq4Qr1nAaKw4ajsify6kpxsCBzknmwi6ibIJMI + AK114dr/XSk/Pc6hOSA8kqDP4c0MZXwitRBiNjrWbTrQh6GJ3CXhmpZ2lJkoAyNP + hjdPerbTUrhQlNW8FanyQQzOgN5I7/PXsZShmb3iNKz1Ban5yWKFCVpn8fjWQs5o + Un2AKowH4Y+/g8faGemL8uy/k5xrHSrn05L92TPDUpAXrcZXzo6ao1OBiwJJVl7s + AVduOY18FU82GUw7edR0e/b2UC6hUONflwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; }; ssh.privkey.path = ; @@ -278,7 +277,7 @@ with import ; DdJadpzOcEgFatzXP3SoKVV9loRHz5HhV4WtAqBIkDvgjj2j+NnXolAUY25Ix+kv sfqfIw5aNLoIX4kDhuDEVBIyoc7/ofSbkQIDAQAB -----END RSA PUBLIC KEY----- - ''; + ''; }; }; }; @@ -353,7 +352,7 @@ with import ; ip6.addr = "42:4b0b:d990:55ba:8da8:630f:dc0e:aae0"; aliases = [ "filepimp.retiolum" - "filepimp.r" + "filepimp.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -364,7 +363,7 @@ with import ; UN0duBz/faRcl6IRytZOuHaIp30eJ4850ZK8RPz/Dqqj+USMFq60i0oMsuAi/ljB 8b+eQBt6OXu4MSntxoR8Ja7ht+EOTDnBOwIDAQAB -----END RSA PUBLIC KEY----- - ''; + ''; }; }; }; @@ -389,15 +388,15 @@ with import ; "stats.makefu.r" ]; tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAuHQEeowvxRkoHJUw6cUp431pnoIy4MVv7kTLgWEK46nzgZtld9LM - ZdNMJB9CuOVVMHEaiY6Q5YchUmapGxwEObc0y+8zQxTPw3I4q0GkSJqKLPrsTpkn - sgEkHPfs2GVdtIBXDn9I8i5JsY2+U8QF8fbIQSOO08/Vpa3nknDAMege9yEa3NFm - s/+x+2pS+xV6uzf/H21XNv0oufInXwZH1NCNXAy5I2V6pz7BmAHilVOGCT7g2zn6 - GasmofiYEnro4V5s8gDlQkb7bCZEIA9EgX/HP6fZJQezSUHcDCQFI0vg26xywbr6 - 5+9tTn8fN2mWS5+Pdmx3haX1qFcBP5HglwIDAQAB - -----END RSA PUBLIC KEY----- - ''; + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAuHQEeowvxRkoHJUw6cUp431pnoIy4MVv7kTLgWEK46nzgZtld9LM + ZdNMJB9CuOVVMHEaiY6Q5YchUmapGxwEObc0y+8zQxTPw3I4q0GkSJqKLPrsTpkn + sgEkHPfs2GVdtIBXDn9I8i5JsY2+U8QF8fbIQSOO08/Vpa3nknDAMege9yEa3NFm + s/+x+2pS+xV6uzf/H21XNv0oufInXwZH1NCNXAy5I2V6pz7BmAHilVOGCT7g2zn6 + GasmofiYEnro4V5s8gDlQkb7bCZEIA9EgX/HP6fZJQezSUHcDCQFI0vg26xywbr6 + 5+9tTn8fN2mWS5+Pdmx3haX1qFcBP5HglwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; }; ssh.privkey.path = ; @@ -428,18 +427,18 @@ with import ; ip4.addr = "10.243.214.15"; ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"; aliases = [ - "wbob.retiolum" + "wbob.retiolum" ]; tinc.pubkey = '' ------BEGIN RSA PUBLIC KEY----- -MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e -QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal -cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8 -khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs -rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9 -TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB ------END RSA PUBLIC KEY----- -''; + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e + QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal + cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8 + khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs + rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9 + TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; }; }; @@ -487,7 +486,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB u5l+G8wX+UbDI85VSDAtOP4QaSFzLL+U0aaDAmq0NO1QiODJoCo0iPhULZQTFZUa OMDYHHfqzluEI7n8ENI4WwchDXH+MstsgwIDAQAB -----END RSA PUBLIC KEY----- - ''; + ''; }; }; ssh.privkey.path = ; @@ -538,7 +537,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB +DAH8t1YusYi7ICHcYt5J1p0ZGizcs8oEnZLBy4D+bJX86g7zbix1lZ37LxDCpQ5 uCoAYFes7QqLVDYhucZ5ElRWdATM2mBtZwIDAQAB -----END RSA PUBLIC KEY----- - ''; + ''; }; }; }; @@ -551,8 +550,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB ip4.addr = "10.243.83.237"; ip6.addr = "42:af50:99cf:c185:f1a8:14d5:acb:8101"; aliases = [ - "sdev.retiolum" - "sdev.r" + "sdev.retiolum" + "sdev.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -569,7 +568,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB }; - # non-stockholm +# non-stockholm flap = rec { cores = 1; @@ -602,7 +601,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB hGgQMjHFOdKaLyatZOx6Pq4jAna+kiJoq3mVDsB4rcjLuz8XkAUZmVpe5fXAG4hr Ig8l/SI6ilu0zCWNSJ/v3wUzksm0P9AJkwIDAQAB -----END RSA PUBLIC KEY----- - ''; + ''; }; }; }; @@ -819,32 +818,30 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB }; }; tcac-0-1 = rec { - cores = 1; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcX7rlGmGp1zCStrERXZ3XuT/j69FDBXV4ceLn9RXsG tcac-0-1 - "; - nets = { - retiolum = { - ip4.addr = "10.243.144.142"; - ip6.addr = "42:4bf8:94b:eec5:69e2:c837:686e:f278"; - aliases = [ - "tcac-0-1.retiolum" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA+3zuZa8FhFBcUNdNGyTQph6Jes0WDQB4CDcEcnK9okP60Z0ONq8j - 7sKmxzQ43WFm04fd992Aa/KLbYBbXmGtYuu68DQwQGwk3HVNksp6ha7uVK1ibgNs - zJIKizpFqK4NAYit0OfAy7ugVSvtyIxg9CDhnASDZ5NRq8/OLhvo5M4c3r3lGOlO - Hv1nf4Tl2IYRln3c+AJEiw2369K46mRlt28yHeKUw1ur6hrbahnkYW+bjeliROIs - QLp8J8Jl6evtPOyZpgyGHLQ/WPsQRK5svVA9ou17R//m4KNL1kBjTfxs7GaJWHLl - HpSZTqRKsuK6K9R6kzu7NU81Wz0HXxw/qwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; + cores = 1; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcX7rlGmGp1zCStrERXZ3XuT/j69FDBXV4ceLn9RXsG tcac-0-1 + "; + nets = { + retiolum = { + ip4.addr = "10.243.144.142"; + ip6.addr = "42:4bf8:94b:eec5:69e2:c837:686e:f278"; + aliases = [ + "tcac-0-1.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA+3zuZa8FhFBcUNdNGyTQph6Jes0WDQB4CDcEcnK9okP60Z0ONq8j + 7sKmxzQ43WFm04fd992Aa/KLbYBbXmGtYuu68DQwQGwk3HVNksp6ha7uVK1ibgNs + zJIKizpFqK4NAYit0OfAy7ugVSvtyIxg9CDhnASDZ5NRq8/OLhvo5M4c3r3lGOlO + Hv1nf4Tl2IYRln3c+AJEiw2369K46mRlt28yHeKUw1ur6hrbahnkYW+bjeliROIs + QLp8J8Jl6evtPOyZpgyGHLQ/WPsQRK5svVA9ou17R//m4KNL1kBjTfxs7GaJWHLl + HpSZTqRKsuK6K9R6kzu7NU81Wz0HXxw/qwIDAQAB + -----END RSA PUBLIC KEY----- + ''; }; + }; }; - - } // { # hosts only maintained in stockholm, not owned by me muhbaasu = rec { owner = config.krebs.users.root; @@ -878,23 +875,23 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB tpsw = { cores = 2; owner = config.krebs.users.ciko; # main laptop - nets = { - retiolum = { - ip4.addr = "10.243.183.236"; - ip6.addr = "42:8ca8:d2e4:adf6:5c0f:38cb:e9ef:eb3c"; - aliases = [ "tpsw.r" "tpsw.retiolum" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ - Poczl57j2Z+4bonkTrJmsNtSaQLPKYH4H1qfo/lwz7nqEpPi3Xp4Fgts23w36eML - WBvbw0fQO9R8zZJIIdRkJ2qqlhZiTlor1Gtlm8Z1RmpKkhL9O6Yzj94VhGLhABVl - OsaF2M3PgXJMiLry67jzbAs3+mVaT3iBTzWOaOyREjKQEUg9B9IDxrmZMSWqdXZM - 0wfzaCjS40jD73m7tqi7W3tXzAUP4mEeUqkC+NC2Zgm/lJ5B1KPx7AyNqtRLsBLd - pIdJs6ng63WV1fyHYUWMYqZk9zB/tQ0b0wIDAQAB - -----END RSA PUBLIC KEY----- - ''; + nets = { + retiolum = { + ip4.addr = "10.243.183.236"; + ip6.addr = "42:8ca8:d2e4:adf6:5c0f:38cb:e9ef:eb3c"; + aliases = [ "tpsw.r" "tpsw.retiolum" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ + Poczl57j2Z+4bonkTrJmsNtSaQLPKYH4H1qfo/lwz7nqEpPi3Xp4Fgts23w36eML + WBvbw0fQO9R8zZJIIdRkJ2qqlhZiTlor1Gtlm8Z1RmpKkhL9O6Yzj94VhGLhABVl + OsaF2M3PgXJMiLry67jzbAs3+mVaT3iBTzWOaOyREjKQEUg9B9IDxrmZMSWqdXZM + 0wfzaCjS40jD73m7tqi7W3tXzAUP4mEeUqkC+NC2Zgm/lJ5B1KPx7AyNqtRLsBLd + pIdJs6ng63WV1fyHYUWMYqZk9zB/tQ0b0wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; }; - }; }; }; users = rec { -- cgit v1.2.3 From a3e7e4f2baa1cc8d8180c50fd530ff0ea2cc0086 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 12 Feb 2017 20:25:06 +0100 Subject: k 3 {m,l}: mv paste.krebsco.de --- krebs/3modules/lass/default.nix | 10 +++++++++- krebs/3modules/makefu/default.nix | 3 --- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 0b67abd11..6ab8ede56 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -73,13 +73,21 @@ with import ; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL21QDOEFdODFh6WAfNp6odrXo15pEsDQuGJfMu/cKzK"; }; - prism = { + prism = rec { cores = 4; + extraZones = { + "krebsco.de" = '' + prism IN A ${nets.internet.ip4.addr} + paste IN A ${nets.internet.ip4.addr} + ''; + }; nets = rec { internet = { ip4.addr = "213.239.205.240"; aliases = [ "prism.internet" + "paste.i" + "paste.internet" ]; ssh.port = 45621; }; diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 650f7b7a2..489f62b65 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -290,7 +290,6 @@ with import ; wry IN A ${nets.internet.ip4.addr} io IN NS wry.krebsco.de. graphs IN A ${nets.internet.ip4.addr} - paste 60 IN A ${nets.internet.ip4.addr} tinc IN A ${nets.internet.ip4.addr} ''; }; @@ -299,9 +298,7 @@ with import ; ip4.addr = "104.233.87.86"; aliases = [ "wry.i" - "paste.i" "wry.internet" - "paste.internet" ]; }; retiolum = { -- cgit v1.2.3 From bf8a886c20887d39d856854b1e9186657543c400 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Feb 2017 21:29:34 +0100 Subject: k 3 l: update lass@icarus ssh key --- krebs/3modules/lass/ssh/icarus.rsa | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/lass/ssh/icarus.rsa b/krebs/3modules/lass/ssh/icarus.rsa index da99fcfdf..e3cb74081 100644 --- a/krebs/3modules/lass/ssh/icarus.rsa +++ b/krebs/3modules/lass/ssh/icarus.rsa @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDz97C5WVGXgKZ3I7FMvL4TyUv+0rsrSOGI7jj5uQaaHx0SSR0V4tnZtv2hXYrfnkaPHwu2PYUeeUdMBHfbZS6l2dmaXRI9f2WG7182G3IUskMktpi84DMyh0kwK2pWmHoS+Kwo//q+lu4WXIRy4X5wVMVpPT1Oc7boDtqJt4rK8uZkuVmVzGi+5SFaBxspCsdZsX/uDWOeC4/U2l+2Pd4YYl8UdmgN3bJceKTwqKIcbK7AL91My0jrnRSU6XLuED0hcVKzjkjc6bcj1R+Mlch9cflsMQV8TfT6p7VGGvUOtVwhG1+CjraHfilzFn76wINClsQXF/ncKrGabTEWO3zTi12ukAzL2/B0IB0q61tror9uYqeI74WgLjwhnuF98hUL7hnqgV3KB1ytpt6yzXqf1Uz784z9dh0n9r0fLTkeTDbJ4uOz1XzpmAMRwuo0o7/Op7rRBLHohu2Tp6AV8sISKJN5hDGe0wD6861pH9ZrRBiUux6uylzfWp2qrZmERnk0brBl+oDQNhKs3Z0CZmLG4DZWMc5pxpQ5751/8bb6nEorg2ulDZ/h+G3myC+9Zbc/owb/HHOGOBMEpyYYYMvYAfchu50e4xtHd+wMqzFxzjfcM7u6dTdyDEXi6+TFXKBEZyvaAhW2J27HKj4iK6Td2GyK59myPG6OtCnIbw9BPw== lass@icarus +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDm4qnRU8/Zyb+7x/QxW1grN+i1qcN39Sr/TSkBdccAPyfPdk8ph/G+wZKgsyr9sl5CgbA4hOsqDBN97dp4dKghKARuk0GldHDgo+2odWwBTa4EOSmE4Bfj3z7r9tW33Y+ujy55L4w5Qw21lj51mbhc0qvC/03xypEeKsLM0RtNAf8TsdGMPGmbha7uCF75VjFJvrHysbjonh6ZQ+Or8N0MSNABZ9oawJQxxBUqtLFhnq20zCJmm281f9GS/EaGYwcpOjiHd4fj3XWyfEIJRK/LRBZXkidvVDN7mhOQY3G+qiGZfPeyged9CRDRFoc5QbZ43NtrmPS+yUtjHQZKynkjI0lA00fegRzb0FkEJmYSy1Vdqgj338CjNwcuTaKJTw2EotMqMuHyk1FllnphafJtgMTMLIGoZRTpJpC91gbP0MGTnRoCwD4McZcz1YD3cxng101QsLsDv/FPxzbyxr+P6rjBB6eP6IhP4k4ALjWzoMURdCo1BW4//zt+PXImUpcX2+urtAMmVBQ8BwZry1hsEcR+r6C1Yb+jzeWGnvtfjXSFv+ZjpA0eEnqeKeh3LDCxybjkok51zdTe97EZ0sDAnKcnrVzpXJwehY02E2N9Sw1HhvWIUUulr09a2bC2rYR7HWryOjaEzT2aKmUyrxPkflCawB8gn2iSbVMWK74VJw== lass@icarus -- cgit v1.2.3 From baf325a8d8542dd6fef6cc7b97fd3211c5b174f5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Feb 2017 22:30:46 +0100 Subject: l 2: add dnscrypt as default --- lass/2configs/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 2441f1b74..2292b5ce3 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -62,6 +62,12 @@ with import ; pkgs.pythonPackages.python ]; } + { + services.dnscrypt-proxy.enable = true; + networking.extraResolvconfConf = '' + name_servers='127.0.0.1' + ''; + } ]; networking.hostName = config.krebs.build.host.name; -- cgit v1.2.3 From bfcf167c38925f5e12619d7afe8565d7df03194b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 09:44:18 +0100 Subject: l: remove obsolete page --- lass/1systems/prism.nix | 1 - lass/2configs/websites/wohnprojekt-rhh.de.nix | 23 ----------------------- 2 files changed, 24 deletions(-) delete mode 100644 lass/2configs/websites/wohnprojekt-rhh.de.nix diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index c0c22a0de..5c6a59c7b 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -164,7 +164,6 @@ in { } { imports = [ - ../2configs/websites/wohnprojekt-rhh.de.nix ../2configs/websites/domsen.nix ../2configs/websites/lassulus.nix ]; diff --git a/lass/2configs/websites/wohnprojekt-rhh.de.nix b/lass/2configs/websites/wohnprojekt-rhh.de.nix deleted file mode 100644 index 0c409ca87..000000000 --- a/lass/2configs/websites/wohnprojekt-rhh.de.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, pkgs, lib, ... }: - -let - inherit (import ) - genid - ; - inherit (import {inherit lib pkgs;}) - ssl - servePage - ; -in { - imports = [ - ( ssl [ "wohnprojekt-rhh.de" ]) - ( servePage [ "wohnprojekt-rhh.de" ]) - ]; - - users.users.laura = { - home = "/srv/http/wohnprojekt-rhh.de"; - createHome = true; - useDefaultShell = true; - }; -} - -- cgit v1.2.3 From 632b194ad35ad49e3e09935c66f1ae52f93e34f4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 14:31:26 +0100 Subject: add krebs.monit --- krebs/3modules/default.nix | 1 + krebs/3modules/monit.nix | 116 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 117 insertions(+) create mode 100644 krebs/3modules/monit.nix diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index e0810ab63..f336c966f 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -22,6 +22,7 @@ let ./go.nix ./iptables.nix ./kapacitor.nix + ./monit.nix ./newsbot-js.nix ./nginx.nix ./nixpkgs.nix diff --git a/krebs/3modules/monit.nix b/krebs/3modules/monit.nix new file mode 100644 index 000000000..5191a1754 --- /dev/null +++ b/krebs/3modules/monit.nix @@ -0,0 +1,116 @@ +{ config, lib, pkgs, ... }: + +with builtins; +with import ; + +let + cfg = config.krebs.monit; + + out = { + options.krebs.monit = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "monit"; + http = { + enable = mkEnableOption "monit http server"; + port = mkOption { + type = types.int; + default = 9093; + }; + user = mkOption { + type = types.str; + default = "krebs"; + }; + pass = mkOption { + type = types.str; + default = "bob"; + }; + }; + user = mkOption { + type = types.user; + default = { + name = "monit"; + }; + }; + group = mkOption { + type = types.group; + default = { + name = "monitor"; + }; + }; + extraConfig = mkOption { + type = types.attrs; + default = {}; + }; + alarms = mkOption { + default = {}; + type = with types; attrsOf (submodule { + options = { + test = mkOption { + type = path; + }; + alarm = mkOption { + type = path; + }; + interval = mkOption { + type = str; + default = "10"; + }; + }; + }); + }; + }; + + imp = let + configFile = pkgs.writeText "monit.cfg" '' + ${optionalString cfg.http.enable '' + set httpd port ${toString cfg.http.port} + allow ${cfg.http.user}:${cfg.http.pass} + ''} + set daemon 10 + + ${concatStringsSep "\n" (mapAttrsToList (name: alarm: '' + check program ${name} with path "${alarm.test}" + every 10 cycles + if status != 0 then exec "${alarm.alarm}" + '') cfg.alarms)} + ''; + in { + environment.etc = [ + { + source = configFile; + target = "monit.conf"; + mode = "0400"; + uid = config.users.users.${cfg.user.name}.uid; + } + ]; + users = { + groups.${cfg.group.name} = { + inherit (cfg.group) name gid; + }; + users.${cfg.user.name} = { + inherit (cfg.user) home name uid; + createHome = true; + group = cfg.group.name; + }; + }; + + systemd.services.monit = { + description = "monit"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + restartIfChanged = true; + + serviceConfig = { + Restart = "always"; + User = cfg.user.name; + ExecStart = "${pkgs.monit}/bin/monit -I -c /etc/monit.conf"; + # Monit should restart when the config changes + ExecStartPre = "${pkgs.coreutils}/bin/echo ${configFile}"; + }; + }; + }; +in out -- cgit v1.2.3 From fe46163e586b2b19126fffd1a7710e1b61349389 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 14:32:00 +0100 Subject: l 2 monitoring: add monit-alarms --- lass/2configs/monitoring/monit-alarms.nix | 34 +++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 lass/2configs/monitoring/monit-alarms.nix diff --git a/lass/2configs/monitoring/monit-alarms.nix b/lass/2configs/monitoring/monit-alarms.nix new file mode 100644 index 000000000..a85738538 --- /dev/null +++ b/lass/2configs/monitoring/monit-alarms.nix @@ -0,0 +1,34 @@ +{pkgs, config, ...}: +with import ; +let + echoToIrc = msg: + pkgs.writeDash "echo_irc" '' + set -euf + export LOGNAME=prism-alarm + ${pkgs.irc-announce}/bin/irc-announce \ + ni.r 6667 prism-alarm \#retiolum "${msg}" >/dev/null + ''; + +in { + krebs.monit = { + enable = true; + http.enable = true; + alarms.nirwanabluete = { + test = "${pkgs.curl}/bin/curl -sf 'https://nirwanabluete.de/'"; + alarm = echoToIrc "test nirwanabluete failed"; + }; + alarms.ubik = { + test = "${pkgs.curl}/bin/curl -sf 'https://ubikmedia.de'"; + alarm = echoToIrc "test ubik failed"; + }; + alarms.hfos = { + test = "${pkgs.curl}/bin/curl -sf --insecure 'https://hfos.hackerfleet.de'"; + alarm = echoToIrc "test hfos failed"; + }; + alarms.cac-panel = { + test = "${pkgs.curl}/bin/curl -sf 'https://panel.cloudatcost.com/login.php'"; + alarm = echoToIrc "test cac-panel failed"; + }; + }; +} + -- cgit v1.2.3 From 045fe83273e1849354d63fdfe955e98f48673c91 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 14:33:47 +0100 Subject: l 3 monit: implement alarm interval --- krebs/3modules/monit.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/monit.nix b/krebs/3modules/monit.nix index 5191a1754..4d4066ae4 100644 --- a/krebs/3modules/monit.nix +++ b/krebs/3modules/monit.nix @@ -73,7 +73,7 @@ let ${concatStringsSep "\n" (mapAttrsToList (name: alarm: '' check program ${name} with path "${alarm.test}" - every 10 cycles + every ${alarm.interval} cycles if status != 0 then exec "${alarm.alarm}" '') cfg.alarms)} ''; -- cgit v1.2.3 From 8281365719165547a08cadc37b2c3ff08a119846 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 16:16:01 +0100 Subject: l 1 mors: add krebszones --- lass/1systems/mors.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index d0f835c64..1ad9cd4bd 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -130,6 +130,11 @@ with import ; #ipfs-testing services.ipfs.enable = true; } + { + environment.systemPackages = [ + pkgs.krebszones + ]; + } ]; krebs.build.host = config.krebs.hosts.mors; -- cgit v1.2.3 From 024ea6d7f9e6cbca2fe2d5e171cec1d65929258b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 16:44:21 +0100 Subject: k 5 buildbot: update to 0.9.4 --- krebs/5pkgs/buildbot/default.nix | 8 +++---- krebs/5pkgs/buildbot/irc_messages.patch | 40 --------------------------------- krebs/5pkgs/buildbot/worker.nix | 4 ++-- 3 files changed, 5 insertions(+), 47 deletions(-) delete mode 100644 krebs/5pkgs/buildbot/irc_messages.patch diff --git a/krebs/5pkgs/buildbot/default.nix b/krebs/5pkgs/buildbot/default.nix index 2e14b6b63..37eea5fd9 100644 --- a/krebs/5pkgs/buildbot/default.nix +++ b/krebs/5pkgs/buildbot/default.nix @@ -3,10 +3,10 @@ pythonPackages.buildPythonApplication (rec { name = "${pname}-${version}"; pname = "buildbot"; - version = "0.9.1"; + version = "0.9.4"; src = fetchurl { url = "mirror://pypi/b/${pname}/${name}.tar.gz"; - sha256 = "1kk4dlkk4rznwid9xykq2lbzksvkcr4r5kmz9hgh5hswdzv8bwx9"; + sha256 = "0wklrn4fszac9wi8zw3vbsznwyff6y57cz0i81zvh46skb6n3086"; }; doCheck = false; buildInputs = with pythonPackages; [ @@ -22,6 +22,7 @@ pythonPackages.buildPythonApplication (rec { pylint astroid pyflakes + pyjwt ]; propagatedBuildInputs = with pythonPackages; [ @@ -55,9 +56,6 @@ pythonPackages.buildPythonApplication (rec { ] ++ plugins; - patchPhase = '' - patch -p1 < ${./irc_messages.patch} - ''; preInstall = '' # writes out a file that can't be read properly sed -i.bak -e '69,84d' buildbot/test/unit/test_www_config.py diff --git a/krebs/5pkgs/buildbot/irc_messages.patch b/krebs/5pkgs/buildbot/irc_messages.patch deleted file mode 100644 index ab8597dbd..000000000 --- a/krebs/5pkgs/buildbot/irc_messages.patch +++ /dev/null @@ -1,40 +0,0 @@ -diff --git a/buildbot/reporters/words.py b/master/buildbot/reporters/words.py -index a65147b..bf44118 100644 ---- a/buildbot/reporters/words.py -+++ b/buildbot/reporters/words.py -@@ -550,14 +550,15 @@ class Contact(service.AsyncService): - - if self.useRevisions: - revisions = yield self.getRevisionsForBuild(build) -- r = "Hey! build %s containing revision(s) [%s] is complete: %s" % \ -+ r = "Build %s containing revision(s) [%s] is complete: %s" % \ - (builderName, ','.join(revisions), results[0]) - else: -- r = "Hey! build %s #%d is complete: %s" % \ -+ r = "Build %s #%d is complete: %s" % \ - (builderName, buildNumber, results[0]) - - r += ' [%s]' % maybeColorize(build['state_string'], - results[1], self.useColors) -+ r += " - %s" % self.master.status.getURLForBuild(builder['builderid'],buildNumber) - self.send(r) - - # FIXME: where do we get the list of changes for a build ? -@@ -622,14 +623,15 @@ class Contact(service.AsyncService): - results = self.getResultsDescriptionAndColor(build['results']) - if self.useRevisions: - revisions = yield self.getRevisionsForBuild(build) -- r = "Hey! build %s containing revision(s) [%s] is complete: %s" % \ -+ r = "Build %s containing revision(s) [%s] is complete: %s" % \ - (builder_name, ','.join(revisions), results[0]) - else: -- r = "Hey! build %s #%d is complete: %s" % \ -+ r = "Build %s #%d is complete: %s" % \ - (builder_name, buildnum, results[0]) - - r += ' [%s]' % maybeColorize(build['state_string'], - results[1], self.useColors) -+ r += " - %s" % self.master.status.getURLForBuild(builder['builderid'],buildNumber) - self.send(r) - - # FIXME: where do we get the base_url? Then do we use the build Link to diff --git a/krebs/5pkgs/buildbot/worker.nix b/krebs/5pkgs/buildbot/worker.nix index c100de5d2..34e526858 100644 --- a/krebs/5pkgs/buildbot/worker.nix +++ b/krebs/5pkgs/buildbot/worker.nix @@ -2,12 +2,12 @@ pythonPackages.buildPythonApplication (rec { name = "${pname}-${version}"; pname = "buildbot-worker"; - version = "0.9.1"; + version = "0.9.4"; doCheck = false; src = fetchurl { url = "mirror://pypi/b/${pname}/${name}.tar.gz"; - sha256 = "00p9l1qz6mx12npjwsycp8f9a8f2har15ig79pfsg8z7a7yw93hx"; + sha256 = "0rdrr8x7sn2nxl51p6h9ad42s3c28lb6sys84zrg0d7fm4zhv7hj"; }; buildInputs = with pythonPackages; [ setuptoolsTrial mock ]; -- cgit v1.2.3 From 0c7740b6e47cf77e155cdd7fc1ae4c0f187e45bb Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 17:17:44 +0100 Subject: l 1 mors: remove dead icinga code --- lass/1systems/mors.nix | 50 -------------------------------------------------- 1 file changed, 50 deletions(-) diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 1ad9cd4bd..bffb08ad3 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -76,56 +76,6 @@ with import ; { services.redis.enable = true; } - #{ - # #gitit magic - # imports = [ ]; - # services.gitit = { - # enable = true; - # haskellPackages = pkgs.haskell.packages.ghc7103; - # }; - #} - #{ - # lass.icinga2 = { - # enable = true; - # configFiles = [ - # '' - # template Service "generic-service" { - # max_check_attempts = 3 - # check_interval = 5m - # retry_interval = 1m - # enable_perfdata = true - # } - # apply Service "ping4" { - # } - # '' - # ]; - # }; - # services.mysql = { - # enable = true; - # package = pkgs.mariadb; - # rootPassword = "/mysql_rootPassword"; - # }; - # lass.icingaweb2 = { - # enable = true; - # initialRootPasswordHash = "$1$HpWDCehI$ITbAoyfOB6HEN1ftooxZq0"; - # resources = { - # icinga2db = { - # type = "mysql"; - # host = "localhost"; - # user = "icingaweb2"; - # db = "icinga"; - # passfile = ; - # }; - # icingaweb2db = { - # type = "mysql"; - # host = "localhost"; - # user = "icingaweb2"; - # db = "icingaweb2"; - # passfile = ; - # }; - # }; - # }; - #} { #ipfs-testing services.ipfs.enable = true; -- cgit v1.2.3 From 08973e5e00cf27b0548c4924ab4afe1768d79217 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 17:17:55 +0100 Subject: l 1 prism: import monit-alarms --- lass/1systems/prism.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 5c6a59c7b..a62b5cd75 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -44,6 +44,7 @@ in { ../2configs/hfos.nix ../2configs/makefu-sip.nix ../2configs/monitoring/server.nix + ../2configs/monitoring/monit-alarms.nix { imports = [ ../2configs/bepasty.nix -- cgit v1.2.3 From 6dabaf5afef5767eedbaadcba8e3e06e46c645a4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 20:56:34 +0100 Subject: l 2 monit: add radio test --- lass/2configs/monitoring/monit-alarms.nix | 40 +++++++++++++++++++------------ 1 file changed, 25 insertions(+), 15 deletions(-) diff --git a/lass/2configs/monitoring/monit-alarms.nix b/lass/2configs/monitoring/monit-alarms.nix index a85738538..d14275c17 100644 --- a/lass/2configs/monitoring/monit-alarms.nix +++ b/lass/2configs/monitoring/monit-alarms.nix @@ -13,21 +13,31 @@ in { krebs.monit = { enable = true; http.enable = true; - alarms.nirwanabluete = { - test = "${pkgs.curl}/bin/curl -sf 'https://nirwanabluete.de/'"; - alarm = echoToIrc "test nirwanabluete failed"; - }; - alarms.ubik = { - test = "${pkgs.curl}/bin/curl -sf 'https://ubikmedia.de'"; - alarm = echoToIrc "test ubik failed"; - }; - alarms.hfos = { - test = "${pkgs.curl}/bin/curl -sf --insecure 'https://hfos.hackerfleet.de'"; - alarm = echoToIrc "test hfos failed"; - }; - alarms.cac-panel = { - test = "${pkgs.curl}/bin/curl -sf 'https://panel.cloudatcost.com/login.php'"; - alarm = echoToIrc "test cac-panel failed"; + alarms = { + nirwanabluete = { + test = "${pkgs.curl}/bin/curl -sf 'https://nirwanabluete.de/'"; + alarm = echoToIrc "test nirwanabluete failed"; + }; + ubik = { + test = "${pkgs.curl}/bin/curl -sf 'https://ubikmedia.de'"; + alarm = echoToIrc "test ubik failed"; + }; + hfos = { + test = "${pkgs.curl}/bin/curl -sf --insecure 'https://hfos.hackerfleet.de'"; + alarm = echoToIrc "test hfos failed"; + }; + cac-panel = { + test = "${pkgs.curl}/bin/curl -sf 'https://panel.cloudatcost.com/login.php'"; + alarm = echoToIrc "test cac-panel failed"; + }; + radio = { + test = pkgs.writeBash "check_stream" '' + ${pkgs.curl}/bin/curl -sif http://lassul.us:8000/radio.ogg \ + | ${pkgs.gawk}/bin/awk '/^\r$/{exit}{print $0}' \ + | ${pkgs.gnugrep}/bin/grep -q "200 OK" || exit "''${PIPESTATUS[0]}" + ''; + alarm = echoToIrc "test radio failed"; + }; }; }; } -- cgit v1.2.3 From e7f12c4d865c5556b408a8301de6e2eabb39165b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Feb 2017 20:58:29 +0100 Subject: l 2 monit: open monit port to retiolum --- lass/2configs/monitoring/monit-alarms.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lass/2configs/monitoring/monit-alarms.nix b/lass/2configs/monitoring/monit-alarms.nix index d14275c17..063fadb1b 100644 --- a/lass/2configs/monitoring/monit-alarms.nix +++ b/lass/2configs/monitoring/monit-alarms.nix @@ -40,5 +40,9 @@ in { }; }; }; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp -i retiolum --dport 9093"; target = "ACCEPT"; } + ]; } -- cgit v1.2.3 From 4e8d61d8f74e547c6718d55b13ae1d5eb2287bfd Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Feb 2017 13:20:14 +0100 Subject: l 2 hfos: forward https from localhost --- lass/2configs/hfos.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix index 7d4d544aa..a4020dade 100644 --- a/lass/2configs/hfos.nix +++ b/lass/2configs/hfos.nix @@ -32,4 +32,8 @@ with import ; { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 1080 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; } { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 1443 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; } ]; + + krebs.iptables.tables.nat.OUTPUT.rules = [ + { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; } + ]; } -- cgit v1.2.3 From 1afea851af96c54bf011c46f207cc2f9629c6fc1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Feb 2017 00:04:08 +0100 Subject: k 3 fetchWallpaper: use user service --- krebs/3modules/fetchWallpaper.nix | 26 ++++++++++---------------- 1 file changed, 10 insertions(+), 16 deletions(-) diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index 29c4f50e9..8db8be771 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -21,13 +21,14 @@ let OnCalendar = "*:00,10,20,30,40,50"; }; }; + # TODO find a better default stateDir stateDir = mkOption { type = types.str; - default = "/var/lib/wallpaper"; + default = "./wallpaper"; }; display = mkOption { type = types.str; - default = ":11"; + default = ":0"; }; unitConfig = mkOption { type = types.attrsOf types.str; @@ -51,35 +52,29 @@ let mkdir -p ${shell.escape cfg.stateDir} cd ${shell.escape cfg.stateDir} (curl --max-time ${toString cfg.maxTime} -s -o wallpaper.tmp -z wallpaper ${shell.escape cfg.url} && mv wallpaper.tmp wallpaper) || : - feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper + feh --no-fehbg --bg-scale wallpaper ''; imp = { - users.users.fetchWallpaper = { - name = "fetchWallpaper"; - uid = genid "fetchWallpaper"; - description = "fetchWallpaper user"; - home = cfg.stateDir; - createHome = true; - }; - - systemd.timers.fetchWallpaper = { + systemd.user.timers.fetchWallpaper = { description = "fetch wallpaper timer"; wantedBy = [ "timers.target" ]; timerConfig = cfg.timerConfig; }; - systemd.services.fetchWallpaper = { + systemd.user.services.fetchWallpaper = { description = "fetch wallpaper"; - after = [ "network.target" ]; + after = [ "network.target" "graphical.target" ]; + wants = [ "graphical.target" ]; + wantedBy = [ "default.target" ]; path = with pkgs; [ curl feh + coreutils ]; environment = { - URL = cfg.url; DISPLAY = cfg.display; }; restartIfChanged = true; @@ -87,7 +82,6 @@ let serviceConfig = { Type = "simple"; ExecStart = fetchWallpaperScript; - User = "fetchWallpaper"; }; unitConfig = cfg.unitConfig; -- cgit v1.2.3 From 1b5196f4fdc8dc32fb771d518f08a769329b5fd9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Feb 2017 00:07:36 +0100 Subject: l 2: add copyq.nix --- lass/2configs/copyq.nix | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 lass/2configs/copyq.nix diff --git a/lass/2configs/copyq.nix b/lass/2configs/copyq.nix new file mode 100644 index 000000000..0616c4025 --- /dev/null +++ b/lass/2configs/copyq.nix @@ -0,0 +1,38 @@ +{ config, pkgs, ... }: +with import ; +let + copyqConfig = pkgs.writeDash "copyq-config" '' + ${pkgs.copyq}/bin/copyq config check_clipboard true + ${pkgs.copyq}/bin/copyq config check_selection true + ${pkgs.copyq}/bin/copyq config copy_clipboard true + ${pkgs.copyq}/bin/copyq config copy_selection true + + ${pkgs.copyq}/bin/copyq config activate_closes true + ${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0 + ${pkgs.copyq}/bin/copyq config clipboard_tab clipboard + ${pkgs.copyq}/bin/copyq config disable_tray true + ${pkgs.copyq}/bin/copyq config hide_tabs true + ${pkgs.copyq}/bin/copyq config hide_toolbar true + ${pkgs.copyq}/bin/copyq config item_popup_interval true + ${pkgs.copyq}/bin/copyq config maxitems 1000 + ${pkgs.copyq}/bin/copyq config move true + ${pkgs.copyq}/bin/copyq config text_wrap true + ''; +in { + systemd.user.services.copyq = { + after = [ "graphical.target" ]; + wants = [ "graphical.target" ]; + wantedBy = [ "default.target" ]; + environment = { + DISPLAY = ":0"; + }; + serviceConfig = { + SyslogIdentifier = "copyq"; + ExecStart = "${pkgs.copyq}/bin/copyq"; + ExecStartPost = copyqConfig; + Restart = "always"; + RestartSec = "2s"; + StartLimitBurst = 0; + }; + }; +} -- cgit v1.2.3 From 679ccce6bd5feef4edd7533a67536836f7b7aa26 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Feb 2017 00:05:38 +0100 Subject: l 2: use upstream xserver --- lass/2configs/baseX.nix | 60 +++++++------- lass/2configs/fetchWallpaper.nix | 4 - lass/2configs/xserver/Xresources.nix | 66 --------------- lass/2configs/xserver/default.nix | 147 --------------------------------- lass/2configs/xserver/xserver.conf.nix | 40 --------- lass/5pkgs/xmonad-lass.nix | 22 +---- 6 files changed, 31 insertions(+), 308 deletions(-) delete mode 100644 lass/2configs/xserver/Xresources.nix delete mode 100644 lass/2configs/xserver/default.nix delete mode 100644 lass/2configs/xserver/xserver.conf.nix diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 2933ca0e4..539fdc875 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -1,13 +1,13 @@ { config, pkgs, ... }: - +with import ; let - mainUser = config.users.extraUsers.mainUser; + user = config.krebs.build.user; in { imports = [ - ./xserver ./mpv.nix ./power-action.nix ./screenlock.nix + ./copyq.nix { hardware.pulseaudio = { enable = true; @@ -66,37 +66,31 @@ in { youtube-tools rxvt_unicode - #window manager stuff - #haskellPackages.xmobar - #haskellPackages.yeganesh - #dmenu2 - #xlibs.fontschumachermisc ]; - #fonts.fonts = [ - # pkgs.xlibs.fontschumachermisc - #]; - - #services.xserver = { - # enable = true; - - # windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [ - # X11-xshape - # ]; - # windowManager.xmonad.enable = true; - # windowManager.xmonad.enableContribAndExtras = true; - # windowManager.default = "xmonad"; - # desktopManager.default = "none"; - # desktopManager.xterm.enable = false; - # displayManager.slim.enable = true; - # displayManager.auto.enable = true; - # displayManager.auto.user = mainUser.name; - - # layout = "us"; - # xkbModel = "evdev"; - # xkbVariant = "altgr-intl"; - # xkbOptions = "caps:backspace"; - #}; + fonts.fonts = [ + pkgs.xlibs.fontschumachermisc + ]; + + services.xserver = { + enable = true; + + desktopManager.xterm.enable = false; + displayManager.slim.enable = true; + windowManager.session = [{ + name = "xmonad"; + start = '' + ${pkgs.xorg.xhost}/bin/xhost +LOCAL: + ${pkgs.xmonad-lass}/bin/xmonad & + waitPID=$! + ''; + }]; + + layout = "us"; + xkbModel = "evdev"; + xkbVariant = "altgr-intl"; + xkbOptions = "caps:backspace"; + }; services.logind.extraConfig = '' HandleLidSwitch=ignore @@ -107,4 +101,6 @@ in { twoFingerScroll = true; accelFactor = "0.035"; }; + + services.urxvtd.enable = true; } diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix index 29f321994..971be9588 100644 --- a/lass/2configs/fetchWallpaper.nix +++ b/lass/2configs/fetchWallpaper.nix @@ -9,9 +9,5 @@ in { url = "prism/wallpaper.png"; maxTime = 10; }; - systemd.services.fetchWallpaper = { - after = [ "xmonad.service" ]; - wantedBy = [ "xmonad.service" ]; - }; } diff --git a/lass/2configs/xserver/Xresources.nix b/lass/2configs/xserver/Xresources.nix deleted file mode 100644 index 3049774f8..000000000 --- a/lass/2configs/xserver/Xresources.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; - -pkgs.writeText "Xresources" '' - URxvt*scrollBar: false - URxvt*urgentOnBell: true - URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-* - URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10