From d63de0f8604a5155a62c88f04c94905238d00011 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Fri, 12 Jan 2018 12:01:08 +0100
Subject: jeschli enklave: import IMw

---
 jeschli/1systems/enklave/config.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/jeschli/1systems/enklave/config.nix b/jeschli/1systems/enklave/config.nix
index 010089017..76e718699 100644
--- a/jeschli/1systems/enklave/config.nix
+++ b/jeschli/1systems/enklave/config.nix
@@ -4,6 +4,7 @@
   imports = [
     <stockholm/jeschli>
     <stockholm/jeschli/2configs/retiolum.nix>
+    <stockholm/jeschli/2configs/IM.nix>
     <stockholm/jeschli/2configs/os-templates/CentOS-7-64bit.nix>
     {
       networking.dhcpcd.allowInterfaces = [
-- 
cgit v1.2.3


From 05b3e4b0cb4e83dcc84939919ca0a83e694606bf Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Fri, 12 Jan 2018 12:03:01 +0100
Subject: jeschli: +irc alias

---
 jeschli/2configs/default.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/jeschli/2configs/default.nix b/jeschli/2configs/default.nix
index 6d788d283..0ac3708bb 100644
--- a/jeschli/2configs/default.nix
+++ b/jeschli/2configs/default.nix
@@ -23,6 +23,9 @@ with import <stockholm/lib>;
     proot
     populate
 
+  # aliases
+    (writeDashBin "irc" "ssh chat@enklave -t tmux a")
+
   #style
     most
     rxvt_unicode.terminfo
-- 
cgit v1.2.3


From 3131b72a7c2a260e2f985a0fc8abccae7cce9280 Mon Sep 17 00:00:00 2001
From: Markus Hihn <markus.hihn@dcso.de>
Date: Fri, 19 Jan 2018 10:36:35 +0100
Subject: j bln: +virtualbox

---
 jeschli/1systems/bln/config.nix |  1 +
 jeschli/2configs/virtualbox.nix | 23 +++++++++++++++++++++++
 2 files changed, 24 insertions(+)
 create mode 100644 jeschli/2configs/virtualbox.nix

diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 9e5f8c52e..9c491c8a1 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -8,6 +8,7 @@
   imports =
     [ # Include the results of the hardware scan.
       <stockholm/jeschli>
+      <stockholm/jeschli/2configs/virtualbox.nix>
       ./hardware-configuration.nix
       # ./dcso-vpn.nix
     ];
diff --git a/jeschli/2configs/virtualbox.nix b/jeschli/2configs/virtualbox.nix
new file mode 100644
index 000000000..b2cb851a1
--- /dev/null
+++ b/jeschli/2configs/virtualbox.nix
@@ -0,0 +1,23 @@
+{ config, pkgs, ... }:
+
+let
+  mainUser = config.users.extraUsers.markus;
+
+in {
+  #services.virtualboxHost.enable = true;
+  virtualisation.virtualbox.host.enable = true;
+
+  users.extraUsers = {
+    virtual = {
+      name = "virtual";
+      description = "user for running VirtualBox";
+      home = "/home/virtual";
+      useDefaultShell = true;
+      extraGroups = [ "vboxusers" "audio" ];
+      createHome = true;
+    };
+  };
+  security.sudo.extraConfig = ''
+    ${mainUser.name} ALL=(virtual) NOPASSWD: ALL
+  '';
+}
-- 
cgit v1.2.3


From 7b4bb4646815beafb56782b7934fbc755602dcc4 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Fri, 19 Jan 2018 13:30:41 +0100
Subject: jeschli: +IM

---
 jeschli/2configs/IM.nix | 56 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 jeschli/2configs/IM.nix

diff --git a/jeschli/2configs/IM.nix b/jeschli/2configs/IM.nix
new file mode 100644
index 000000000..171b78242
--- /dev/null
+++ b/jeschli/2configs/IM.nix
@@ -0,0 +1,56 @@
+with (import <stockholm/lib>);
+{ config, lib, pkgs, ... }:
+let
+  tmux = pkgs.writeDashBin "tmux" ''
+    export TERM=xterm-256color
+    exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" ''
+      set-option -g default-terminal screen-256color
+    ''} "$@"
+  '';
+in {
+
+  services.bitlbee = {
+    enable = true;
+    portNumber = 6666;
+    plugins = [
+      pkgs.bitlbee-facebook
+      pkgs.bitlbee-steam
+      pkgs.bitlbee-discord
+    ];
+    libpurple_plugins = [ pkgs.telegram-purple ];
+  };
+
+  users.extraUsers.chat = {
+    home = "/home/chat";
+    uid = genid "chat";
+    useDefaultShell = true;
+    createHome = true;
+    openssh.authorizedKeys.keys = with config.krebs.users; [
+      jeschli.pubkey
+      jeschli-bln.pubkey
+      jeschli-brauerei.pubkey
+    ];
+    packages = [ tmux ]; 
+  };
+
+
+  systemd.services.chat = {
+    description = "chat environment setup";
+    after = [ "network.target" ];
+    wantedBy = [ "multi-user.target" ];
+
+    restartIfChanged = false;
+
+    path = [
+      pkgs.rxvt_unicode.terminfo
+    ];
+
+    serviceConfig = {
+      User = "chat";
+      RemainAfterExit = true;
+      Type = "oneshot";
+      ExecStart = "${tmux}/bin/tmux -2 new-session -d -s IM ${pkgs.weechat}/bin/weechat";
+      ExecStop = "${tmux}/bin/tmux kill-session -t IM";
+    };
+  };
+}
-- 
cgit v1.2.3


From 2398bc71ee5cf5fc8a28eae825792bc5c14ab4ca Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 20 Jan 2018 12:49:37 +0100
Subject: l radio: force play regularly

---
 lass/2configs/radio.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index 7f531bf3a..a83d51f1d 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -118,6 +118,7 @@ in {
       if test $(timeLeft) -le $LIMIT; then
         ${add_random}/bin/add_random
       fi
+      ${pkgs.mpc_cli}/bin/mpc play > /dev/null
     '';
   in {
     description = "radio playlist autoadder";
-- 
cgit v1.2.3


From 247aad46d30a6baa79e3b489e57c63ee8f9a430e Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 20 Jan 2018 13:03:21 +0100
Subject: l mors.r: use nixUnstable

---
 lass/1systems/mors/config.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index c231a0b10..936666a73 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -192,7 +192,7 @@ with import <stockholm/lib>;
     '';
   };
 
-  #nix.package = pkgs.nixUnstable;
+  nix.package = pkgs.nixUnstable;
   programs.adb.enable = true;
   users.users.mainUser.extraGroups = [ "adbusers" ];
 }
-- 
cgit v1.2.3


From 3bd62207d4b60db4ca5f89bb84dc842b62bdfbaf Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 20 Jan 2018 13:03:51 +0100
Subject: l: set ssh agentTimeout to 10m

---
 lass/2configs/baseX.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 5cb7eb03f..5ca024574 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -53,6 +53,7 @@ in {
 
   time.timeZone = "Europe/Berlin";
 
+  programs.ssh.agentTimeout = "10m";
   programs.ssh.startAgent = true;
   services.openssh.forwardX11 = true;
 
-- 
cgit v1.2.3


From baf4fc520b9faae6ad07c1b9f6d6623b92768ce6 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Sat, 20 Jan 2018 20:49:48 +0000
Subject: j: +bolide

---
 jeschli/1systems/bolide/config.nix                 | 134 +++++++++++++++++++++
 jeschli/1systems/bolide/hardware-configuration.nix |  32 +++++
 jeschli/1systems/bolide/source.nix                 |   4 +
 krebs/3modules/jeschli/default.nix                 |  40 ++++++
 4 files changed, 210 insertions(+)
 create mode 100644 jeschli/1systems/bolide/config.nix
 create mode 100644 jeschli/1systems/bolide/hardware-configuration.nix
 create mode 100644 jeschli/1systems/bolide/source.nix

diff --git a/jeschli/1systems/bolide/config.nix b/jeschli/1systems/bolide/config.nix
new file mode 100644
index 000000000..cb3eb0396
--- /dev/null
+++ b/jeschli/1systems/bolide/config.nix
@@ -0,0 +1,134 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+      <stockholm/jeschli>
+      <stockholm/jeschli/2configs/urxvt.nix>
+    ];
+
+  krebs.build.host = config.krebs.hosts.bolide;
+  # Use the GRUB 2 boot loader.
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  # boot.loader.grub.efiSupport = true;
+  # boot.loader.grub.efiInstallAsRemovable = true;
+  # boot.loader.efi.efiSysMountPoint = "/boot/efi";
+  # Define on which hard drive you want to install Grub.
+  boot.loader.grub.device = "/dev/sdb"; # or "nodev" for efi only
+  boot.initrd.luks.devices = [ {
+    name = "bla";
+    device = "/dev/disk/by-uuid/53f1eeaf-a7ac-456c-a2af-778dd8b8d5b0";
+    preLVM = true;
+    allowDiscards = true;
+  } ]; 
+#  networking.hostName = "bolide"; # Define your hostname.
+  networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+
+  # Select internationalisation properties.
+  # i18n = {
+  #   consoleFont = "Lat2-Terminus16";
+  #   consoleKeyMap = "us";
+  #   defaultLocale = "en_US.UTF-8";
+  # };
+
+  # Set your time zone.
+  # time.timeZone = "Europe/Amsterdam";
+
+  # List packages installed in system profile. To search by name, run:
+  # $ nix-env -qaP | grep wget
+   nixpkgs.config.allowUnfree = true; 
+   environment.systemPackages = with pkgs; [
+     wget vim
+   # system helper
+     ag
+     curl
+     copyq
+     dmenu
+     git
+     i3lock
+     keepass
+     networkmanagerapplet
+     rsync
+     terminator
+     tmux
+     wget
+   #  rxvt_unicode
+   # editors
+     emacs
+   # internet
+     thunderbird
+     chromium
+     google-chrome
+   # programming languages
+     go
+     gcc
+     ghc
+     python35
+     python35Packages.pip
+   # go tools
+     golint
+     gotools
+   # dev tools
+     gnumake
+     jetbrains.pycharm-professional
+     jetbrains.webstorm
+     jetbrains.goland
+   # document viewer
+     zathura
+   ];
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.bash.enableCompletion = true;
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  # Enable CUPS to print documents.
+  # services.printing.enable = true;
+
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+  # services.xserver.layout = "us";
+  # services.xserver.xkbOptions = "eurosign:e";
+
+  services.xserver.displayManager.sddm.enable = true;
+  services.xserver.windowManager.xmonad.enable = true;
+  services.xserver.windowManager.xmonad.enableContribAndExtras = true;
+  # Enable touchpad support.
+  # services.xserver.libinput.enable = true;
+
+  # Enable the KDE Desktop Environment.
+  # services.xserver.displayManager.sddm.enable = true;
+  # services.xserver.desktopManager.plasma5.enable = true;
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+   users.extraUsers.jeschli = {
+     isNormalUser = true;
+     uid = 1000;
+   };
+
+  # This value determines the NixOS release with which your system is to be
+  # compatible, in order to avoid breaking some software such as database
+  # servers. You should change this only after NixOS release notes say you
+  # should.
+  system.stateVersion = "17.09"; # Did you read the comment?
+
+}
+
diff --git a/jeschli/1systems/bolide/hardware-configuration.nix b/jeschli/1systems/bolide/hardware-configuration.nix
new file mode 100644
index 000000000..183b29e42
--- /dev/null
+++ b/jeschli/1systems/bolide/hardware-configuration.nix
@@ -0,0 +1,32 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, ... }:
+
+{
+  imports =
+    [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.kernelModules = [ "kvm-intel" "wl" ];
+  boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
+
+  fileSystems."/" =
+    { device = "/dev/bolide-pool/bolide-root";
+      fsType = "ext4";
+    };
+
+  fileSystems."/home" =
+    { device = "/dev/bolide-pool/bolide-home";
+      fsType = "ext4";
+    };
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/3aeb67c4-5b6e-4df2-8013-607fe0fb8525";
+      fsType = "ext4";
+    };
+  swapDevices = [ ];
+
+  nix.maxJobs = lib.mkDefault 8;
+  powerManagement.cpuFreqGovernor = "powersave";
+}
diff --git a/jeschli/1systems/bolide/source.nix b/jeschli/1systems/bolide/source.nix
new file mode 100644
index 000000000..0bd7af50f
--- /dev/null
+++ b/jeschli/1systems/bolide/source.nix
@@ -0,0 +1,4 @@
+import <stockholm/jeschli/source.nix> {
+  name = "bolide";
+  secure = true;
+}
diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix
index c7e882742..ed9bfad29 100644
--- a/krebs/3modules/jeschli/default.nix
+++ b/krebs/3modules/jeschli/default.nix
@@ -163,6 +163,43 @@ with import <stockholm/lib>;
       };
     };
 
+    bolide = {
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.27.31";
+          ip6.addr = "42::31";
+          aliases = [
+            "bolide.r"
+          ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIIECgKCBAEAn9mkcX4WvyClMxiHgpvM7nNFbGuUVIxM71luzhfroTxMxcWBcik+
+            m7ensF256uQeUw4+y/d3wVj06ARnJubdGa1zrM54ghLp6dDTULnUhPfgIbCeP+Zz
+            A9hlZsD+yx9ZkPmSMhaakz5dKVlx9KFy4IrS42uGCquXIZ979loZ0372MxYxmPEY
+            sIiuZXQcLOiJa5ajJMHS2UEkr4rCvpa/nOJ3AcEl0QbCjX1WALjPZEw9Ogrwergy
+            tv0d8dkXHB80DZ4sEjA7+BxB/sVrI4YpT9diTqEHNlkhjYjk6x9o0aBAIfJoyFYK
+            Yo2eb8SYN4qwoNbtXr5JLvT0i6thT2R+jXm9h11NIGS91x4cJc2P7eIZI2J33gsV
+            VOfcZ4BfJSQSbd1G12EpgzM6UlorNGMqG2DfH3XPbQ0Ez19tNlEUqlbT3dnvVA5y
+            kpwWDEJrZB3SDvwtHQf9/4j/jXFlMNu4GE1kcwm+a4LvGFne37atY3irv3xZ9ih4
+            ygRbKfFFmxTqK3Cl2Vwxf/dsUm/P+hVF5nzROu7v7wkyU90nYp/AnpXywc4rEAVj
+            M8/7H6OlY59yqElJkSdsMum7HtytpsvvenQWW85Ycz+/Ti3nmYuaILgme2Q6JfA3
+            c6aNRv8A31m4GIuacHNGJOi2WfJab076bYw82HnX4bVoft9i2SxjZrXr75euz/4k
+            jGC4A4YQnrUi4wTBiSc3jm69wb3NXHYoKHjDIwDUUI91vUOKaTO/09RlAYr5EWT3
+            nekSaOu9nCrpTR6dq+yc4MktFjHBKPs2ReFKfDHkYzKiNSn5Ei9g3QhpCMF1LE19
+            RDvBbFawXtH3M8JHofalwsek44eso0tWA3RzFmiH2WzSLD2UV8a2la9vIfJbMvw3
+            LqunwCgC0QWtSTjh+X6H0MBKcGcie5bisKfkXQExx0cnNERDoXpe1E8g5EmJBt2B
+            8anRC6thNhpAuMTB8hZy+RP9AsRBxUE9lr9oKDH3JrHRBk1S4LktuNL3Zf8UqnRO
+            s7hGPzr8nw5yXV61xXFmXwA0snBsNfo83XpuiWJgz2qrz6/EWLZBgnLNyq22udxl
+            O9EGExulbija5rmrSp1MGi7K2K2qAx06KP3C1TerpSY0BW6ZhX/4MK/WIRihDBG4
+            JLg/gxX/4FES2qGmjCkW74TQDHq6B8xFuJQ3y5nD1cZBN4+VDNb1+mQbR06Zn0Sc
+            pDASYWimJzqxR+s/cr0a8PwoE/RdjwOYlXIOW4tDcK12Am6XRRf87cycG9ueNzhy
+            RwrvUJ4JMyUA5sbo2sbumAMqiytNZ7ReRVK6S5IiMpysr4/lHb2OQSPhQArDCprg
+            KXNgncRZsrL9VgVueVmOp45qkAkapeQ8wQIDAQAB
+            -----END RSA PUBLIC KEY-----
+          '';
+        };
+      };
+    };
 
   };
   users = {
@@ -176,5 +213,8 @@ with import <stockholm/lib>;
    jeschli-brauerei = {
      pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos";
    };
+   jeschli-bolide = {
+     pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGnLjnFw3OYJJy/ID9RCWHTtnVcKRfROIj1tJdJZoOWzGMY+kgyCN/WNBg7JJtCW22yU5O3ftSdN851URCBZ6FgYmcvURBxUOKPlyX5EoxUrrnbmtxJM9+OIT3Dt2RWfrqX6aEQ57nwe/qIFKo9UaoedB/FOzsw1f3U5zBxVuWVRQrsnPxkbPWHmPAGB4CvL897tb83uecDexmGZpLe/0dN4768i2nYaSwrNL+HtqZCvkEqEmnfHlmqqXhiuq83q8su/WSXAtDbUVucG3frgOir14YCbrWKf59+MugxhYOEYBqp+KME5+niFGoulg+NBW/HzH6U+DiH4RFBJhCu1Gr jeschli@bolide";
+   };
   };
 }
-- 
cgit v1.2.3


From 767122003dd4389692e0a736ececd0a3372d4008 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 21 Jan 2018 19:57:36 +0100
Subject: l nixpkgs: d9a2891 -> 5141f28

---
 lass/source.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lass/source.nix b/lass/source.nix
index eaae841fd..223954a51 100644
--- a/lass/source.nix
+++ b/lass/source.nix
@@ -10,7 +10,7 @@ in
       nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
       nixpkgs.git = {
         url = https://github.com/nixos/nixpkgs;
-        ref = "d9a2891";
+        ref = "5141f28";
       };
       secrets = getAttr builder {
         buildbot.file = toString <stockholm/lass/2configs/tests/dummy-secrets>;
-- 
cgit v1.2.3


From 697b202e25d9c738e6d5ebf265f1005520cfb1ac Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 22 Jan 2018 18:05:43 +0100
Subject: l zsh: use zsh in nix-shell & better prompt

---
 lass/2configs/zsh.nix | 64 +++++++++++++++++++++++++++++++--------------------
 1 file changed, 39 insertions(+), 25 deletions(-)

diff --git a/lass/2configs/zsh.nix b/lass/2configs/zsh.nix
index 7b0ef79f3..f2c32ba26 100644
--- a/lass/2configs/zsh.nix
+++ b/lass/2configs/zsh.nix
@@ -72,25 +72,6 @@
       alias la='ls -la'
 
       #fancy window title magic
-      case $TERM in
-        (*xterm* | *rxvt*)
-          function precmd {
-            if test -n "$SSH_CLIENT"; then
-              echo -ne "\033]0;$$ $USER@$HOST $PWD\007"
-            else
-              echo -ne "\033]0;$$ $USER@$PWD\007"
-            fi
-          }
-          # This is seen while the shell waits for a command to complete.
-          function preexec {
-            if test -n "$SSH_CLIENT"; then
-              echo -ne "\033]0;$$ $USER@$HOST $PWD $1\007"
-            else
-              echo -ne "\033]0;$$ $USER@$PWD $1\007"
-            fi
-          }
-        ;;
-      esac
     '';
     promptInit = ''
       # TODO: figure out why we need to set this here
@@ -101,27 +82,60 @@
       autoload -U promptinit
       promptinit
 
-      error='%(?..%F{red}%?%f )'
+      p_error='%(?..%F{red}%?%f )'
+      t_error='%(?..%? )'
 
       case $UID in
         0)
-          username='%F{red}root%f '
+          p_username='%F{red}root%f'
+          t_username='root'
           ;;
         1337)
-          username=""
+          p_username=""
+          t_username=""
           ;;
         *)
-          username='%F{blue}%n%f '
+          p_username='%F{blue}%n%f'
+          t_username='%n'
           ;;
       esac
 
       if test -n "$SSH_CLIENT"; then
-        PROMPT="$error$username@%F{magenta}%M%f %~ "
+        p_hostname='@%F{magenta}%M%f '
+        t_hostname='@%M '
+      else
+        p_hostname=""
+        t_hostname=""
+      fi
+
+      #check if in nix shell
+      if test -n "$buildInputs"; then
+        p_nixshell='%F{green}[s]%f '
+        t_nixshell='[s] '
       else
-        PROMPT="$error$username%~ "
+        p_nixshell=""
+        t_nixshell=""
       fi
+
+      PROMPT="$p_error$p_username$p_hostname$p_nixshell%~ "
+      TITLE="$t_error$t_username$t_hostname$t_nixshell%~"
+      case $TERM in
+        (*xterm* | *rxvt*)
+          function precmd {
+            PROMPT_EVALED="$(print -P $TITLE)"
+            echo -ne "\033]0;$$ $PROMPT_EVALED\007"
+          }
+          # This is seen while the shell waits for a command to complete.
+          function preexec {
+            PROMPT_EVALED="$(print -P $TITLE)"
+            echo -ne "\033]0;$$ $PROMPT_EVALED $1\007"
+          }
+        ;;
+      esac
     '';
   };
+  environment.shellAliases.ns = "nix-shell --command zsh";
+
   users.users.mainUser.shell = "/run/current-system/sw/bin/zsh";
   users.users.root.shell = "/run/current-system/sw/bin/zsh";
 }
-- 
cgit v1.2.3


From 10f27ee8bd7a7f56f634dc8ea2bc4d40db9e655a Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Tue, 23 Jan 2018 19:35:46 +0100
Subject: j vim: refactoring

---
 jeschli/2configs/vim.nix | 148 +++++++++++++++++++++++++++++------------------
 1 file changed, 92 insertions(+), 56 deletions(-)

diff --git a/jeschli/2configs/vim.nix b/jeschli/2configs/vim.nix
index 1a2231a86..65ce7dfa4 100644
--- a/jeschli/2configs/vim.nix
+++ b/jeschli/2configs/vim.nix
@@ -1,5 +1,6 @@
 { config, pkgs, ... }:
 
+with import <stockholm/lib>;
 let
   customPlugins.vim-javascript = pkgs.vimUtils.buildVimPlugin {
     name = "vim-javascript";
@@ -16,72 +17,76 @@ let
        owner = "mxw";
        repo = "vim-jsx";
        rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a";
-       sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a"; 
+       sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a";
      };
    };
 in {
-# {
   environment.systemPackages = [
     (pkgs.vim_configurable.customize {
       name = "vim";
-
-    vimrcConfig.customRC = ''
-  set nocompatible 
-
-	:imap jk <Esc>
-	:vmap v v
-	:map gr :GoRun<Enter>
-	:nnoremap <S-TAB> :bnext<CR>
-	:nnoremap <C-TAB> <c-w><c-w>
-  :map nf :NERDTreeToggle<CR>
-	set autowrite
-	set number
-	set ruler
-  set path+=** 
-  set wildmenu
-
-	noremap x "_x
-	set clipboard=unnamedplus
-
-  let g:jsx_ext_required = 0
-
-	let g:go_list_type = "quickfix"
-	let g:go_test_timeout = '10s'
-	let g:go_fmt_command = "goimports"
-	let g:go_snippet_case_type = "camelcase"
-	let g:go_highlight_types = 1
-	let g:go_highlight_fields = 1
-	let g:go_highlight_functions = 1
-	let g:go_highlight_methods = 1
-  let g:go_highlight_extra_types = 1
-  autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4 
-  let g:rehash256 = 1
-  let g:molokai_original = 1
-  colorscheme molokai
-	let g:go_metalinter_enabled = ['vet', 'golint', 'errcheck']
-	let g:go_metalinter_autosave = 1
-	" let g:go_metalinter_autosave_enabled = ['vet', 'golint']
-	" let g:go_def_mode = 'godef'
-	" let g:go_decls_includes = "func,type"
-
-
-	" Trigger configuration. Do not use <tab> if you use https://github.com/Valloric/YouCompleteMe.
-	let g:UltiSnipsExpandTrigger="<c-e>"
-	let g:UltiSnipsJumpForwardTrigger="<c-t>"
-	let g:UltiSnipsJumpBackwardTrigger="<c-q>"
-
-	" If you want :UltiSnipsEdit to split your window.
-	let g:UltiSnipsEditSplit="vertical"
-
-	if has('persistent_undo')      "check if your vim version supports it
-	set undofile                 "turn on the feature  
-	set undodir=$HOME/.vim/undo  "directory where the undo files will be stored
-	endif     
+      vimrcConfig.customRC = let
+        colorscheme = ''colorscheme molokai'';
+        setStatements = ''
+          set autowrite
+          set clipboard=unnamedplus
+          set nocompatible
+          set path+=**
+          set ruler
+          set undodir=$HOME/.vim/undo  "directory where the undo files will be stored
+          set undofile                 "turn on the feature
+          set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
+          set wildmenu
+          set listchars=trail:¶
+        '';
+        remapStatements = ''
+          imap jk <Esc>
+          map gr :GoRun<Enter>         " Map gr to execute go run
+          map nf :NERDTreeToggle<CR>
+          nnoremap <C-TAB> <c-w><c-w>
+          nnoremap <S-TAB> :bnext<CR>
+          noremap x "_x
+          vmap v v
+        '';
+        settingsForGo = ''
+          let g:go_decls_includes = "func,type"
+          let g:go_def_mode = 'godef'
+          let g:go_fmt_command = "goimports"
+          let g:go_highlight_extra_types = 1
+          let g:go_highlight_fields = 1
+          let g:go_highlight_functions = 1
+          let g:go_highlight_methods = 1
+          let g:go_highlight_types = 1
+          let g:go_list_type = "quickfix"
+          let g:go_metalinter_autosave = 1
+          let g:go_metalinter_enabled = ['vet', 'golint', 'errcheck']
+          let g:go_snippet_case_type = "camelcase"
+          let g:go_test_timeout = '10s'
+          let g:jsx_ext_required = 0
+          let g:molokai_original = 1
+          let g:rehash256 = 1
         '';
 
+      in ''
+        ${colorscheme}
+        ${remapStatements}
+        ${setStatements}
+        ${settingsForGo}
+        " I dont know what this line is about
+        autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4
+      '';
        vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
        vimrcConfig.vam.pluginDictionaries = [
-         { names = [ "undotree" "molokai" "Syntastic" "ctrlp" "surround" "snipmate" "nerdtree" "easymotion"]; } 
+         { names = [
+            "ctrlp"
+            "easymotion"
+            "molokai"
+            "nerdtree"
+            "snipmate"
+            "surround"
+            "Syntastic"
+            "undotree"
+           ];
+         }
          { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
          { names = [ "vim-go" ]; ft_regex = "^go\$"; } # wanted: nsf/gocode
          { names = [ "vim-javascript" ]; ft_regex = "^js\$"; }
@@ -89,4 +94,35 @@ in {
        ];
     })
   ];
+
+  # set up the directories up if they are not there.
+# Needs to be changed.
+#  vim = let
+#    dirs = {
+#      backupdir = "$HOME/.cache/vim/backup";
+#      swapdir   = "$HOME/.cache/vim/swap";
+#      undodir   = "$HOME/.cache/vim/undo";
+#    };
+#    files = {
+#      viminfo   = "$HOME/.cache/vim/info";
+#    };
+#
+#    mkdirs = let
+#      dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s));
+#                 in assert out != ""; out;
+#      alldirs = attrValues dirs ++ map dirOf (attrValues files);
+#    in unique (sort lessThan alldirs);
+#  in
+#    pkgs.symlinkJoin {
+#      name = "vim";
+#      paths = [
+#        (pkgs.writeDashBin "vim" ''
+#          set -efu
+#          (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
+#          exec ${pkgs.vim}/bin/vim "$@"
+#        '')
+#        pkgs.vim
+#      ];
+#    };
+
 }
-- 
cgit v1.2.3


From dcae1c81a715081dfbf9b06b40c1ac78c2438a02 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Tue, 23 Jan 2018 19:40:10 +0100
Subject: jeschli brauerei: +aliases

---
 jeschli/1systems/brauerei/config.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix
index 2dec45795..e4109c638 100644
--- a/jeschli/1systems/brauerei/config.nix
+++ b/jeschli/1systems/brauerei/config.nix
@@ -35,6 +35,13 @@
   time.timeZone = "Europe/Amsterdam";
   nixpkgs.config.allowUnfree = true;
   # List packages installed in system profile. To search by name, run: # $ nix-env -qaP | grep wget
+  environment.shellAliases = {
+    n = "nix-shell";
+    stocki = pkgs.writeDash "deploy" ''
+      cd ~/stockholm
+      exec nix-shell -I stockholm="$PWD" --run 'deploy  --system="brauerei"'
+    '';
+  };
   environment.systemPackages = with pkgs; [
   # system helper
     ag
-- 
cgit v1.2.3


From 59518f2fbdddfe64764b4a549eeabda76b671576 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 23 Jan 2018 19:56:36 +0100
Subject: krebs: disable CI

---
 krebs/1systems/puyak/config.nix | 1 -
 krebs/1systems/wolf/config.nix  | 1 -
 2 files changed, 2 deletions(-)

diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index d2664ef84..67257eacd 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -7,7 +7,6 @@
     <stockholm/krebs/2configs/secret-passwords.nix>
     <stockholm/krebs/2configs/hw/x220.nix>
 
-    <stockholm/krebs/2configs/buildbot-krebs.nix>
     <stockholm/krebs/2configs/stats/puyak-client.nix>
     <stockholm/krebs/2configs/binary-cache/nixos.nix>
     <stockholm/krebs/2configs/binary-cache/prism.nix>
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 9d6955e7e..1b269e39a 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -12,7 +12,6 @@ in
     <stockholm/krebs/2configs/stats/wolf-client.nix>
 
     <stockholm/krebs/2configs/graphite.nix>
-    <stockholm/krebs/2configs/buildbot-krebs.nix>
     <stockholm/krebs/2configs/binary-cache/nixos.nix>
     <stockholm/krebs/2configs/binary-cache/prism.nix>
 
-- 
cgit v1.2.3


From 31fc8a8e2e8109eb2b262e907014cdacf58ed9cf Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 23 Jan 2018 20:00:14 +0100
Subject: l git: show diff of prism/master

---
 lass/2configs/git.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index 59c0f5220..1fe87c666 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -79,9 +79,9 @@ let
         nick = config.krebs.build.host.name;
         channel = "#xxx";
         server = "irc.r";
-        verbose = false;
+        verbose = config.krebs.build.host.name == "prism";
         # TODO define branches in some kind of option per repo
-        branches = [ "master" "staging*" ];
+        branches = [ "master" ];
       };
     };
   };
-- 
cgit v1.2.3


From 7368b6a9dace5de4a798100066b3583faabb6f7b Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 23 Jan 2018 23:21:47 +0100
Subject: l mail: template with nix

---
 lass/2configs/mail.nix | 34 ++++++++++++++++++----------------
 1 file changed, 18 insertions(+), 16 deletions(-)

diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 962efaf3f..a26f3fcbb 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -1,3 +1,4 @@
+with import <stockholm/lib>;
 { pkgs, ... }:
 
 let
@@ -19,6 +20,14 @@ let
     text/html; ${pkgs.elinks}/bin/elinks -dump ; copiousoutput;
   '';
 
+  inboxes = [
+    { l = "wireguard"; q = [ "wireguard@lists.zx2c4" ]; }
+    { l = "c-base"; q = [ "c-base.org" ]; }
+    { l = "security"; q = [ "seclists.org" "security" "bugtraq" ]; }
+    { l = "nix-devel"; q = [ "nix-devel@googlegroups.com" ]; }
+    { l = "shack"; q = [ "shackspace.de" ]; }
+  ];
+
   muttrc = pkgs.writeText "muttrc" ''
     # gpg
     source ${pkgs.neomutt}/share/doc/mutt/samples/gpg.rc
@@ -72,22 +81,15 @@ let
     ''} %r |"
 
     virtual-mailboxes \
-        "Unread"    "notmuch://?query=tag:unread"\
-        "INBOX"     "notmuch://?query=tag:inbox \
-                     and NOT to:nix-devel\
-                     and NOT to:shackspace\
-                     and NOT to:security\
-                     and NOT to:c-base" \
-        "shack"     "notmuch://?query=to:shackspace"\
-        "c-base"    "notmuch://?query=to:c-base"\
-        "security"  "notmuch://?query=to:securityfocus or from:security-alert@hpe.com"\
-        "nix"       "notmuch://?query=to:nix-devel"\
-        "radio"     "notmuch://?query=to:radio or tag:radio"\
-        "TODO"      "notmuch://?query=tag:TODO"\
-        "Starred"   "notmuch://?query=tag:*"\
-        "Archive"   "notmuch://?query=tag:archive"\
-        "Sent"      "notmuch://?query=tag:sent"\
-        "Junk"      "notmuch://?query=tag:junk"
+      "Unread" "notmuch://?query=tag:unread"\
+      "INBOX" "notmuch://?query=tag:inbox ${concatMapStringsSep " " (f: "and NOT to:${f}") (concatMap (l: l.q) inboxes)}"\
+    ${concatMapStringsSep "\n" (i: ''${"  "}"${i.l}" "notmuch://?query=${concatMapStringsSep " or " (f: "to:${f}") i.q}"\'') inboxes}
+      "BOX" "notmuch://?query=${concatMapStringsSep " and " (f: "NOT to:${f}") (concatMap (l: l.q) inboxes)}"\
+      "TODO" "notmuch://?query=tag:TODO"\
+      "Starred" "notmuch://?query=tag:*"\
+      "Archive" "notmuch://?query=tag:archive"\
+      "Sent" "notmuch://?query=tag:sent"\
+      "Junk" "notmuch://?query=tag:junk"
 
     tag-transforms "junk"     "k" \
                    "unread"   "u" \
-- 
cgit v1.2.3


From 22c6aff64698eec5231a9c43b4fb3642d2b97f97 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 23 Jan 2018 23:41:16 +0100
Subject: l mail: use attrSets

---
 lass/2configs/mail.nix | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index a26f3fcbb..7c58e8c5f 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -20,13 +20,13 @@ let
     text/html; ${pkgs.elinks}/bin/elinks -dump ; copiousoutput;
   '';
 
-  inboxes = [
-    { l = "wireguard"; q = [ "wireguard@lists.zx2c4" ]; }
-    { l = "c-base"; q = [ "c-base.org" ]; }
-    { l = "security"; q = [ "seclists.org" "security" "bugtraq" ]; }
-    { l = "nix-devel"; q = [ "nix-devel@googlegroups.com" ]; }
-    { l = "shack"; q = [ "shackspace.de" ]; }
-  ];
+  mailboxes = {
+    wireguard = [ "wireguard@lists.zx2c4" ];
+    c-base = [ "c-base.org" ];
+    security = [ "seclists.org" "security" "bugtraq" ];
+    nix-devel = [ "nix-devel@googlegroups.com" ];
+    shack = [ "shackspace.de" ];
+  };
 
   muttrc = pkgs.writeText "muttrc" ''
     # gpg
@@ -82,9 +82,9 @@ let
 
     virtual-mailboxes \
       "Unread" "notmuch://?query=tag:unread"\
-      "INBOX" "notmuch://?query=tag:inbox ${concatMapStringsSep " " (f: "and NOT to:${f}") (concatMap (l: l.q) inboxes)}"\
-    ${concatMapStringsSep "\n" (i: ''${"  "}"${i.l}" "notmuch://?query=${concatMapStringsSep " or " (f: "to:${f}") i.q}"\'') inboxes}
-      "BOX" "notmuch://?query=${concatMapStringsSep " and " (f: "NOT to:${f}") (concatMap (l: l.q) inboxes)}"\
+      "INBOX" "notmuch://?query=tag:inbox ${concatMapStringsSep " " (f: "and NOT to:${f}") (flatten (attrValues mailboxes))}"\
+    ${concatMapStringsSep "\n" (i: ''${"  "}"${i.name}" "notmuch://?query=${concatMapStringsSep " or " (f: "to:${f}") i.value}"\'') (mapAttrsToList nameValuePair mailboxes)}
+      "BOX" "notmuch://?query=${concatMapStringsSep " and " (f: "NOT to:${f}") (flatten (attrValues mailboxes))}"\
       "TODO" "notmuch://?query=tag:TODO"\
       "Starred" "notmuch://?query=tag:*"\
       "Archive" "notmuch://?query=tag:archive"\
-- 
cgit v1.2.3


From 4851c2fe0e2f4df65b06ece3e0a84c6bab88a525 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 24 Jan 2018 14:49:09 +0100
Subject: nixpkgs: 0b30c1d -> b222a0

---
 krebs/source.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/source.nix b/krebs/source.nix
index b952aa2a2..2a45a0092 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -17,6 +17,6 @@ in
     stockholm.file = toString <stockholm>;
     nixpkgs.git = {
       url = https://github.com/NixOS/nixpkgs;
-      ref = "0b30c1dd4c638e318957fc6a9198cf2429e38cb5"; # nixos-17.09 @ 2018-01-04
+      ref = "b222a0713f4a689519686421b3fbf5ca0c9bd3da"; # nixos-17.09 @ 2018-01-23
     };
   }
-- 
cgit v1.2.3


From 83b5966b184effe9cfa192a06575c2b145915132 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 24 Jan 2018 14:49:50 +0100
Subject: l nixpkgs: follow krebs

---
 lass/source.nix | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/lass/source.nix b/lass/source.nix
index 223954a51..e3332c5de 100644
--- a/lass/source.nix
+++ b/lass/source.nix
@@ -8,10 +8,7 @@ in
   evalSource (toString _file) [
     {
       nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
-      nixpkgs.git = {
-        url = https://github.com/nixos/nixpkgs;
-        ref = "5141f28";
-      };
+      nixpkgs = (import <stockholm/krebs/source.nix> host).nixpkgs;
       secrets = getAttr builder {
         buildbot.file = toString <stockholm/lass/2configs/tests/dummy-secrets>;
         lass.pass = {
-- 
cgit v1.2.3


From e00acc20944364ba185cbdedab9347179d2004d8 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 24 Jan 2018 17:26:24 +0100
Subject: source: enable override

---
 krebs/source.nix | 33 ++++++++++++++++++---------------
 1 file changed, 18 insertions(+), 15 deletions(-)

diff --git a/krebs/source.nix b/krebs/source.nix
index 2a45a0092..fcc7fb74f 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -1,22 +1,25 @@
 with import <stockholm/lib>;
-host@{ name, secure ? false }: let
+host@{ name, secure ? false, override ? {} }: let
   builder = if getEnv "dummy_secrets" == "true"
               then "buildbot"
               else "krebs";
   _file = <stockholm> + "/krebs/1systems/${name}/source.nix";
 in
-  evalSource (toString _file) {
-    nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix";
-    secrets = getAttr builder {
-      buildbot.file = toString <stockholm/krebs/6tests/data/secrets>;
-      krebs.pass = {
-        dir = "${getEnv "HOME"}/brain";
-        name = "krebs-secrets/${name}";
+  evalSource (toString _file) [
+    {
+      nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix";
+      secrets = getAttr builder {
+        buildbot.file = toString <stockholm/krebs/6tests/data/secrets>;
+        krebs.pass = {
+          dir = "${getEnv "HOME"}/brain";
+          name = "krebs-secrets/${name}";
+        };
       };
-    };
-    stockholm.file = toString <stockholm>;
-    nixpkgs.git = {
-      url = https://github.com/NixOS/nixpkgs;
-      ref = "b222a0713f4a689519686421b3fbf5ca0c9bd3da"; # nixos-17.09 @ 2018-01-23
-    };
-  }
+      stockholm.file = toString <stockholm>;
+      nixpkgs.git = {
+        url = https://github.com/NixOS/nixpkgs;
+        ref = "b222a0713f4a689519686421b3fbf5ca0c9bd3da"; # nixos-17.09 @ 2018-01-23
+      };
+    }
+    override
+  ]
-- 
cgit v1.2.3


From e55897eb6a195dba6353f79baf7517df99bea379 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 26 Jan 2018 15:53:41 +0100
Subject: l eddi.r: public ip change

---
 krebs/3modules/lass/default.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 37bb31563..1634a62ac 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -458,7 +458,8 @@ with import <stockholm/lib>;
       external = true;
       nets = rec {
         internet = {
-          ip4.addr = "129.215.90.4";
+          # eddie.thalheim.io
+          ip4.addr = "129.215.197.11";
           aliases = [ "eddie.i" ];
         };
         retiolum = rec {
-- 
cgit v1.2.3


From 7d30101dd3f4b6e1191e37ea6a81c1c33fa535de Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 13:57:55 +0100
Subject: Revert "ma hw/stk1160: rip"

This reverts commit 1cbc2e5aa359e7e9b4b32c9ef75902576347a6d0.
---
 makefu/1systems/x/config.nix   |  6 ++----
 makefu/2configs/hw/stk1160.nix | 15 +++++++++++++++
 2 files changed, 17 insertions(+), 4 deletions(-)
 create mode 100644 makefu/2configs/hw/stk1160.nix

diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 3686acb6e..a32db91e1 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -61,7 +61,7 @@ with import <stockholm/lib>;
       <stockholm/makefu/2configs/hw/tp-x230.nix>
       <stockholm/makefu/2configs/hw/rtl8812au.nix>
       <stockholm/makefu/2configs/hw/wwan.nix>
-      # <stockholm/makefu/2configs/hw/stk1160.nix>
+      <stockholm/makefu/2configs/hw/stk1160.nix>
       # <stockholm/makefu/2configs/rad1o.nix>
 
       # Filesystem
@@ -86,6 +86,7 @@ with import <stockholm/lib>;
 
   nixpkgs.config.allowUnfree = true;
 
+  environment.systemPackages = [ pkgs.passwdqc-utils ];
 
 
   # configure pulseAudio to provide a HDMI sink as well
@@ -103,7 +104,4 @@ with import <stockholm/lib>;
   '';
   # hard dependency because otherwise the device will not be unlocked
   boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
-
-  nix.package = pkgs.nixUnstable;
-  environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
 }
diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
new file mode 100644
index 000000000..b3a9e1a5a
--- /dev/null
+++ b/makefu/2configs/hw/stk1160.nix
@@ -0,0 +1,15 @@
+{ pkgs, ... }:
+{
+  # TODO: un-pin linuxPackages somehow
+  boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages;
+  nixpkgs.config.packageOverrides = pkgs: {
+    linux_4_9 = pkgs.linux_4_9.override {
+        extraConfig = ''
+          MEDIA_ANALOG_TV_SUPPORT y
+          VIDEO_STK1160_COMMON m
+          VIDEO_STK1160_AC97 y
+          VIDEO_STK1160 m
+        '';
+    };
+  };
+}
-- 
cgit v1.2.3


From a645fb4b9acd5103bcb1b33ada8ba93f120834fa Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 14:15:02 +0100
Subject: ma photostore.krebsco.de: enable ssl

---
 makefu/2configs/deployment/photostore.krebsco.de.nix | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/makefu/2configs/deployment/photostore.krebsco.de.nix b/makefu/2configs/deployment/photostore.krebsco.de.nix
index 9e16a384a..ecbca9ea3 100644
--- a/makefu/2configs/deployment/photostore.krebsco.de.nix
+++ b/makefu/2configs/deployment/photostore.krebsco.de.nix
@@ -26,14 +26,16 @@ in {
   services.nginx = {
     enable = mkDefault true;
     virtualHosts."photostore.krebsco.de" = {
-        locations = {
-          "/".extraConfig = ''
-          uwsgi_pass                  unix://${wsgi-sock};
-          uwsgi_param UWSGI_CHDIR     ${workdir};
-          uwsgi_param UWSGI_MODULE    cuserver.main;
-          uwsgi_param UWSGI_CALLABLE  app;
-          include                     ${pkgs.nginx}/conf/uwsgi_params;
-        '';
+      enableACME = true;
+      forceSSL = true;
+      locations = {
+        "/".extraConfig = ''
+        uwsgi_pass                  unix://${wsgi-sock};
+        uwsgi_param UWSGI_CHDIR     ${workdir};
+        uwsgi_param UWSGI_MODULE    cuserver.main;
+        uwsgi_param UWSGI_CALLABLE  app;
+        include                     ${pkgs.nginx}/conf/uwsgi_params;
+      '';
       };
     };
   };
-- 
cgit v1.2.3


From 0c8071080121deb593be0899bc20ec3eb3169688 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 14:15:48 +0100
Subject: ma gum.r: add vpn pubkeys for work router

---
 makefu/1systems/gum/config.nix | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index f473d9e4c..a656fdce3 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -109,6 +109,8 @@ in {
       #}
       { # wireguard server
 
+        # opkg install wireguard luci-proto-wireguard
+
         # TODO: networking.nat
 
         # boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
@@ -136,9 +138,23 @@ in {
             allowedIPs = [ "10.244.0.3/32" ];
             publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw=";
           }
+          {
+            # x-test
+            allowedIPs = [ "10.244.0.4/32" ];
+            publicKey = "vZ/AJpfDLJyU3DzvYeW70l4FNziVgSTumA89wGHG7XY=";
+          }
+          {
+            # work-router
+            allowedIPs = [ "10.244.0.5/32" ];
+            publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw=";
+          }
           ];
         };
       }
+      { # iperf3
+        networking.firewall.allowedUDPPorts = [ 5201 ];
+        networking.firewall.allowedTCPPorts = [ 5201 ];
+      }
 
   ];
   makefu.dl-dir = "/var/download";
-- 
cgit v1.2.3


From 79ac162a9e967993252d910f5a6bb74c810fd0a1 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 14:16:11 +0100
Subject: ma hw/stk1160: bump linux kernel

---
 makefu/2configs/hw/stk1160.nix | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
index b3a9e1a5a..bdd146365 100644
--- a/makefu/2configs/hw/stk1160.nix
+++ b/makefu/2configs/hw/stk1160.nix
@@ -1,9 +1,8 @@
-{ pkgs, ... }:
+{ pkgs, lib, ... }:
 {
   # TODO: un-pin linuxPackages somehow
-  boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages;
   nixpkgs.config.packageOverrides = pkgs: {
-    linux_4_9 = pkgs.linux_4_9.override {
+    linux_4_14 = pkgs.linux_4_14.override {
         extraConfig = ''
           MEDIA_ANALOG_TV_SUPPORT y
           VIDEO_STK1160_COMMON m
-- 
cgit v1.2.3


From 0cad7868a46613eb76fe1a8271efe2a9230e85ad Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 28 Jan 2018 15:08:50 +0100
Subject: infest prepare: define _which on nixos_iso

---
 krebs/4lib/infest/prepare.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/krebs/4lib/infest/prepare.sh b/krebs/4lib/infest/prepare.sh
index 78c1c6ec1..cbc62102c 100644
--- a/krebs/4lib/infest/prepare.sh
+++ b/krebs/4lib/infest/prepare.sh
@@ -81,6 +81,9 @@ prepare_debian() {
 }
 
 prepare_nixos_iso() {
+  _which() (
+    type -p "$1"
+  )
   mountpoint /mnt
 
   type git 2>/dev/null || nix-env -iA nixos.git
-- 
cgit v1.2.3


From cd276a21f2aa55192e072ac8339b45201066d58b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 15:09:18 +0100
Subject: wolf.r: pin et0

---
 krebs/1systems/wolf/config.nix | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 1b269e39a..6addb0818 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -2,6 +2,9 @@
 let
   shack-ip = config.krebs.build.host.nets.shack.ip4.addr;
   influx-host = "127.0.0.1";
+  ext-if = "et0";
+  external-mac = "52:54:b0:0b:af:fe";
+
 in
 {
   imports = [
@@ -111,7 +114,7 @@ in
   networking = {
     firewall.enable = false;
     firewall.allowedTCPPorts = [ 8088 8086 8083 ];
-    interfaces.enp0s3.ip4 = [{
+    interfaces."${ext-if}".ip4 = [{
       address = shack-ip;
       prefixLength = 20;
     }];
@@ -160,6 +163,9 @@ in
     config.krebs.users.makefu-omo.pubkey
     "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
   ];
+  services.udev.extraRules = ''
+    SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
+  '';
 
   time.timeZone = "Europe/Berlin";
   sound.enable = false;
-- 
cgit v1.2.3


From 1f8ad80695e93687999b8151ddd2e7f2c40b085b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 15:12:37 +0100
Subject: ma cgit: disable irc hook

---
 makefu/2configs/git/cgit-retiolum.nix | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index da246f66a..eacbd99cf 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -53,15 +53,6 @@ let
   make-krebs-repo = with git; name: { cgit ? {}, ... }: {
     inherit cgit name;
     public = true;
-    hooks = {
-      post-receive = pkgs.git-hooks.irc-announce {
-        nick = config.networking.hostName;
-        verbose = config.krebs.build.host.name == "gum";
-        channel = "#xxx";
-        # TODO remove the hardcoded hostname
-        server = "irc.r";
-      };
-    };
   };
 
 
-- 
cgit v1.2.3


From 32c800ec3fc508c6c8d025a31c9b922d9fdbe04d Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 15:19:26 +0100
Subject: ma hw/stk1160: fix invalid kernel option

---
 makefu/2configs/hw/stk1160.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
index bdd146365..4ac639a25 100644
--- a/makefu/2configs/hw/stk1160.nix
+++ b/makefu/2configs/hw/stk1160.nix
@@ -6,7 +6,6 @@
         extraConfig = ''
           MEDIA_ANALOG_TV_SUPPORT y
           VIDEO_STK1160_COMMON m
-          VIDEO_STK1160_AC97 y
           VIDEO_STK1160 m
         '';
     };
-- 
cgit v1.2.3


From eb1ecbe5b49e74862d61e67235e9eb74862cae56 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Sun, 28 Jan 2018 18:32:29 +0000
Subject: jeschli vim: +vim-elm

---
 jeschli/2configs/vim.nix | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/jeschli/2configs/vim.nix b/jeschli/2configs/vim.nix
index 65ce7dfa4..7721b1d40 100644
--- a/jeschli/2configs/vim.nix
+++ b/jeschli/2configs/vim.nix
@@ -20,6 +20,7 @@ let
        sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a";
      };
    };
+
 in {
   environment.systemPackages = [
     (pkgs.vim_configurable.customize {
@@ -65,11 +66,17 @@ in {
           let g:molokai_original = 1
           let g:rehash256 = 1
         '';
-
+        settingsForElm = ''
+          let g:polyglot_disabled = ['elm']
+          let g:elm_detailed_complete = 1
+          let g:elm_format_autosave = 1
+          let g:elm_syntastic_show_warnings = 1
+        '';
       in ''
         ${colorscheme}
         ${remapStatements}
         ${setStatements}
+        ${settingsForElm}
         ${settingsForGo}
         " I dont know what this line is about
         autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4
@@ -85,6 +92,7 @@ in {
             "surround"
             "Syntastic"
             "undotree"
+            "elm-vim"
            ];
          }
          { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
-- 
cgit v1.2.3


From 2682c735526d6593795d324a50dda5fd557c6ef1 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Sun, 28 Jan 2018 18:34:54 +0000
Subject: jeschli bolide: +j std config

---
 jeschli/1systems/bolide/config.nix | 184 +++++++++++++++++++------------------
 1 file changed, 96 insertions(+), 88 deletions(-)

diff --git a/jeschli/1systems/bolide/config.nix b/jeschli/1systems/bolide/config.nix
index cb3eb0396..83640801f 100644
--- a/jeschli/1systems/bolide/config.nix
+++ b/jeschli/1systems/bolide/config.nix
@@ -26,7 +26,7 @@
     device = "/dev/disk/by-uuid/53f1eeaf-a7ac-456c-a2af-778dd8b8d5b0";
     preLVM = true;
     allowDiscards = true;
-  } ]; 
+  } ];
 #  networking.hostName = "bolide"; # Define your hostname.
   networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
 
@@ -42,93 +42,101 @@
 
   # List packages installed in system profile. To search by name, run:
   # $ nix-env -qaP | grep wget
-   nixpkgs.config.allowUnfree = true; 
-   environment.systemPackages = with pkgs; [
-     wget vim
-   # system helper
-     ag
-     curl
-     copyq
-     dmenu
-     git
-     i3lock
-     keepass
-     networkmanagerapplet
-     rsync
-     terminator
-     tmux
-     wget
-   #  rxvt_unicode
-   # editors
-     emacs
-   # internet
-     thunderbird
-     chromium
-     google-chrome
-   # programming languages
-     go
-     gcc
-     ghc
-     python35
-     python35Packages.pip
-   # go tools
-     golint
-     gotools
-   # dev tools
-     gnumake
-     jetbrains.pycharm-professional
-     jetbrains.webstorm
-     jetbrains.goland
-   # document viewer
-     zathura
-   ];
-
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  # programs.bash.enableCompletion = true;
-  # programs.mtr.enable = true;
-  # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
-
-  # List services that you want to enable:
-
-  # Enable the OpenSSH daemon.
-  services.openssh.enable = true;
-
-  # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
-  # Or disable the firewall altogether.
-  # networking.firewall.enable = false;
-
-  # Enable CUPS to print documents.
-  # services.printing.enable = true;
-
-  # Enable the X11 windowing system.
-  services.xserver.enable = true;
-  # services.xserver.layout = "us";
-  # services.xserver.xkbOptions = "eurosign:e";
-
-  services.xserver.displayManager.sddm.enable = true;
-  services.xserver.windowManager.xmonad.enable = true;
-  services.xserver.windowManager.xmonad.enableContribAndExtras = true;
-  # Enable touchpad support.
-  # services.xserver.libinput.enable = true;
-
-  # Enable the KDE Desktop Environment.
-  # services.xserver.displayManager.sddm.enable = true;
-  # services.xserver.desktopManager.plasma5.enable = true;
-
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-   users.extraUsers.jeschli = {
-     isNormalUser = true;
-     uid = 1000;
-   };
-
-  # This value determines the NixOS release with which your system is to be
-  # compatible, in order to avoid breaking some software such as database
-  # servers. You should change this only after NixOS release notes say you
-  # should.
-  system.stateVersion = "17.09"; # Did you read the comment?
+  environment.shellAliases = {
+    n = "nix-shell";
+    stocki = pkgs.writeDash "deploy" ''
+      cd ~/stockholm
+      exec nix-shell -I stockholm="$PWD" --run 'deploy  --system="bolide"'
+    '';
+  };
+  nixpkgs.config.allowUnfree = true;
+  environment.systemPackages = with pkgs; [
+    wget vim
+  # system helper
+    ag
+    curl
+    copyq
+    dmenu
+    git
+    i3lock
+    keepass
+    networkmanagerapplet
+    rsync
+    terminator
+    tmux
+    wget
+  #  rxvt_unicode
+  # editors
+    emacs
+  # internet
+    thunderbird
+    chromium
+    google-chrome
+  # programming languages
+    go
+    gcc
+    ghc
+    python35
+    python35Packages.pip
+  # go tools
+    golint
+    gotools
+  # dev tools
+    elmPackages.elm
+    gnumake
+    jetbrains.pycharm-professional
+    jetbrains.webstorm
+    jetbrains.goland
+  # document viewer
+    zathura
+  ];
+
+ # Some programs need SUID wrappers, can be configured further or are
+ # started in user sessions.
+ # programs.bash.enableCompletion = true;
+ # programs.mtr.enable = true;
+ # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
+
+ # List services that you want to enable:
+
+ # Enable the OpenSSH daemon.
+ services.openssh.enable = true;
+
+ # Open ports in the firewall.
+ # networking.firewall.allowedTCPPorts = [ ... ];
+ # networking.firewall.allowedUDPPorts = [ ... ];
+ # Or disable the firewall altogether.
+ # networking.firewall.enable = false;
+
+ # Enable CUPS to print documents.
+ # services.printing.enable = true;
+
+ # Enable the X11 windowing system.
+ services.xserver.enable = true;
+ # services.xserver.layout = "us";
+ # services.xserver.xkbOptions = "eurosign:e";
+
+ services.xserver.displayManager.sddm.enable = true;
+ services.xserver.windowManager.xmonad.enable = true;
+ services.xserver.windowManager.xmonad.enableContribAndExtras = true;
+ # Enable touchpad support.
+ # services.xserver.libinput.enable = true;
+
+ # Enable the KDE Desktop Environment.
+ # services.xserver.displayManager.sddm.enable = true;
+ # services.xserver.desktopManager.plasma5.enable = true;
+
+ # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.extraUsers.jeschli = {
+    isNormalUser = true;
+    uid = 1000;
+  };
+
+ # This value determines the NixOS release with which your system is to be
+ # compatible, in order to avoid breaking some software such as database
+ # servers. You should change this only after NixOS release notes say you
+ # should.
+ system.stateVersion = "17.09"; # Did you read the comment?
 
 }
 
-- 
cgit v1.2.3


From 3ba905f2b0cff91cdeaa46c3eaed34d4bfc01215 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 29 Jan 2018 14:45:26 +0100
Subject: ma wbob-kiosk: provide chromium

---
 makefu/2configs/gui/wbob-kiosk.nix | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix
index 4b7a0c333..7db749227 100644
--- a/makefu/2configs/gui/wbob-kiosk.nix
+++ b/makefu/2configs/gui/wbob-kiosk.nix
@@ -1,11 +1,13 @@
-{ lib, ... }:
+{ pkgs, lib, ... }:
 {
 
   imports = [
       ./base.nix
   ];
+  users.users.makefu.packages = [ pkgs.chromium ];
   services.xserver = {
     layout = lib.mkForce "de";
+    xkbVariant = lib.mkForce "";
 
     windowManager = lib.mkForce {
       awesome.enable = false;
@@ -16,7 +18,7 @@
     # xrandrHeads = [ "HDMI1" "HDMI2" ];
     # prevent screen from turning off, disable dpms
     displayManager.sessionCommands = ''
-      xset s off -dpms
+      xset -display :0 s off -dpms
       xrandr --output HDMI2 --right-of HDMI1
     '';
   };
-- 
cgit v1.2.3


From 71397b0aa5f27b0b6dbe22101287f60b237e32f0 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 29 Jan 2018 14:47:00 +0100
Subject: ma wbob.r: enable mpd via bluetooth

---
 makefu/1systems/wbob/config.nix | 126 ++++++++++++++++++++--------------------
 1 file changed, 62 insertions(+), 64 deletions(-)

diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index f44211b93..6434ba273 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -18,7 +18,7 @@ in {
       <stockholm/makefu/2configs/virtualisation/libvirt.nix>
       <stockholm/makefu/2configs/tinc/retiolum.nix>
       <stockholm/makefu/2configs/mqtt.nix>
-      # <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
+      <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
 
       <stockholm/makefu/2configs/stats/client.nix>
 
@@ -31,6 +31,63 @@ in {
       # Services
       <stockholm/makefu/2configs/remote-build/slave.nix>
       <stockholm/makefu/2configs/share/wbob.nix>
+      (let
+        musicDirectory = "/data/music";
+      in {
+        services.mpd = {
+          enable = true;
+          inherit musicDirectory;
+          # dataDir = "/home/anders/.mpd";
+          network.listenAddress = "any";
+          extraConfig = ''
+            audio_output {
+              type    "pulse"
+              name    "Local MPD"
+              server  "127.0.0.1"
+            }
+          '';
+        };
+        # open because of truestedInterfaces
+        # networking.firewall.allowedTCPPorts = [ 6600 4713 ];
+        services.samba.shares.music = {
+          path = musicDirectory;
+          "read only" = "no";
+          browseable = "yes";
+          "guest ok" = "yes";
+        };
+
+        sound.enable = true;
+        hardware.pulseaudio = {
+          enable = true;
+          package = pkgs.pulseaudioFull;
+          # systemWide = true;
+          support32Bit = true;
+          zeroconf.discovery.enable = true;
+          zeroconf.publish.enable = true;
+          tcp = {
+            enable = true;
+            anonymousClients.allowAll = true;
+            anonymousClients.allowedIpRanges =  [ "127.0.0.1" "192.168.8.0/24" ];
+          };
+          configFile = pkgs.writeText "default.pa" ''
+            load-module module-udev-detect
+            load-module module-bluetooth-policy
+            load-module module-bluetooth-discover
+            load-module module-native-protocol-unix
+            load-module module-always-sink
+            load-module module-console-kit
+            load-module module-systemd-login
+            load-module module-intended-roles
+            load-module module-position-event-sounds
+            load-module module-filter-heuristics
+            load-module module-filter-apply
+            load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
+            load-module module-switch-on-connect
+            '';
+        };
+        # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
+        hardware.bluetooth.enable = true;
+      })
 
       # Sensors
       <stockholm/makefu/2configs/stats/telegraf>
@@ -147,7 +204,10 @@ in {
   boot.loader.grub.device = rootdisk;
   hardware.cpu.intel.updateMicrocode = true;
   boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
-  boot.kernelModules = [ "kvm-intel" ];
+
+  boot.kernelModules = [ "kvm-intel"
+    "snd-seq" "snd-rawmidi"
+  ];
   fileSystems = {
     "/" = {
       device = rootdisk + "-part1";
@@ -174,66 +234,4 @@ in {
       serverAddress = "x.r";
     };
   };
-  security.wrappers.fping = {
-    source = "${pkgs.fping}/bin/fping";
-    setuid = true;
-  };
-  services.smokeping = {
-    enable = true;
-    targetConfig = ''
-      probe = FPing
-      menu = Top
-      title = Network Latency Grapher
-      remark = Welcome to this SmokePing website.
-
-      + network
-      menu = Net latency
-      title = Network latency (ICMP pings)
-
-      ++ google
-      probe = FPing
-      host = google.de
-      ++ webde
-      probe = FPing
-      host = web.de
-
-      + services
-      menu = Service latency
-      title = Service latency (DNS, HTTP)
-
-      ++ HTTP
-      menu = HTTP latency
-      title = Service latency (HTTP)
-
-      +++ webdeping
-      probe = EchoPingHttp
-      host = web.de
-
-      +++ googwebping
-      probe = EchoPingHttp
-      host = google.de
-
-      #+++ webwww
-      #probe = Curl
-      #host = web.de
-
-      #+++ googwebwww
-      #probe = Curl
-      #host = google.de
-    '';
-    probeConfig = ''
-       + FPing
-       binary = /run/wrappers/bin/fping
-       + EchoPingHttp
-       pings = 5
-       url = /
-
-       #+ Curl
-       ## probe-specific variables
-       #binary = ${pkgs.curl}/bin/curl
-       #step = 60
-       ## a default for this target-specific variable
-       #urlformat = http://%host%/
-    '';
-  };
 }
-- 
cgit v1.2.3


From b31a37799eff274215d4cd9d435a9c16d496a88c Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 30 Jan 2018 08:11:00 +0100
Subject: ma pkgs.pfsshell: init

---
 makefu/5pkgs/pfsshell/default.nix | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 makefu/5pkgs/pfsshell/default.nix

diff --git a/makefu/5pkgs/pfsshell/default.nix b/makefu/5pkgs/pfsshell/default.nix
new file mode 100644
index 000000000..fc6b37069
--- /dev/null
+++ b/makefu/5pkgs/pfsshell/default.nix
@@ -0,0 +1,27 @@
+{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub, upx, wine }:
+stdenv.mkDerivation rec {
+  pname = "pfsshell";
+  version = "64f8c2";
+  name = "${pname}-${version}";
+
+  src = fetchFromGitHub {
+    owner = "makefu";
+    repo = "pfsshell";
+    rev = version;
+    sha256 = "01lbqf8s91p8id58xa16fp555i03vfycqvhv7qzpnrjy6yvp9dm8";
+  };
+
+  buildInputs = [ ];
+
+  makeFlags = [ ];
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp pfsshell $out/bin
+  '';
+
+  meta = {
+    homepage = https://github.com/uyjulian/pfsshell ;
+    description = "browse and transfer files to/from PFS filesystems";
+  };
+}
-- 
cgit v1.2.3


From 7b49153a48924274a9174002e766b9f56b532ba2 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 30 Jan 2018 18:15:57 +0100
Subject: l zsh: set as default shell for everyone

---
 lass/2configs/zsh.nix | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/lass/2configs/zsh.nix b/lass/2configs/zsh.nix
index f2c32ba26..add30fbf1 100644
--- a/lass/2configs/zsh.nix
+++ b/lass/2configs/zsh.nix
@@ -136,6 +136,5 @@
   };
   environment.shellAliases.ns = "nix-shell --command zsh";
 
-  users.users.mainUser.shell = "/run/current-system/sw/bin/zsh";
-  users.users.root.shell = "/run/current-system/sw/bin/zsh";
+  users.defaultUserShell = "/run/current-system/sw/bin/zsh";
 }
-- 
cgit v1.2.3


From ffc294575cb59585c3bfb6b85fa45fb69cdf1d41 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 30 Jan 2018 19:05:10 +0100
Subject: init ftb

---
 krebs/5pkgs/simple/ftb/default.nix | 51 ++++++++++++++++++++++++++++++++++++++
 lass/2configs/games.nix            |  4 +++
 2 files changed, 55 insertions(+)
 create mode 100644 krebs/5pkgs/simple/ftb/default.nix

diff --git a/krebs/5pkgs/simple/ftb/default.nix b/krebs/5pkgs/simple/ftb/default.nix
new file mode 100644
index 000000000..199c12b44
--- /dev/null
+++ b/krebs/5pkgs/simple/ftb/default.nix
@@ -0,0 +1,51 @@
+{ stdenv, fetchurl, makeDesktopItem
+, jre, libX11, libXext, libXcursor, libXrandr, libXxf86vm
+, openjdk
+, mesa, openal
+, useAlsa ? false, alsaOss ? null }:
+with stdenv.lib;
+
+assert useAlsa -> alsaOss != null;
+
+let
+  desktopItem = makeDesktopItem {
+    name = "minecraft";
+    exec = "minecraft";
+    icon = "minecraft";
+    comment = "A sandbox-building game";
+    desktopName = "Minecraft";
+    genericName = "minecraft";
+    categories = "Game;";
+  };
+
+in stdenv.mkDerivation {
+  name = "ftb";
+
+  src = fetchurl {
+    url = "http://ftb.cursecdn.com/FTB2/launcher/FTB_Launcher.jar";
+    sha256 = "10ga4jgyfsj5dy4rj2rla0fpnfpnxv8r3bmxpqpwn7fsry4il79v";
+  };
+
+  phases = "installPhase";
+
+  installPhase = ''
+    set -x
+    mkdir -pv $out/bin
+    cp -v $src $out/ftb.jar
+
+    cat > $out/bin/ftb << EOF
+    #!${stdenv.shell}
+
+    export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa openal ]}
+    ${if useAlsa then "${alsaOss}/bin/aoss" else "" } \
+      ${jre}/bin/java -jar $out/ftb.jar
+    EOF
+
+    chmod +x $out/bin/ftb
+
+    mkdir -p $out/share/applications
+    ln -s ${desktopItem}/share/applications/* $out/share/applications/
+
+    ${openjdk}/bin/jar xf $out/ftb.jar favicon.png
+  '';
+}
diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix
index 6cea271c1..50362cda4 100644
--- a/lass/2configs/games.nix
+++ b/lass/2configs/games.nix
@@ -73,6 +73,10 @@ in {
       extraGroups = [ "audio" "video" "input" "loot" ];
       createHome = true;
       useDefaultShell = true;
+      packages = with pkgs; [
+        ftb
+        minecraft
+      ];
     };
   };
 
-- 
cgit v1.2.3


From 65eadae50972a5a4ad5a510ce1157d3c617fd757 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Wed, 31 Jan 2018 09:25:22 +0100
Subject: j enklave +taskserver

---
 jeschli/1systems/enklave/config.nix     | 10 ++++++++++
 jeschli/1systems/enklave/taskserver.nix | 10 ++++++++++
 2 files changed, 20 insertions(+)
 create mode 100644 jeschli/1systems/enklave/taskserver.nix

diff --git a/jeschli/1systems/enklave/config.nix b/jeschli/1systems/enklave/config.nix
index 76e718699..470566a8b 100644
--- a/jeschli/1systems/enklave/config.nix
+++ b/jeschli/1systems/enklave/config.nix
@@ -40,6 +40,16 @@
         };
       };
     }
+    {
+      services.taskserver = {
+        enable = true;
+        fqdn = "enklave.r";
+        listenHost = "::";
+        listenPort = 53589;
+        organisations.lass.users = [ "jeschli" ];
+      };
+      networking.firewall.allowedTCPPorts = [ 53589 ];
+    }
   ];
 
   krebs.build.host = config.krebs.hosts.enklave;
diff --git a/jeschli/1systems/enklave/taskserver.nix b/jeschli/1systems/enklave/taskserver.nix
new file mode 100644
index 000000000..23b235d70
--- /dev/null
+++ b/jeschli/1systems/enklave/taskserver.nix
@@ -0,0 +1,10 @@
+    {
+      services.taskserver = {
+        enable = true;
+        fqdn = "enklave.r";
+        listenHost = "::";
+        listenPort = 53589;
+        organisations.lass.users = [ "jeschli" ];
+      };
+      networking.firewall.allowedTCPPorts = [ 53589 ];
+    }
-- 
cgit v1.2.3


From 3b23e6e8bbb42d0866b0d4d6c42f610510fa915c Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Wed, 31 Jan 2018 09:38:47 +0100
Subject: j: +zsh

---
 jeschli/2configs/default.nix |   1 +
 jeschli/2configs/zsh.nix     | 138 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 139 insertions(+)
 create mode 100644 jeschli/2configs/zsh.nix

diff --git a/jeschli/2configs/default.nix b/jeschli/2configs/default.nix
index 0ac3708bb..5aaabe24b 100644
--- a/jeschli/2configs/default.nix
+++ b/jeschli/2configs/default.nix
@@ -4,6 +4,7 @@ with import <stockholm/lib>;
   imports = [
     ./vim.nix
     ./retiolum.nix
+    ./zsh.nix
     <stockholm/lass/2configs/security-workarounds.nix>
     {
       environment.variables = {
diff --git a/jeschli/2configs/zsh.nix b/jeschli/2configs/zsh.nix
new file mode 100644
index 000000000..be5b661b4
--- /dev/null
+++ b/jeschli/2configs/zsh.nix
@@ -0,0 +1,138 @@
+{ config, lib, pkgs, ... }:
+{
+  environment.systemPackages = [ pkgs.fzf ];
+  programs.zsh = {
+    enable = true;
+    shellInit = ''
+      #disable config wizard
+      zsh-newuser-install() { :; }
+    '';
+    interactiveShellInit = ''
+      setopt autocd extendedglob
+      bindkey -e
+
+      #history magic
+      bindkey "" up-line-or-local-history
+      bindkey "" down-line-or-local-history
+
+      up-line-or-local-history() {
+          zle set-local-history 1
+          zle up-line-or-history
+          zle set-local-history 0
+      }
+      zle -N up-line-or-local-history
+      down-line-or-local-history() {
+          zle set-local-history 1
+          zle down-line-or-history
+          zle set-local-history 0
+      }
+      zle -N down-line-or-local-history
+
+      setopt share_history
+      setopt hist_ignore_dups
+      # setopt inc_append_history
+      bindkey '^R' history-incremental-search-backward
+
+      #C-x C-e open line in editor
+      autoload -z edit-command-line
+      zle -N edit-command-line
+      bindkey "^X^E" edit-command-line
+
+      #fzf inclusion
+      source ${pkgs.fzf}/share/fzf/completion.zsh
+      source ${pkgs.fzf}/share/fzf/key-bindings.zsh
+
+      #completion magic
+      autoload -Uz compinit
+      compinit
+      zstyle ':completion:*' menu select
+
+      #enable automatic rehashing of $PATH
+      zstyle ':completion:*' rehash true
+
+      eval $(dircolors -b ${pkgs.fetchFromGitHub {
+        owner = "trapd00r";
+        repo = "LS_COLORS";
+        rev = "master";
+        sha256="05lh5w3bgj9h8d8lrbbwbzw8788709cnzzkl8yh7m1dawkpf6nlp";
+      }}/LS_COLORS)
+
+      #beautiful colors
+      alias ls='ls --color'
+      # zstyle ':completion:*:default' list-colors ''${(s.:.)LS_COLORS}
+
+      #emacs bindings
+      bindkey "[7~" beginning-of-line
+      bindkey "[8~" end-of-line
+      bindkey "Oc" emacs-forward-word
+      bindkey "Od" emacs-backward-word
+
+      #aliases
+      alias ll='ls -l'
+      alias la='ls -la'
+
+      #fancy window title magic
+    '';
+    promptInit = ''
+      # TODO: figure out why we need to set this here
+      HISTSIZE=900001
+      HISTFILESIZE=$HISTSIZE
+      SAVEHIST=$HISTSIZE
+
+      autoload -U promptinit
+      promptinit
+
+      p_error='%(?..%F{red}%?%f )'
+      t_error='%(?..%? )'
+
+      case $UID in
+        0)
+          p_username='%F{red}root%f'
+          t_username='root'
+          ;;
+        1337)
+          p_username=""
+          t_username=""
+          ;;
+        *)
+          p_username='%F{blue}%n%f'
+          t_username='%n'
+          ;;
+      esac
+
+      if test -n "$SSH_CLIENT"; then
+        p_hostname='@%F{magenta}%M%f '
+        t_hostname='@%M '
+      else
+        p_hostname=""
+        t_hostname=""
+      fi
+
+      #check if in nix shell
+      if test -n "$buildInputs"; then
+        p_nixshell='%F{green}[s]%f '
+        t_nixshell='[s] '
+      else
+        p_nixshell=""
+        t_nixshell=""
+      fi
+
+      PROMPT="$p_error$p_username$p_hostname$p_nixshell%~ "
+      TITLE="$t_error$t_username$t_hostname$t_nixshell%~"
+      case $TERM in
+        (*xterm* | *rxvt*)
+          function precmd {
+            PROMPT_EVALED="$(print -P $TITLE)"
+            echo -ne "\033]0;$$ $PROMPT_EVALED\007"
+          }
+          # This is seen while the shell waits for a command to complete.
+          function preexec {
+            PROMPT_EVALED="$(print -P $TITLE)"
+            echo -ne "\033]0;$$ $PROMPT_EVALED $1\007"
+          }
+        ;;
+      esac
+    '';
+  };
+  users.defaultUserShell = "/run/current-system/sw/bin/zsh";
+}
-- 
cgit v1.2.3


From 8a78dd604d9e8334e3db65bb2384ad2a641a68c0 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Wed, 31 Jan 2018 11:54:53 +0100
Subject: j bln: +stocki

---
 jeschli/1systems/bln/config.nix | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 9c491c8a1..c088dce7d 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -36,7 +36,15 @@
       allowDiscards = true;
     }
   ];
-
+  environment.shellAliases = {
+    n = "nix-shell";
+    gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
+    gh = "cd /home/markus/go/src/github.com";
+    stocki = pkgs.writeDash "deploy" ''
+      cd ~/stockholm
+      LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy  --system="bln"'
+    '';
+  };
   networking.hostName = lib.mkForce "BLN02NB0154"; # Define your hostname.
   networking.networkmanager.enable = true;
   # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
@@ -55,11 +63,6 @@
   # List packages installed in system profile. To search by name, run:
   # $ nix-env -qaP | grep wget
   nixpkgs.config.allowUnfree = true;
-  environment.shellAliases = { 
-    n = "nix-shell"; 
-    gd = "cd /home/markus/go/src/gitlab.dcso.lolcat"; 
-    gh = "cd /home/markus/go/src/github.com"; 
-  };
   environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
   environment.systemPackages = with pkgs; [
   # system helper
-- 
cgit v1.2.3


From 52be338d64125398e363e6bfd52c35bccd08b885 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Wed, 31 Jan 2018 11:55:14 +0100
Subject: j bln: +elm

---
 jeschli/1systems/bln/config.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index c088dce7d..14cbb7ed9 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -89,6 +89,7 @@
     chromium
     google-chrome
   # programming languages
+    elmPackages.elm
     go
     gcc
     ghc
-- 
cgit v1.2.3


From e5114f1bfb9f7f412236f05e15fb6023699c96d6 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Wed, 31 Jan 2018 11:56:05 +0100
Subject: j fontsize default 12; bln 20

---
 jeschli/1systems/bln/config.nix |  5 ++--
 jeschli/2configs/urxvt.nix      | 65 ++++++++++++++++++++++-------------------
 2 files changed, 38 insertions(+), 32 deletions(-)

diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 14cbb7ed9..6893c6569 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -3,16 +3,17 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
 { config, lib, pkgs, ... }:
-
+# bln config file
 {
   imports =
     [ # Include the results of the hardware scan.
       <stockholm/jeschli>
       <stockholm/jeschli/2configs/virtualbox.nix>
+      <stockholm/jeschli/2configs/urxvt.nix>
       ./hardware-configuration.nix
       # ./dcso-vpn.nix
     ];
-
+  jeschliFontSize = 20;
   # Use the GRUB 2 boot loader.
   boot.loader.grub.enable = true;
   boot.loader.grub.version = 2;
diff --git a/jeschli/2configs/urxvt.nix b/jeschli/2configs/urxvt.nix
index 69811eb0a..014918748 100644
--- a/jeschli/2configs/urxvt.nix
+++ b/jeschli/2configs/urxvt.nix
@@ -1,34 +1,39 @@
 { config, pkgs, ... }:
 with import <stockholm/lib>;
-
 {
-  services.urxvtd.enable = true;
-  krebs.xresources.enable = true;
-  krebs.xresources.resources.urxvt = ''
-  *foreground: rgb:a8/a8/a8
-  *background: rgb:00/00/00
-  *faceName: DejaVu Sans Mono
-  *faceSize: 12
-  *color0: rgb:00/00/00
-  *color1: rgb:a8/00/00
-  *color2: rgb:00/a8/00
-  *color3: rgb:a8/54/00
-  *color4: rgb:00/00/a8
-  *color5: rgb:a8/00/a8
-  *color6: rgb:00/a8/a8
-  *color7: rgb:a8/a8/a8
-  *color8: rgb:54/54/54
-  *color9: rgb:fc/54/54
-  *color10: rgb:54/fc/54
-  *color11: rgb:fc/fc/54
-  *color12: rgb:54/54/fc
-  *color13: rgb:fc/54/fc
-  *color14: rgb:54/fc/fc
-  *color15: rgb:fc/fc/fc
-  
-  URxvt*scrollBar:                      false
-  URxvt*urgentOnBell:                   true
-  URxvt*font: xft:DejaVu Sans Mono:pixelsize=12
-  URXvt*faceSize: 12
-  '';
+  options.jeschliFontSize = mkOption {
+    type = types.int;
+    default = 12;
+  };
+  config = {
+    services.urxvtd.enable = true;
+    krebs.xresources.enable = true;
+    krebs.xresources.resources.urxvt = ''
+    *foreground: rgb:a8/a8/a8
+    *background: rgb:00/00/00
+    *faceName: DejaVu Sans Mono
+    *faceSize: ${toString config.jeschliFontSize}
+    *color0: rgb:00/00/00
+    *color1: rgb:a8/00/00
+    *color2: rgb:00/a8/00
+    *color3: rgb:a8/54/00
+    *color4: rgb:26/8b/d2
+    *color5: rgb:a8/00/a8
+    *color6: rgb:00/a8/a8
+    *color7: rgb:a8/a8/a8
+    *color8: rgb:54/54/54
+    *color9: rgb:fc/54/54
+    *color10: rgb:54/fc/54
+    *color11: rgb:fc/fc/54
+    *color12: rgb:54/54/fc
+    *color13: rgb:fc/54/fc
+    *color14: rgb:54/fc/fc
+    *color15: rgb:fc/fc/fc
+    
+    URxvt*scrollBar:                      false
+    URxvt*urgentOnBell:                   true
+    URxvt*font: xft:DejaVu Sans Mono:pixelsize=${toString config.jeschliFontSize}
+    URXvt*faceSize: ${toString config.jeschliFontSize}
+    '';
+  }; 
 }
-- 
cgit v1.2.3


From 993437277c5ce501d3baaab2a9448ae1ee62d54d Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 2 Feb 2018 12:13:39 +0100
Subject: go: open port 80

---
 krebs/2configs/go.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/krebs/2configs/go.nix b/krebs/2configs/go.nix
index b75233871..f4c1290c2 100644
--- a/krebs/2configs/go.nix
+++ b/krebs/2configs/go.nix
@@ -8,6 +8,7 @@ with import <stockholm/lib>;
   krebs.go = {
     enable = true;
   };
+  networking.firewall.allowedTCPPorts = [ 80 ];
   services.nginx = {
     enable = true;
     virtualHosts.go = {
-- 
cgit v1.2.3


From ef3a0dcff538c850c25b46165ed70c899873bece Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 6 Feb 2018 11:55:12 +0100
Subject: ma wvdial: rip

---
 makefu/1systems/x/config.nix           |  3 +-
 makefu/2configs/hw/network-manager.nix | 37 ++++++++++++++++++
 makefu/2configs/hw/wwan.nix            |  8 ----
 makefu/3modules/wvdial.nix             | 71 ----------------------------------
 4 files changed, 39 insertions(+), 80 deletions(-)
 create mode 100644 makefu/2configs/hw/network-manager.nix
 delete mode 100644 makefu/2configs/hw/wwan.nix
 delete mode 100644 makefu/3modules/wvdial.nix

diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index a32db91e1..f3a1d488c 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -59,8 +59,9 @@ with import <stockholm/lib>;
 
       # Hardware
       <stockholm/makefu/2configs/hw/tp-x230.nix>
+      # <stockholm/makefu/2configs/hw/tpm.nix>
       <stockholm/makefu/2configs/hw/rtl8812au.nix>
-      <stockholm/makefu/2configs/hw/wwan.nix>
+      <stockholm/makefu/2configs/hw/network-manager.nix>
       <stockholm/makefu/2configs/hw/stk1160.nix>
       # <stockholm/makefu/2configs/rad1o.nix>
 
diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix
new file mode 100644
index 000000000..7e29849b1
--- /dev/null
+++ b/makefu/2configs/hw/network-manager.nix
@@ -0,0 +1,37 @@
+{ pkgs, lib, ... }:
+{
+  users.users.makefu = {
+    extraGroups = [ "networkmanager" ];
+    packages = with pkgs;[
+      networkmanagerapplet
+      gnome3.gnome_keyring gnome3.dconf
+    ];
+  };
+  networking.wireless.enable = lib.mkForce false;
+
+  systemd.services.modemmanager = {
+    description = "ModemManager";
+    after = [ "network-manager.service" ];
+    bindsTo = [ "network-manager.service" ];
+    wantedBy = [ "network-manager.service" ];
+    serviceConfig = {
+      ExecStart = "${pkgs.modemmanager}/bin/ModemManager";
+      PrivateTmp = true;
+      Restart = "always";
+      RestartSec = "5";
+    };
+  };
+  networking.networkmanager.enable = true;
+
+  # TODO: put somewhere else
+  services.xserver.displayManager.sessionCommands = ''
+    ${pkgs.clipit}/bin/clipit &
+    ${pkgs.networkmanagerapplet}/bin/nm-applet &
+    '';
+
+# nixOSUnstable
+# networking.networkmanager.wifi = {
+#   powersave = true;
+#   scanRandMacAddress = true;
+# };
+}
diff --git a/makefu/2configs/hw/wwan.nix b/makefu/2configs/hw/wwan.nix
deleted file mode 100644
index 0eb0c97d7..000000000
--- a/makefu/2configs/hw/wwan.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-_:
-
-{
-  makefu.umts = {
-    enable = true;
-    modem-device = "/dev/serial/by-id/usb-Lenovo_H5321_gw_2D5A51BA0D3C3A90-if01";
-  };
-}
diff --git a/makefu/3modules/wvdial.nix b/makefu/3modules/wvdial.nix
deleted file mode 100644
index 1ed929ed4..000000000
--- a/makefu/3modules/wvdial.nix
+++ /dev/null
@@ -1,71 +0,0 @@
-# Global configuration for wvdial.
-
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
-  configFile = ''
-    [Dialer Defaults]
-    PPPD PATH = ${pkgs.ppp}/sbin/pppd
-    ${config.environment.wvdial.dialerDefaults}
-  '';
-
-  cfg = config.environment.wvdial;
-
-in
-{
-  ###### interface
-
-  options = {
-
-    environment.wvdial = {
-
-      dialerDefaults = mkOption {
-        default = "";
-        type = types.str;
-        example = ''Init1 = AT+CGDCONT=1,"IP","internet.t-mobile"'';
-        description = ''
-          Contents of the "Dialer Defaults" section of
-          <filename>/etc/wvdial.conf</filename>.
-        '';
-      };
-
-      pppDefaults = mkOption {
-        default = ''
-          noipdefault
-          usepeerdns
-          defaultroute
-          persist
-          noauth
-        '';
-        type = types.str;
-        description = "Default ppp settings for wvdial.";
-      };
-
-    };
-
-  };
-
-  ###### implementation
-
-  config = mkIf (cfg.dialerDefaults != "") {
-
-    environment = {
-
-      etc =
-      [
-        { source = pkgs.writeText "wvdial.conf" configFile;
-          target = "wvdial.conf";
-        }
-        { source = pkgs.writeText "wvdial" cfg.pppDefaults;
-          target = "ppp/peers/wvdial";
-        }
-      ];
-
-    };
-
-  };
-
-}
-- 
cgit v1.2.3


From 72f440fdb567b8000ec72aefa6d3e74734c11c9e Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 6 Feb 2018 11:56:36 +0100
Subject: ma omo.r: init google-muell

---
 makefu/1systems/omo/config.nix              |  3 ++-
 makefu/2configs/deployment/google-muell.nix | 34 +++++++++++++++++++++++++++++
 makefu/2configs/deployment/led-fader.nix    | 20 +----------------
 makefu/5pkgs/ampel/default.nix              | 27 +++++++++++++++++++++++
 4 files changed, 64 insertions(+), 20 deletions(-)
 create mode 100644 makefu/2configs/deployment/google-muell.nix
 create mode 100644 makefu/5pkgs/ampel/default.nix

diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index ce3ffbcf3..1e087fef4 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -19,7 +19,7 @@ let
   # __FRONT_
   # |* d0   |
   # |       |
-  # |* d3   |
+  # |* d1   |
   # |       |
   # |* d3   |
   # |       |
@@ -68,6 +68,7 @@ in {
       <stockholm/makefu/2configs/syncthing.nix>
       <stockholm/makefu/2configs/mqtt.nix>
       <stockholm/makefu/2configs/remote-build/slave.nix>
+      <stockholm/makefu/2configs/deployment/google-muell.nix>
 
 
       # security
diff --git a/makefu/2configs/deployment/google-muell.nix b/makefu/2configs/deployment/google-muell.nix
new file mode 100644
index 000000000..f23789ee5
--- /dev/null
+++ b/makefu/2configs/deployment/google-muell.nix
@@ -0,0 +1,34 @@
+{ config, lib, pkgs, buildPythonPackage, ... }:
+with import <stockholm/lib>;
+let
+  pkg = pkgs.ampel;
+  home = "/var/lib/ampel";
+  sec = "${toString <secrets>}/google-muell.json";
+  ampelsec = "${home}/google-muell.json";
+  esp = "192.168.1.23";
+  sleepval = "1800";
+in {
+  users.users.ampel = {
+    uid = genid "ampel";
+    createHome = true;
+    isSystemUser = true;
+    inherit home;
+  };
+  systemd.services.google-muell-ampel = {
+    description = "Send led change to rgb cubes";
+    after = [ "network-online.target"  ];
+    wantedBy = [ "multi-user.target"  ];
+    serviceConfig = {
+      User = "ampel";
+      ExecStartPre = pkgs.writeDash "copy-ampel-secrets" ''
+        cp ${sec} ${ampelsec}
+        chown ampel ${ampelsec}
+      '';
+      ExecStart = "${pkg}/bin/google-muell --esp=${esp} --client-secrets=${ampelsec} --credential-path=${home}/google-muell-creds.json --sleepval=${sleepval}";
+      PermissionsStartOnly = true;
+      Restart = "always";
+      RestartSec = 10;
+      PrivateTmp = true;
+    };
+  };
+}
diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/deployment/led-fader.nix
index 292b6679d..d34b66125 100644
--- a/makefu/2configs/deployment/led-fader.nix
+++ b/makefu/2configs/deployment/led-fader.nix
@@ -2,25 +2,7 @@
 
 let
   mq = "192.168.8.11";
-
-  pkg = pkgs.python3Packages.buildPythonPackage {
-    name = "ampel-master";
-
-    src = pkgs.fetchgit {
-      url = "http://cgit.euer.krebsco.de/ampel";
-      rev = "531741b";
-      sha256 = "110yij53jz074zbswylbzcd8jy7z49r9fg6i3j1gk2y3vl91g81c";
-    };
-    propagatedBuildInputs = with pkgs.python3Packages; [
-        docopt
-        paho-mqtt
-        requests
-        pytz
-        influxdb
-        httplib2
-        google_api_python_client
-    ];
-  };
+  pkg = pkgs.ampel;
 in {
   systemd.services.led-fader  = {
     description = "Send led change to message queue";
diff --git a/makefu/5pkgs/ampel/default.nix b/makefu/5pkgs/ampel/default.nix
new file mode 100644
index 000000000..86518b9b8
--- /dev/null
+++ b/makefu/5pkgs/ampel/default.nix
@@ -0,0 +1,27 @@
+{ lib, pkgs, fetchFromGitHub, ... }:
+
+with pkgs.python3Packages;buildPythonPackage rec {
+  name = "ampel-${version}";
+  version = "0.2";
+
+  propagatedBuildInputs = [
+    docopt
+    paho-mqtt
+    requests
+    pytz
+    influxdb
+    httplib2
+    google_api_python_client
+  ];
+
+  src = pkgs.fetchgit {
+      url = "http://cgit.euer.krebsco.de/ampel";
+      rev = "d8a0250";
+      sha256 = "0n36lc17ca5db6pl6dswdqd5w9f881rfqck9yc4w33a5qpsxj85f";
+  };
+  meta = {
+    homepage = http://cgit.euer.krebsco.de/ampel;
+    description = "change colors of rgb cubes";
+    license = lib.licenses.asl20;
+  };
+}
-- 
cgit v1.2.3


From 083941f7dba4347084779b65cefa9b8cc9713939 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 6 Feb 2018 11:57:58 +0100
Subject: ma gui/base: set packages only for mainuser

---
 makefu/2configs/gui/base.nix | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix
index daa0282b8..861a9327e 100644
--- a/makefu/2configs/gui/base.nix
+++ b/makefu/2configs/gui/base.nix
@@ -48,13 +48,14 @@ in
     fonts = [ pkgs.terminus_font ];
   };
 
-  environment.systemPackages = with pkgs;[
-    pavucontrol
-    xlockmore
-    rxvt_unicode-with-plugins
-    firefox
-  ];
-  users.extraUsers.${mainUser}.extraGroups = [ "audio" ];
+  users.users.${mainUser} = {
+    extraGroups = [ "audio" ];
+    packages = with pkgs;[
+      pavucontrol
+      xlockmore
+      rxvt_unicode-with-plugins
+    ];
+  };
 
   hardware.pulseaudio = {
      enable = true;
-- 
cgit v1.2.3


From c1b2f919572a485cafdc56af5d9e3240ac74469c Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 6 Feb 2018 11:59:08 +0100
Subject: ma x.r: disable makefu.umts, cleanup

---
 makefu/1systems/x/config.nix | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index f3a1d488c..d5a9bdcfb 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -83,13 +83,9 @@ with import <stockholm/lib>;
 
   makefu.server.primary-itf = "wlp3s0";
   makefu.full-populate = true;
-  makefu.umts.apn = "web.vodafone.de";
 
   nixpkgs.config.allowUnfree = true;
 
-  environment.systemPackages = [ pkgs.passwdqc-utils ];
-
-
   # configure pulseAudio to provide a HDMI sink as well
   networking.firewall.enable = true;
   networking.firewall.allowedTCPPorts = [ 80 24800 26061 8000 3000 ];
@@ -101,8 +97,15 @@ with import <stockholm/lib>;
   krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" ];
 
   networking.extraHosts = ''
-    192.168.1.11 omo.local
+    192.168.1.11  omo.local
   '';
   # hard dependency because otherwise the device will not be unlocked
   boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
+
+  nix.package = pkgs.nixUnstable;
+  environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
+  nixpkgs.overlays = [ (import <python/overlay.nix>) ];
+
+  # environment.variables = { GOROOT = [ "${pkgs.go.out}/share/go" ]; };
+
 }
-- 
cgit v1.2.3


From 4dfb5faaab57a69a5940e97feb4c8ed488d931f4 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 6 Feb 2018 12:39:44 +0100
Subject: ma 3/umts: rip

---
 makefu/3modules/default.nix |  2 --
 makefu/3modules/umts.nix    | 84 ---------------------------------------------
 2 files changed, 86 deletions(-)
 delete mode 100644 makefu/3modules/umts.nix

diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix
index af0e81df5..fa4eb827c 100644
--- a/makefu/3modules/default.nix
+++ b/makefu/3modules/default.nix
@@ -14,8 +14,6 @@ _:
     ./snapraid.nix
     ./torrent.nix
     ./udpt.nix
-    ./umts.nix
-    ./wvdial.nix
   ];
 }
 
diff --git a/makefu/3modules/umts.nix b/makefu/3modules/umts.nix
deleted file mode 100644
index 86669945a..000000000
--- a/makefu/3modules/umts.nix
+++ /dev/null
@@ -1,84 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-
-let
-  nixpkgs-1509 = import (pkgs.fetchFromGitHub {
-    owner = "NixOS"; repo = "nixpkgs-channels";
-    rev = "91371c2bb6e20fc0df7a812332d99c38b21a2bda";
-    sha256 = "1as1i0j9d2n3iap9b471y4x01561r2s3vmjc5281qinirlr4al73";
-  }) {};
-
-  wvdial = nixpkgs-1509.wvdial; # https://github.com/NixOS/nixpkgs/issues/16113
-
-  # TODO: currently it is only netzclub
-  umts-bin = pkgs.writeScriptBin "umts" ''
-    #!/bin/sh
-    set -euf
-    systemctl start umts
-    trap "systemctl stop umts;trap - INT TERM EXIT;exit" INT TERM EXIT
-    echo nameserver 8.8.8.8 | tee -a /etc/resolv.conf
-    journalctl -xfu umts
-  '';
-
-  wvdial-defaults = ''
-    Phone = *99***1#
-    Dial Command = ATDT
-    Modem = ${cfg.modem-device}
-    Baud = 460800
-    Init1 = AT+CGDCONT=1,"IP","${config.makefu.umts.apn}","",0,0
-    Init2 = ATZ
-    Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
-    ISDN = 0
-    Modem Type = Analog Modem
-    Username = netzclub
-    Password = netzclub
-    Stupid Mode = 1
-    Idle Seconds = 0'';
-
-  cfg = config.makefu.umts;
-
-  out = {
-    options.makefu.umts = api;
-    config = lib.mkIf cfg.enable imp;
-  };
-
-  api = {
-    enable = mkEnableOption "umts";
-
-    modem-device = mkOption {
-      default = "/dev/ttyUSB0";
-      type = types.str;
-      description = ''
-        path to modem device, use <filename>/dev/serial/by-id/...</filename>
-        to avoid race conditions.
-      '';
-    };
-    apn = mkOption {
-      default = "pinternet.interkom.de";
-      type = types.str;
-      description = ''
-        apn to use for dailing
-      '';
-    };
-  };
-
-  imp = {
-    environment.shellAliases = {
-      umts = "sudo ${umts-bin}/bin/umts";
-    };
-    environment.systemPackages = [ ];
-
-    environment.wvdial.dialerDefaults = wvdial-defaults;
-
-    systemd.services.umts = {
-      description = "UMTS wvdial Service";
-      serviceConfig = {
-        Type = "simple";
-        Restart = "always";
-        RestartSec = "10s";
-        ExecStart = "${wvdial}/bin/wvdial -n";
-      };
-    };
-  };
-in out
-- 
cgit v1.2.3


From e7418fbdf1bdddeeabe123c04bbd858fc70fe031 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 6 Feb 2018 13:20:53 +0100
Subject: ma source: bump to 2018-02-06

---
 makefu/source.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/makefu/source.nix b/makefu/source.nix
index c22c82f32..f06c9454f 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -13,7 +13,7 @@ let
               then "buildbot"
               else "makefu";
   _file = <stockholm> + "/makefu/1systems/${name}/source.nix";
-  ref = "0f19bee"; # nixos-17.09 @ 2018-01-05
+  ref = "cd36b3d"; # nixos-17.09 @ 2018-02-06
                    # + do_sqlite3 ruby: 55a952be5b5
                    # + signal: 0f19beef3
 
-- 
cgit v1.2.3


From 34df8b33df0bd8071a628e27ad599d52f7fc61b8 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 6 Feb 2018 23:11:36 +0100
Subject: ftb: minimize

---
 krebs/5pkgs/simple/ftb/default.nix | 20 +++-----------------
 1 file changed, 3 insertions(+), 17 deletions(-)

diff --git a/krebs/5pkgs/simple/ftb/default.nix b/krebs/5pkgs/simple/ftb/default.nix
index 199c12b44..841e2ea00 100644
--- a/krebs/5pkgs/simple/ftb/default.nix
+++ b/krebs/5pkgs/simple/ftb/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, makeDesktopItem
+{ stdenv, fetchurl
 , jre, libX11, libXext, libXcursor, libXrandr, libXxf86vm
 , openjdk
 , mesa, openal
@@ -7,23 +7,12 @@ with stdenv.lib;
 
 assert useAlsa -> alsaOss != null;
 
-let
-  desktopItem = makeDesktopItem {
-    name = "minecraft";
-    exec = "minecraft";
-    icon = "minecraft";
-    comment = "A sandbox-building game";
-    desktopName = "Minecraft";
-    genericName = "minecraft";
-    categories = "Game;";
-  };
-
-in stdenv.mkDerivation {
+stdenv.mkDerivation {
   name = "ftb";
 
   src = fetchurl {
     url = "http://ftb.cursecdn.com/FTB2/launcher/FTB_Launcher.jar";
-    sha256 = "10ga4jgyfsj5dy4rj2rla0fpnfpnxv8r3bmxpqpwn7fsry4il79v";
+    sha256 = "0pyh83hhni97ryvz6yy8lyiagjrlx67cwr780s2bja92rxc1sqpj";
   };
 
   phases = "installPhase";
@@ -43,9 +32,6 @@ in stdenv.mkDerivation {
 
     chmod +x $out/bin/ftb
 
-    mkdir -p $out/share/applications
-    ln -s ${desktopItem}/share/applications/* $out/share/applications/
-
     ${openjdk}/bin/jar xf $out/ftb.jar favicon.png
   '';
 }
-- 
cgit v1.2.3


From 257f91eff3cf2ef01c25f4e88d186ea30dc250f7 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Wed, 7 Feb 2018 10:08:36 +0100
Subject: j vim: +trailing White detection; *cosmetics

---
 jeschli/2configs/vim.nix | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/jeschli/2configs/vim.nix b/jeschli/2configs/vim.nix
index 7721b1d40..02ea95f6e 100644
--- a/jeschli/2configs/vim.nix
+++ b/jeschli/2configs/vim.nix
@@ -27,6 +27,9 @@ in {
       name = "vim";
       vimrcConfig.customRC = let
         colorscheme = ''colorscheme molokai'';
+        highlightTrailingWhiteSpaces = ''
+          au Syntax * syn match Garbage containedin=ALL /\s\+$/
+        '';
         setStatements = ''
           set autowrite
           set clipboard=unnamedplus
@@ -74,11 +77,12 @@ in {
         '';
       in ''
         ${colorscheme}
+        ${highlightTrailingWhiteSpaces}
         ${remapStatements}
         ${setStatements}
         ${settingsForElm}
         ${settingsForGo}
-        " I dont know what this line is about
+        " dont expand tabs in go files and show it with four whitespaces.
         autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4
       '';
        vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
-- 
cgit v1.2.3


From 057d428ef53632cd8e6df7efd9ed5ca84c9a7b56 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Thu, 8 Feb 2018 11:20:24 +0100
Subject: j bln: +termite

---
 jeschli/1systems/bln/config.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 6893c6569..8a3090a49 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -66,6 +66,7 @@
   nixpkgs.config.allowUnfree = true;
   environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
   environment.systemPackages = with pkgs; [
+    termite
   # system helper
     ag
     copyq
-- 
cgit v1.2.3


From d5aa4524f478a29779b4219e1a8dea10fef74065 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 9 Feb 2018 09:23:14 +0100
Subject: nixpkgs: b222a07 -> b34a5f6

---
 krebs/source.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/source.nix b/krebs/source.nix
index fcc7fb74f..60303c7c1 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -18,7 +18,7 @@ in
       stockholm.file = toString <stockholm>;
       nixpkgs.git = {
         url = https://github.com/NixOS/nixpkgs;
-        ref = "b222a0713f4a689519686421b3fbf5ca0c9bd3da"; # nixos-17.09 @ 2018-01-23
+        ref = "b34a5f6d874e3c3f3f7812371b858b79ddb5be35"; # nixos-17.09 @ 2018-02-09
       };
     }
     override
-- 
cgit v1.2.3


From ab24f3c3a802eabef3f425d2b46e1b4ffc626e71 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Fri, 9 Feb 2018 15:11:24 +0100
Subject: j vim.nix: remap tt to GoTest

---
 jeschli/2configs/vim.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/jeschli/2configs/vim.nix b/jeschli/2configs/vim.nix
index 02ea95f6e..c13113f1c 100644
--- a/jeschli/2configs/vim.nix
+++ b/jeschli/2configs/vim.nix
@@ -45,6 +45,7 @@ in {
         remapStatements = ''
           imap jk <Esc>
           map gr :GoRun<Enter>         " Map gr to execute go run
+          map tt :GoTest<Enter>        " Map tt to execute go test
           map nf :NERDTreeToggle<CR>
           nnoremap <C-TAB> <c-w><c-w>
           nnoremap <S-TAB> :bnext<CR>
-- 
cgit v1.2.3


From 2f9edee631e353cb250cc1c10e015b7f4c14fb4f Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 9 Feb 2018 17:31:23 +0100
Subject: nixpkgs: b34a5f6 -> e18442d

---
 krebs/source.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/source.nix b/krebs/source.nix
index 60303c7c1..ca87b33f5 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -18,7 +18,7 @@ in
       stockholm.file = toString <stockholm>;
       nixpkgs.git = {
         url = https://github.com/NixOS/nixpkgs;
-        ref = "b34a5f6d874e3c3f3f7812371b858b79ddb5be35"; # nixos-17.09 @ 2018-02-09
+        ref = "e18442d46621ee7e1204db0b14025621a9d49cbd"; # nixos-17.09 @ 2018-02-09
       };
     }
     override
-- 
cgit v1.2.3


From e155044112209e4a63b9c27ef100dc5d748a2e32 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Feb 2018 12:30:26 +0100
Subject: nixpkgs: e18442d -> 2062ac5

---
 krebs/source.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/source.nix b/krebs/source.nix
index ca87b33f5..27450c2a3 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -18,7 +18,7 @@ in
       stockholm.file = toString <stockholm>;
       nixpkgs.git = {
         url = https://github.com/NixOS/nixpkgs;
-        ref = "e18442d46621ee7e1204db0b14025621a9d49cbd"; # nixos-17.09 @ 2018-02-09
+        ref = "2062ac5aa2dc0770322272e3d2b647cf431dd893"; # nixos-17.09 @ 2018-02-09
       };
     }
     override
-- 
cgit v1.2.3


From e000690cc2fa3b494cf3b44eb0213dda80b34e12 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Feb 2018 16:07:18 +0100
Subject: hw x220: remove broken tp-smapi

---
 krebs/2configs/hw/x220.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/krebs/2configs/hw/x220.nix b/krebs/2configs/hw/x220.nix
index 90a1a111f..3780e0d7d 100644
--- a/krebs/2configs/hw/x220.nix
+++ b/krebs/2configs/hw/x220.nix
@@ -14,7 +14,6 @@ with import <stockholm/lib>;
 
   boot = {
     kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" ];
-    extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
     kernelParams = [ "acpi_backlight=none" ];
   };
 
-- 
cgit v1.2.3


From 06732ced01be5ba35e343439cc034c4fa60b8e6a Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 10 Feb 2018 19:46:08 +0100
Subject: exim: init at 4.90.1

---
 krebs/5pkgs/simple/exim/default.nix | 64 +++++++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)
 create mode 100644 krebs/5pkgs/simple/exim/default.nix

diff --git a/krebs/5pkgs/simple/exim/default.nix b/krebs/5pkgs/simple/exim/default.nix
new file mode 100644
index 000000000..4911c1d9c
--- /dev/null
+++ b/krebs/5pkgs/simple/exim/default.nix
@@ -0,0 +1,64 @@
+{ coreutils, fetchurl, db, openssl, pcre, perl, pkgconfig, stdenv }:
+
+stdenv.mkDerivation rec {
+  name = "exim-4.90.1";
+
+  src = fetchurl {
+    url = "http://ftp.exim.org/pub/exim/exim4/${name}.tar.xz";
+    sha256 = "09ppq8l7cah6dcqwdvpa6r12i6fdcd9lvxlfp18mggj3438xz62w";
+  };
+
+  nativeBuildInputs = [ pkgconfig ];
+  buildInputs = [ coreutils db openssl pcre perl ];
+
+  preBuild = ''
+    sed '
+      s:^\(BIN_DIRECTORY\)=.*:\1='"$out"'/bin:
+      s:^\(CONFIGURE_FILE\)=.*:\1=/etc/exim.conf:
+      s:^\(EXIM_USER\)=.*:\1=ref\:nobody:
+      s:^\(SPOOL_DIRECTORY\)=.*:\1=/exim-homeless-shelter:
+      s:^# \(SUPPORT_MAILDIR\)=.*:\1=yes:
+      s:^EXIM_MONITOR=.*$:# &:
+      s:^\(FIXED_NEVER_USERS\)=root$:\1=0:
+      s:^# \(WITH_CONTENT_SCAN\)=.*:\1=yes:
+      s:^# \(AUTH_PLAINTEXT\)=.*:\1=yes:
+      s:^# \(SUPPORT_TLS\)=.*:\1=yes:
+      s:^# \(USE_OPENSSL_PC=openssl\)$:\1:
+      s:^# \(LOG_FILE_PATH=syslog\)$:\1:
+      s:^# \(HAVE_IPV6=yes\)$:\1:
+      s:^# \(CHOWN_COMMAND\)=.*:\1=${coreutils}/bin/chown:
+      s:^# \(CHGRP_COMMAND\)=.*:\1=${coreutils}/bin/chgrp:
+      s:^# \(CHMOD_COMMAND\)=.*:\1=${coreutils}/bin/chmod:
+      s:^# \(MV_COMMAND\)=.*:\1=${coreutils}/bin/mv:
+      s:^# \(RM_COMMAND\)=.*:\1=${coreutils}/bin/rm:
+      s:^# \(TOUCH_COMMAND\)=.*:\1=${coreutils}/bin/touch:
+      s:^# \(PERL_COMMAND\)=.*:\1=${perl}/bin/perl:
+      #/^\s*#.*/d
+      #/^\s*$/d
+    ' < src/EDITME > Local/Makefile
+  '';
+
+  installPhase = ''
+    mkdir -p $out/bin $out/share/man/man8
+    cp doc/exim.8 $out/share/man/man8
+
+    ( cd build-Linux-*
+      cp exicyclog exim_checkaccess exim_dumpdb exim_lock exim_tidydb \
+        exipick exiqsumm exigrep exim_dbmbuild exim exim_fixdb eximstats \
+        exinext exiqgrep exiwhat \
+        $out/bin )
+
+    ( cd $out/bin
+      for i in mailq newaliases rmail rsmtp runq sendmail; do
+        ln -s exim $i
+      done )
+  '';
+
+  meta = {
+    homepage = http://exim.org/;
+    description = "A mail transfer agent (MTA)";
+    license = stdenv.lib.licenses.gpl3;
+    platforms = stdenv.lib.platforms.linux;
+    maintainers = [ stdenv.lib.maintainers.tv ];
+  };
+}
-- 
cgit v1.2.3


From dbd48fdbf91672dc96992ee0b55ad1da226d4199 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 11 Feb 2018 16:08:28 +0100
Subject: ftb: add java workaround

---
 krebs/5pkgs/simple/ftb/default.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/krebs/5pkgs/simple/ftb/default.nix b/krebs/5pkgs/simple/ftb/default.nix
index 841e2ea00..c2e83c9f4 100644
--- a/krebs/5pkgs/simple/ftb/default.nix
+++ b/krebs/5pkgs/simple/ftb/default.nix
@@ -25,6 +25,7 @@ stdenv.mkDerivation {
     cat > $out/bin/ftb << EOF
     #!${stdenv.shell}
 
+    export _JAVA_AWT_WM_NONREPARENTING=1
     export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa openal ]}
     ${if useAlsa then "${alsaOss}/bin/aoss" else "" } \
       ${jre}/bin/java -jar $out/ftb.jar
-- 
cgit v1.2.3


From aa1c6c814c9afbe4483b23b37b9d95d5055848fe Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 12 Feb 2018 10:41:19 +0100
Subject: l helios.r: add docker

---
 lass/1systems/helios/config.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix
index f53e93f26..0ab6ec2c6 100644
--- a/lass/1systems/helios/config.nix
+++ b/lass/1systems/helios/config.nix
@@ -149,11 +149,13 @@ with import <stockholm/lib>;
   lass.screenlock.command = "${pkgs.i3lock}/bin/i3lock -i /home/lass/lock.png -t -f";
 
   programs.adb.enable = true;
-  users.users.mainUser.extraGroups = [ "adbusers" ];
+  users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
 
   services.printing.drivers = [ pkgs.postscript-lexmark ];
 
   services.logind.extraConfig = ''
     HandleLidSwitch=ignore
   '';
+
+  virtualisation.docker.enable = true;
 }
-- 
cgit v1.2.3


From 38fe362fdcf723f354c6e4ee0909ec3a544ac819 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 16:55:02 +0100
Subject: l: add lass-daedalus

---
 krebs/3modules/lass/default.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 1634a62ac..655a38030 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -624,6 +624,10 @@ with import <stockholm/lib>;
       mail = "lass@xerxes.r";
       pubkey = builtins.readFile ./ssh/xerxes.rsa;
     };
+    lass-daedalus = {
+      mail = "lass@daedalus.r";
+      pubkey = builtins.readFile ./ssh/daedalus.rsa;
+    };
     fritz = {
       pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540";
     };
-- 
cgit v1.2.3


From 51cfaef6412f833f2137336617ceb2f234932ede Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 16:56:59 +0100
Subject: l mors.r: add /home/virtual

---
 lass/1systems/mors/config.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index 936666a73..b81fa891c 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -89,6 +89,10 @@ with import <stockholm/lib>;
       fsType = "btrfs";
       options = ["defaults" "noatime" "ssd" "compress=lzo"];
     };
+    "/home/virtual" = {
+      device = "/dev/mapper/pool-virtual";
+      fsType = "ext4";
+    };
   };
 
   services.udev.extraRules = ''
-- 
cgit v1.2.3


From e26d3bbd72acad8b3e00dcf8356ea58f4bbaf7d7 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:06:02 +0100
Subject: l mors.r: enable docker

---
 lass/1systems/mors/config.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index b81fa891c..265ef7145 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -198,5 +198,6 @@ with import <stockholm/lib>;
 
   nix.package = pkgs.nixUnstable;
   programs.adb.enable = true;
-  users.users.mainUser.extraGroups = [ "adbusers" ];
+  users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
+  virtualisation.docker.enable = true;
 }
-- 
cgit v1.2.3


From 391fdd01b204402894718109d94c6c9590ccf644 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:06:38 +0100
Subject: l prism.r: add jeschli-bolide git access

---
 lass/1systems/prism/config.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 087aaab06..eae8feb8f 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -297,6 +297,7 @@ in {
           user = with config.krebs.users; [
             jeschli
             jeschli-bln
+            jeschli-bolide
             jeschli-brauerei
           ];
           repo = [ config.krebs.git.repos.stockholm ];
-- 
cgit v1.2.3


From 94a5ac9aeb1d11b5f37a8256db06a8e672cf3439 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:07:31 +0100
Subject: l prism.r: add taskserver config

---
 lass/1systems/prism/config.nix | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index eae8feb8f..b498d94ff 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -314,6 +314,18 @@ in {
     }
     <stockholm/lass/2configs/downloading.nix>
     <stockholm/lass/2configs/minecraft.nix>
+    {
+      services.taskserver = {
+        enable = true;
+        fqdn = "lassul.us";
+        listenHost = "::";
+        listenPort = 53589;
+        organisations.lass.users = [ "lass" "android" ];
+      };
+      krebs.iptables.tables.filter.INPUT.rules = [
+        { predicate = "-p tcp --dport 53589"; target = "ACCEPT"; }
+      ];
+    }
   ];
 
   krebs.build.host = config.krebs.hosts.prism;
-- 
cgit v1.2.3


From abebd470e34a8c1774565b071631a7c318827fb2 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:07:55 +0100
Subject: l IM: add helios to authorized_keys

---
 lass/2configs/IM.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/2configs/IM.nix b/lass/2configs/IM.nix
index 51512955e..7d3dfd428 100644
--- a/lass/2configs/IM.nix
+++ b/lass/2configs/IM.nix
@@ -41,6 +41,7 @@ in {
       lass-shodan.pubkey
       lass-icarus.pubkey
       lass-android.pubkey
+      lass-helios.pubkey
     ];
   };
 
-- 
cgit v1.2.3


From 79fc51585a1e922893c327ea228583acf75e7f3d Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:08:53 +0100
Subject: l baseX: exec in x session

---
 lass/2configs/baseX.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 5ca024574..61a006a52 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -121,7 +121,7 @@ in {
       name = "xmonad";
       start = ''
         ${pkgs.xorg.xhost}/bin/xhost +LOCAL:
-        ${pkgs.coreutils}/bin/sleep infinity
+        exec ${pkgs.coreutils}/bin/sleep infinity
       '';
     }];
   };
-- 
cgit v1.2.3


From 8b9c4fd21a608aef2f2fdeea78b31d3457e49288 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:12:48 +0100
Subject: l dcso-dev: add jschli-brauerei

---
 lass/2configs/dcso-dev.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix
index cbf853d64..e2ba44360 100644
--- a/lass/2configs/dcso-dev.nix
+++ b/lass/2configs/dcso-dev.nix
@@ -17,6 +17,7 @@ in {
         config.krebs.users.lass.pubkey
         config.krebs.users.lass-android.pubkey
         config.krebs.users.jeschli-bln.pubkey
+        config.krebs.users.jeschli-brauerei.pubkey
         "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1T5+2epslFARSnETdr4wdolA6ocJaD4H9tmz6BZFQKXlwIq+OMp+sSEdwYwW3Lu9+mNbBHPxVVJDWg/We9DXB0ezXPM5Bs1+FcehmkoGwkmgKaFCDt0sL+CfSnog/3wEkN21O/rQxVFqMmiJ7WUDGci6IKCFZ5ZjOsmmfHg5p3LYxU9xv33fNr2v+XauhrGbFtQ7eDz4kSywxN/aw73LN4d8em0V0UV8VPI3Qkw7MamDFwefA+K1TfK8pBzMeruU6N7HLuNkpkAp7kS+K4Zzd72aQtR37a5qMiFUbOxQ9B7iFypuPx0iu6ZwY1s/sM8t3kLmcDJ9O4FOTzlbpneet3as6iJ+Ckr/TlfKor2Tl5pWcXh2FXHoG8VUu5bYmIViJBrKihAlAQfQN0mJ9fdFTnCXVTtbYTy11s4eEVHgUlb7oSpgBnx5bnBONgApbsOX9zyoo8wz8KkZBcf1SQpkV5br8uUAHCcZtHuY6I3kKlv+8lJmgUipiYzMdTi7+dHa49gVEcEKL4ZnJ0msQkl4XT7JjKETLvumC4/TIqVuRu48wuYalkCR9OzxCsTXQ/msBJBztPdYLrEOXVb2HfzuCT+43UuMQ5rP/EoPy0TWQO9BaqfEXqvbOvWjVxj/GMvglQ2ChZTwHxwwTKB8qRVvJLnbZQwizQiSrkzjb6hRJfQ== u0_a165@localhost"
         "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjtdqRxD0+UU7O8xogSqAQYd/Hrc79CTTKnvbhKy7jp2TVfxQpl81ndSH6DN6Cz90mu65C+DFGq43YtKTPqXmTn1+2wru71C2UOl6ZR0tmU7UELkRt4SJuFQLEgQCt3BWvXJPye6cKRRIlb+XZHWyVyCDxHo9EYO2GWI1wIP8mHMltKj65mobHY+R0CJNhhwlFURzTto8C30ejfVg2OW81qkNWqYtpdC9txLUlQ9/LBVKrafHGprmcBEp9qtecVgx8kxHpS7cuQNYoFcfljug4IyFO+uBfdbKqnGM5mra3huNhX3+AcQxKbLMlRgZD+jc47Xs+s5qSvWBou2ygd5T413k/SDOTCxDjidA+dcwzRo0qUWcGL201a5g+F0EvWv8rjre9m0lii6QKEoPyj60y3yfaIHeafels1Ia1FItjkBe8XydiXf7rKq8nmVRlpo8vl+vKwVuJY783tObHjUgBtXJdmnyYGiXxkxSrXa2mQhPz3KodK/QrnqCP27dURcMlp1hFF3LxFz7WtMCLW0yvDuUsuI2pdq0+zdt702wuwXVNIvbq/ssvX/CL8ryBLAogaxN9DN0vpjk+aXQLn11Zt99MgmnnqUgvOKQi1Quog/SxnSBiloKqB6aA10a28Uxoxkr0KAfhWhX3XPpfGMlbVj4GJuevLp0sGDVQT2biUQ== rhaist@RH-NB"
       ];
-- 
cgit v1.2.3


From 119856187d954204592ac9d702b9c0327db82eb1 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:13:18 +0100
Subject: l: add dunst

---
 lass/1systems/mors/config.nix |   1 +
 lass/2configs/dunst.nix       | 277 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 278 insertions(+)
 create mode 100644 lass/2configs/dunst.nix

diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index 265ef7145..6a606e0ad 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -31,6 +31,7 @@ with import <stockholm/lib>;
     <stockholm/lass/2configs/c-base.nix>
     <stockholm/lass/2configs/br.nix>
     <stockholm/lass/2configs/ableton.nix>
+    <stockholm/lass/2configs/dunst.nix>
     {
       #risk of rain port
       krebs.iptables.tables.filter.INPUT.rules = [
diff --git a/lass/2configs/dunst.nix b/lass/2configs/dunst.nix
new file mode 100644
index 000000000..6d3d839bc
--- /dev/null
+++ b/lass/2configs/dunst.nix
@@ -0,0 +1,277 @@
+{ config, pkgs, ... }:
+with import <stockholm/lib>;
+let
+  dunstConfig = pkgs.writeText "dunst-config" ''
+    [global]
+    font = Iosevka Term 11
+
+    # Allow a small subset of html markup:
+    #   <b>bold</b>
+    #   <i>italic</i>
+    #   <s>strikethrough</s>
+    #   <u>underline</u>
+    #
+    # For a complete reference see
+    # <http://developer.gnome.org/pango/stable/PangoMarkupFormat.html>.
+    # If markup is not allowed, those tags will be stripped out of the
+    # message.
+    markup = yes
+    plain_text = no
+
+    # The format of the message.  Possible variables are:
+    #   %a  appname
+    #   %s  summary
+    #   %b  body
+    #   %i  iconname (including its path)
+    #   %I  iconname (without its path)
+    #   %p  progress value if set ([  0%] to [100%]) or nothing
+    # Markup is allowed
+    format = "%a\n<b>%s</b>\n%b"
+
+    # Sort messages by urgency.
+    sort = yes
+
+    # Show how many messages are currently hidden (because of geometry).
+    indicate_hidden = yes
+
+    # Alignment of message text.
+    # Possible values are "left", "center" and "right".
+    alignment = center
+
+    # The frequency with wich text that is longer than the notification
+    # window allows bounces back and forth.
+    # This option conflicts with "word_wrap".
+    # Set to 0 to disable.
+    bounce_freq = 0
+
+    # Show age of message if message is older than show_age_threshold
+    # seconds.
+    # Set to -1 to disable.
+    show_age_threshold = 1
+
+    # Split notifications into multiple lines if they don't fit into
+    # geometry.
+    word_wrap = yes
+
+    # Ignore newlines '\n' in notifications.
+    ignore_newline = no
+
+    # Hide duplicate's count and stack them
+    stack_duplicates = yes
+    hide_duplicates_count = no
+
+
+    # The geometry of the window:
+    #   [{width}]x{height}[+/-{x}+/-{y}]
+    # The geometry of the message window.
+    # The height is measured in number of notifications everything else
+    # in pixels.  If the width is omitted but the height is given
+    # ("-geometry x2"), the message window expands over the whole screen
+    # (dmenu-like).  If width is 0, the window expands to the longest
+    # message displayed.  A positive x is measured from the left, a
+    # negative from the right side of the screen.  Y is measured from
+    # the top and down respectevly.
+    # The width can be negative.  In this case the actual width is the
+    # screen width minus the width defined in within the geometry option.
+    geometry = "500x10-0+0"
+
+    # Shrink window if it's smaller than the width.  Will be ignored if
+    # width is 0.
+    shrink = no
+
+    # The transparency of the window.  Range: [0; 100].
+    # This option will only work if a compositing windowmanager is
+    # present (e.g. xcompmgr, compiz, etc.).
+    # transparency = 5
+
+    # Don't remove messages, if the user is idle (no mouse or keyboard input)
+    # for longer than idle_threshold seconds.
+    # Set to 0 to disable.
+    idle_threshold = 0
+
+    # Which monitor should the notifications be displayed on.
+    monitor = keyboard
+
+    # Display notification on focused monitor.  Possible modes are:
+    #   mouse: follow mouse pointer
+    #   keyboard: follow window with keyboard focus
+    #   none: don't follow anything
+    #
+    # "keyboard" needs a windowmanager that exports the
+    # _NET_ACTIVE_WINDOW property.
+    # This should be the case for almost all modern windowmanagers.
+    #
+    # If this option is set to mouse or keyboard, the monitor option
+    # will be ignored.
+    follow = none
+
+    # Should a notification popped up from history be sticky or timeout
+    # as if it would normally do.
+    sticky_history = yes
+
+    # Maximum amount of notifications kept in history
+    history_length = 15
+
+    # Display indicators for URLs (U) and actions (A).
+    show_indicators = no
+
+    # The height of a single line.  If the height is smaller than the
+    # font height, it will get raised to the font height.
+    # This adds empty space above and under the text.
+    line_height = 3
+
+    # Draw a line of "separatpr_height" pixel height between two
+    # notifications.
+    # Set to 0 to disable.
+    separator_height = 1
+
+    # Padding between text and separator.
+    padding = 1
+
+    # Horizontal padding.
+    horizontal_padding = 1
+
+    # Define a color for the separator.
+    # possible values are:
+    #  * auto: dunst tries to find a color fitting to the background;
+    #  * foreground: use the same color as the foreground;
+    #  * frame: use the same color as the frame;
+    #  * anything else will be interpreted as a X color.
+    separator_color = frame
+
+    # Print a notification on startup.
+    # This is mainly for error detection, since dbus (re-)starts dunst
+    # automatically after a crash.
+    startup_notification = true
+
+    # dmenu path.
+    dmenu = ${pkgs.dmenu}/bin/dmenu -p dunst:
+
+    # Browser for opening urls in context menu.
+    browser = /usr/bin/firefox -new-tab
+
+    # Align icons left/right/off
+    icon_position = off
+    max_icon_size = 80
+
+    # Paths to default icons.
+    icon_folders = /usr/share/icons/Paper/16x16/mimetypes/:/usr/share/icons/Paper/48x48/status/:/usr/share/icons/Paper/16x16/devices/:/usr/share/icons/Paper/48x48/notifications/:/usr/share/icons/Paper/48x48/emblems/
+
+    frame_width = 2
+    frame_color = "#8EC07C"
+
+    [shortcuts]
+
+    # Shortcuts are specified as [modifier+][modifier+]...key
+    # Available modifiers are "ctrl", "mod1" (the alt-key), "mod2",
+    # "mod3" and "mod4" (windows-key).
+    # Xev might be helpful to find names for keys.
+
+    # Close notification.
+    close = ctrl+space
+
+    # Close all notifications.
+    close_all = ctrl+shift+space
+
+    # Redisplay last message(s).
+    # On the US keyboard layout "grave" is normally above TAB and left
+    # of "1".
+    history = ctrl+grave
+
+    # Context menu.
+    context = mod4+u
+
+    [urgency_low]
+    # IMPORTANT: colors have to be defined in quotation marks.
+    # Otherwise the "#" and following would be interpreted as a comment.
+    frame_color = "#3B7C87"
+    foreground = "#3B7C87"
+    background = "#191311"
+    #background = "#2B313C"
+    timeout = 0
+
+    [urgency_normal]
+    frame_color = "#5B8234"
+    foreground = "#5B8234"
+    background = "#191311"
+    #background = "#2B313C"
+    timeout = 0
+
+    [urgency_critical]
+    frame_color = "#B7472A"
+    foreground = "#B7472A"
+    background = "#191311"
+    #background = "#2B313C"
+    timeout = 0
+
+
+    # Every section that isn't one of the above is interpreted as a rules to
+    # override settings for certain messages.
+    # Messages can be matched by "appname", "summary", "body", "icon", "category",
+    # "msg_urgency" and you can override the "timeout", "urgency", "foreground",
+    # "background", "new_icon" and "format".
+    # Shell-like globbing will get expanded.
+    #
+    # SCRIPTING
+    # You can specify a script that gets run when the rule matches by
+    # setting the "script" option.
+    # The script will be called as follows:
+    #   script appname summary body icon urgency
+    # where urgency can be "LOW", "NORMAL" or "CRITICAL".
+    #
+    # NOTE: if you don't want a notification to be displayed, set the format
+    # to "".
+    # NOTE: It might be helpful to run dunst -print in a terminal in order
+    # to find fitting options for rules.
+
+    #[espeak]
+    #    summary = "*"
+    #    script = dunst_espeak.sh
+
+    #[script-test]
+    #    summary = "*script*"
+    #    script = dunst_test.sh
+
+    #[ignore]
+    #    # This notification will not be displayed
+    #    summary = "foobar"
+    #    format = ""
+
+    #[signed_on]
+    #    appname = Pidgin
+    #    summary = "*signed on*"
+    #    urgency = low
+    #
+    #[signed_off]
+    #    appname = Pidgin
+    #    summary = *signed off*
+    #    urgency = low
+    #
+    #[says]
+    #    appname = Pidgin
+    #    summary = *says*
+    #    urgency = critical
+    #
+    #[twitter]
+    #    appname = Pidgin
+    #    summary = *twitter.com*
+    #    urgency = normal
+    #
+    # vim: ft=cfg
+  '';
+in {
+  systemd.user.services.dunst = {
+    wantedBy = [ "graphical-session.target" ];
+    requires = [ "xmonad.service" ];
+    environment = {
+      DISPLAY = ":${toString config.services.xserver.display}";
+    };
+    serviceConfig = {
+      SyslogIdentifier = "dunst";
+      ExecStart = "${pkgs.dunst}/bin/dunst -conf ${dunstConfig}";
+      Restart = "always";
+      RestartSec = "15s";
+      StartLimitBurst = 0;
+    };
+  };
+}
-- 
cgit v1.2.3


From be0a02f5d696aeb79312ee172e0d77d5c32229a3 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:13:55 +0100
Subject: l: add rtl-sdr

---
 lass/1systems/helios/config.nix | 1 +
 lass/1systems/mors/config.nix   | 1 +
 lass/2configs/rtl-sdr.nix       | 6 ++++++
 3 files changed, 8 insertions(+)
 create mode 100644 lass/2configs/rtl-sdr.nix

diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix
index 0ab6ec2c6..5a553572e 100644
--- a/lass/1systems/helios/config.nix
+++ b/lass/1systems/helios/config.nix
@@ -16,6 +16,7 @@ with import <stockholm/lib>;
     <stockholm/lass/2configs/virtualbox.nix>
     <stockholm/lass/2configs/dcso-dev.nix>
     <stockholm/lass/2configs/steam.nix>
+    <stockholm/lass/2configs/rtl-sdr.nix>
     { # automatic hardware detection
       boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
       boot.kernelModules = [ "kvm-intel" ];
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index 6a606e0ad..6ca980155 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -32,6 +32,7 @@ with import <stockholm/lib>;
     <stockholm/lass/2configs/br.nix>
     <stockholm/lass/2configs/ableton.nix>
     <stockholm/lass/2configs/dunst.nix>
+    <stockholm/lass/2configs/rtl-sdr.nix>
     {
       #risk of rain port
       krebs.iptables.tables.filter.INPUT.rules = [
diff --git a/lass/2configs/rtl-sdr.nix b/lass/2configs/rtl-sdr.nix
new file mode 100644
index 000000000..7d640ea6c
--- /dev/null
+++ b/lass/2configs/rtl-sdr.nix
@@ -0,0 +1,6 @@
+{
+  boot.blacklistedKernelModules = [ "dvb_usb_rtl28xxu" ];
+  services.udev.extraRules = ''
+    SUBSYSTEM=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2838", GROUP="adm", MODE="0666", SYMLINK+="rtl_sdr"
+  '';
+}
-- 
cgit v1.2.3


From 6ee55cef8fd386f80938cfffcf7edd46884ef173 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:15:34 +0100
Subject: l dcso-dev: open firewall

---
 lass/2configs/dcso-dev.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix
index e2ba44360..04b742acf 100644
--- a/lass/2configs/dcso-dev.nix
+++ b/lass/2configs/dcso-dev.nix
@@ -45,6 +45,11 @@ in {
     };
   };
 
+  krebs.iptables.tables.filter.INPUT.rules = [
+    { predicate = "-p tcp --dport 8000"; target = "ACCEPT";}
+    { predicate = "-p tcp --dport 9000"; target = "ACCEPT";}
+  ];
+
   krebs.per-user.dev.packages = [
     pkgs.go
   ];
-- 
cgit v1.2.3


From 9c8c17c7c8f4031d450605c91f2906fd445cf73d Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:28:25 +0100
Subject: l mail: refactor

---
 lass/2configs/mail.nix | 30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 7c58e8c5f..e83201cd8 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -21,11 +21,11 @@ let
   '';
 
   mailboxes = {
-    wireguard = [ "wireguard@lists.zx2c4" ];
-    c-base = [ "c-base.org" ];
-    security = [ "seclists.org" "security" "bugtraq" ];
-    nix-devel = [ "nix-devel@googlegroups.com" ];
-    shack = [ "shackspace.de" ];
+    wireguard = [ "to:wireguard@lists.zx2c4" ];
+    c-base = [ "to:c-base.org" ];
+    security = [ "to:seclists.org" "to:security" "to:bugtraq" ];
+    nix-devel = [ "to:nix-devel@googlegroups.com" ];
+    shack = [ "to:shackspace.de" ];
   };
 
   muttrc = pkgs.writeText "muttrc" ''
@@ -80,16 +80,16 @@ let
       # V
     ''} %r |"
 
-    virtual-mailboxes \
-      "Unread" "notmuch://?query=tag:unread"\
-      "INBOX" "notmuch://?query=tag:inbox ${concatMapStringsSep " " (f: "and NOT to:${f}") (flatten (attrValues mailboxes))}"\
-    ${concatMapStringsSep "\n" (i: ''${"  "}"${i.name}" "notmuch://?query=${concatMapStringsSep " or " (f: "to:${f}") i.value}"\'') (mapAttrsToList nameValuePair mailboxes)}
-      "BOX" "notmuch://?query=${concatMapStringsSep " and " (f: "NOT to:${f}") (flatten (attrValues mailboxes))}"\
-      "TODO" "notmuch://?query=tag:TODO"\
-      "Starred" "notmuch://?query=tag:*"\
-      "Archive" "notmuch://?query=tag:archive"\
-      "Sent" "notmuch://?query=tag:sent"\
-      "Junk" "notmuch://?query=tag:junk"
+    virtual-mailboxes "INBOX" "notmuch://?query=tag:inbox ${concatMapStringsSep " " (f: "and NOT ${f}") (flatten (attrValues mailboxes))}"
+    virtual-mailboxes "Unread" "notmuch://?query=tag:unread"
+    ${concatMapStringsSep "\n" (i: ''${"  "}virtual-mailboxes "${i.name}" "notmuch://?query=${concatMapStringsSep " or " (f: "${f}") i.value}"'') (mapAttrsToList nameValuePair mailboxes)}
+    virtual-mailboxes "BOX" "notmuch://?query=${concatMapStringsSep " and " (f: "NOT ${f}") (flatten (attrValues mailboxes))}"
+    virtual-mailboxes "TODO" "notmuch://?query=tag:TODO"
+    virtual-mailboxes "Starred" "notmuch://?query=tag:*"
+    virtual-mailboxes "Archive" "notmuch://?query=tag:archive"
+    virtual-mailboxes "Sent" "notmuch://?query=tag:sent"
+    virtual-mailboxes "Junk" "notmuch://?query=tag:junk"
+    virtual-mailboxes "All" "notmuch://?query=*"
 
     tag-transforms "junk"     "k" \
                    "unread"   "u" \
-- 
cgit v1.2.3


From e6eebd606c84d574009c572fad415fcc994d6bea Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:30:52 +0100
Subject: l dcso-dev: enable minio

---
 lass/2configs/dcso-dev.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix
index 04b742acf..ae1c7bc8d 100644
--- a/lass/2configs/dcso-dev.nix
+++ b/lass/2configs/dcso-dev.nix
@@ -57,4 +57,6 @@ in {
   security.sudo.extraConfig = ''
     ${mainUser.name} ALL=(dev) NOPASSWD: ALL
   '';
+
+  services.minio.enable = true;
 }
-- 
cgit v1.2.3


From 0dce0124c6b2a6c4856ed980152a74a6917f7d11 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:31:25 +0100
Subject: l downloading: add daedalus & helios

---
 lass/2configs/downloading.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix
index 9582413ed..8d0fb0d02 100644
--- a/lass/2configs/downloading.nix
+++ b/lass/2configs/downloading.nix
@@ -16,6 +16,8 @@ with import <stockholm/lib>;
         lass.pubkey
         lass-shodan.pubkey
         lass-icarus.pubkey
+        lass-daedalus.pubkey
+        lass-helios.pubkey
         makefu.pubkey
         wine-mors.pubkey
       ];
-- 
cgit v1.2.3


From 05c30004c2c27e97437aef441ddc5ae1724ae03c Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:32:49 +0100
Subject: l exim-smarthost: add even more mails

---
 lass/2configs/exim-smarthost.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 0219f5216..4335c7cab 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -59,6 +59,17 @@ with import <stockholm/lib>;
       { from = "coinexchange@lassul.us"; to = lass.mail; }
       { from = "verwaltung@lassul.us"; to = lass.mail; }
       { from = "gearbest@lassul.us"; to = lass.mail; }
+      { from = "binance@lassul.us"; to = lass.mail; }
+      { from = "bitfinex@lassul.us"; to = lass.mail; }
+      { from = "alternate@lassul.us"; to = lass.mail; }
+      { from = "redacted@lassul.us"; to = lass.mail; }
+      { from = "mytaxi@lassul.us"; to = lass.mail; }
+      { from = "pizza@lassul.us"; to = lass.mail; }
+      { from = "robinhood@lassul.us"; to = lass.mail; }
+      { from = "drivenow@lassul.us"; to = lass.mail; }
+      { from = "aws@lassul.us"; to = lass.mail; }
+      { from = "reddit@lassul.us"; to = lass.mail; }
+      { from = "banggood@lassul.us"; to = lass.mail; }
     ];
     system-aliases = [
       { from = "mailer-daemon"; to = "postmaster"; }
-- 
cgit v1.2.3


From 0670606ddc376d165bb2ebc1846469216565fd6a Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:33:46 +0100
Subject: l logf: add urgency for lass@mors

---
 lass/2configs/logf.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lass/2configs/logf.nix b/lass/2configs/logf.nix
index 03414a745..24b806efa 100644
--- a/lass/2configs/logf.nix
+++ b/lass/2configs/logf.nix
@@ -10,9 +10,13 @@ let
     echelon = "197";
     cloudkrebs = "119";
   };
+  urgent = [
+    "\\blass@mors\\b"
+  ];
 in {
   environment.systemPackages = [
     (pkgs.writeDashBin "logf" ''
+      export LOGF_URGENT=${pkgs.writeJSON "urgent" urgent}
       export LOGF_HOST_COLORS=${pkgs.writeJSON "host-colors" host-colors}
       ${pkgs.logf}/bin/logf ${concatMapStringsSep " " (name: "root@${name}") (attrNames config.lass.hosts)}
     '')
-- 
cgit v1.2.3


From df18d18ab36953a6c4179d5cb638e1d99d2ee182 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:34:58 +0100
Subject: l zsh: add LS_COLORS in zsh menu

---
 lass/2configs/zsh.nix | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/lass/2configs/zsh.nix b/lass/2configs/zsh.nix
index add30fbf1..0a32ce510 100644
--- a/lass/2configs/zsh.nix
+++ b/lass/2configs/zsh.nix
@@ -50,16 +50,15 @@
       #enable automatic rehashing of $PATH
       zstyle ':completion:*' rehash true
 
+      #beautiful colors
       eval $(dircolors -b ${pkgs.fetchFromGitHub {
         owner = "trapd00r";
         repo = "LS_COLORS";
         rev = "master";
         sha256="05lh5w3bgj9h8d8lrbbwbzw8788709cnzzkl8yh7m1dawkpf6nlp";
       }}/LS_COLORS)
-
-      #beautiful colors
       alias ls='ls --color'
-      # zstyle ':completion:*:default' list-colors ''${(s.:.)LS_COLORS}
+      zstyle ':completion:*:default' list-colors ''${(s.:.)LS_COLORS}
 
       #emacs bindings
       bindkey "[7~" beginning-of-line
-- 
cgit v1.2.3


From f7606723eddae1e6a70a4b6374a950ed3503346a Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:35:21 +0100
Subject: l zsh: check for

---
 lass/2configs/zsh.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lass/2configs/zsh.nix b/lass/2configs/zsh.nix
index 0a32ce510..aa3e6731d 100644
--- a/lass/2configs/zsh.nix
+++ b/lass/2configs/zsh.nix
@@ -108,7 +108,7 @@
       fi
 
       #check if in nix shell
-      if test -n "$buildInputs"; then
+      if test -n "$IN_NIX_SHELL"; then
         p_nixshell='%F{green}[s]%f '
         t_nixshell='[s] '
       else
-- 
cgit v1.2.3


From dc2b6931ebfb775f715bc1c3837c20463bcb2418 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:35:55 +0100
Subject: l xserver: add DBUS_SESSION

---
 lass/3modules/xserver/default.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lass/3modules/xserver/default.nix b/lass/3modules/xserver/default.nix
index d16f89f45..cdd80857a 100644
--- a/lass/3modules/xserver/default.nix
+++ b/lass/3modules/xserver/default.nix
@@ -33,6 +33,11 @@ let
         XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" ''
           ${pkgs.xorg.xhost}/bin/xhost +LOCAL: &
           ${xcfg.displayManager.sessionCommands}
+          if test -z "$DBUS_SESSION_BUS_ADDRESS"; then
+            exec ${pkgs.dbus.dbus-launch} --exit-with-session "$0" ""
+          fi
+          export DBUS_SESSION_BUS_ADDRESS
+          ${config.systemd.package}/bin/systemctl --user import-environment DISPLAY DBUS_SESSION_BUS_ADDRESS
           wait
         '';
 
@@ -74,6 +79,7 @@ let
           "-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
           (optional (xcfg.dpi != null) "-dpi ${toString xcfg.dpi}")
         ];
+        User = user.name;
       };
     };
     krebs.xresources.resources.dpi = ''
-- 
cgit v1.2.3


From 75eaf9cf08e6f19d287c0b3aec16663b47f7e367 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:37:48 +0100
Subject: l xmonad: send urgency to dbus

---
 lass/5pkgs/xmonad-lass.nix | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix
index 2dd352bd4..f6e916104 100644
--- a/lass/5pkgs/xmonad-lass.nix
+++ b/lass/5pkgs/xmonad-lass.nix
@@ -36,7 +36,7 @@ import XMonad.Hooks.FloatNext (floatNextHook)
 import XMonad.Hooks.ManageDocks (avoidStruts, ToggleStruts(ToggleStruts))
 import XMonad.Hooks.Place (placeHook, smart)
 import XMonad.Hooks.UrgencyHook (focusUrgent)
-import XMonad.Hooks.UrgencyHook (SpawnUrgencyHook(..), withUrgencyHook)
+import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
 import XMonad.Layout.FixedColumn (FixedColumn(..))
 import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin))
 import XMonad.Layout.NoBorders (smartBorders)
@@ -44,9 +44,20 @@ import XMonad.Layout.SimplestFloat (simplestFloat)
 import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
 import XMonad.Prompt.Window (windowPromptGoto, windowPromptBringCopy)
 import XMonad.Util.EZConfig (additionalKeysP)
+import XMonad.Util.NamedWindows (getName)
+import XMonad.Util.Run (safeSpawn)
 
 import XMonad.Stockholm.Shutdown
 
+data LibNotifyUrgencyHook = LibNotifyUrgencyHook deriving (Read, Show)
+
+instance UrgencyHook LibNotifyUrgencyHook where
+    urgencyHook LibNotifyUrgencyHook w = do
+        name     <- getName w
+        Just idx <- fmap (W.findTag w) $ gets windowset
+
+        safeSpawn "${pkgs.libnotify}/bin/notify-send" [show name, "workspace " ++ idx]
+
 myTerm :: FilePath
 myTerm = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtc"
 
@@ -61,7 +72,7 @@ main = getArgs >>= \case
 main' :: IO ()
 main' = do
     xmonad $ ewmh
-        $ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ")
+        $ withUrgencyHook LibNotifyUrgencyHook
         $ def
             { terminal           = myTerm
             , modMask            = mod4Mask
-- 
cgit v1.2.3


From 2a835111d841770148437fc7692e22c381cf7808 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:38:19 +0100
Subject: l xmonad: add floatHook type

---
 lass/5pkgs/xmonad-lass.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix
index f6e916104..59c95cff7 100644
--- a/lass/5pkgs/xmonad-lass.nix
+++ b/lass/5pkgs/xmonad-lass.nix
@@ -23,6 +23,7 @@ import XMonad
 import qualified XMonad.StackSet as W
 import Control.Monad.Extra (whenJustM)
 import Data.List (isInfixOf)
+import Data.Monoid (Endo)
 import System.Environment (getArgs, lookupEnv)
 import System.Posix.Process (executeFile)
 import XMonad.Actions.CopyWindow (copy, kill1)
@@ -91,11 +92,12 @@ myLayoutHook = defLayout
   where
     defLayout = minimize $ ((avoidStruts $ Tall 1 (3/100) (1/2) ||| Full ||| Mirror (Tall 1 (3/100) (1/2))) ||| FixedColumn 2 80 80 1 ||| simplestFloat)
 
+floatHooks :: Query (Endo WindowSet)
 floatHooks = composeAll . concat $
     [ [ title =? t --> doFloat | t <- myTitleFloats]
     , [ className =? c --> doFloat | c <- myClassFloats ] ]
   where
-      myTitleFloats = [] -- for the KDE "open link" popup from konsole
+      myTitleFloats = []
       myClassFloats = ["Pinentry"] -- for gpg passphrase entry
 
 
-- 
cgit v1.2.3


From 00a4ff15cd413e9eaa82a10b344c176bafdb00c1 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 13 Feb 2018 17:54:24 +0100
Subject: l add daedalus.rsa

---
 krebs/3modules/lass/ssh/daedalus.rsa | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 krebs/3modules/lass/ssh/daedalus.rsa

diff --git a/krebs/3modules/lass/ssh/daedalus.rsa b/krebs/3modules/lass/ssh/daedalus.rsa
new file mode 100644
index 000000000..ad4847974
--- /dev/null
+++ b/krebs/3modules/lass/ssh/daedalus.rsa
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgF3311cZ/JV7lOzo/Crmy6pi0oBYu5klbTb8lU/Yic55XVRyYFtm+KGrNvqkcFgOx803aS7jogJ1N6HCdUAaEl5MzlkOX++h97ihZ/NeQZKDjYEEQYl4ElmIbCRiddpDm0HVX1OGSCtUzhlyDHJ8ieMCb+QVNrpwovlQnp53c/+Z6rGSZWgBMrzP7stlw+XjC1Alhi1M5L+bJfroa7cEcF+J5ZN+J2mWSmkPiQ6+iuk9zRkc5ELO1Vz4MsLoeKwbJrz+uuNVsY7u070pHtsLwbAsYU5vOWJeN/vtEwy51SY/so30FowvivTD9jIJ0xcmAdC56XjWaxttKuqUVBjJqhwqsUI6+AxLESekFXzkfghmG+AJPPkb2pvpVF3k0Ivn14bFBuFv0T2qPHq68Fs19WLTZn+dK3V+RfVkI6bEZaMOUezyBv59yFEY42wMISPw53jkaWqKIxyGCBECi3XlbeQ61FkwE9TElSY+NmoeMu6jPWw7XGDY4Jt6mtKiYu3hVqI5pg4hq3bxB8r2W7LnkDiYfArbzwmrc2zAmgJtY60/Pcwq7hP3LSDEuDDc4gYgpkLNwHjs+CLWqpbQffCFv+oOZj8G92if+dMBOUSBCr6FDqH6wLxZp2cfhud0p/0kLz09nv/PcRohOHdaQSEW7OAhJ5kgg3DuxhwUwOf/3UX5iLvm4WwE/mb7Iki4U3AENKHUWQ7TOrXcQq9AJX57e9CTI+N4phtzp9qur8vjVl2OpYl2Qb/0yQSGM+4wQ/nM4acePMk80oXLb3OJBlPp0CswzoI7kFBD0TUOnFTCkrJWPaZhgjQXyvCzgFKAvXgqWy4riczqLhdBAhc1vT3a18HsqKXE3mhJa6Kjl6r/ZQaDl2zw7uLmWTHhGuUI9w487L36extGuC3Tv8zEvu2UHqhdEcaSDzRQYcv1kRobfhTWjzFHzdA97Kkc+HuFfJk3MzchsjCxqIuDP4r5YauMBMHAIsUlP7Ar/t29WreAGJbCCd2oulkFL+P+8Sp6SksMMhKQvuRcj74n6BETfailv64z2FjT+qzkCsr/gzvWD08EJRZUCpidX2WfMoL396nBf+EgwhFykqoFg2jlJJ7Vggod8CSHUSeBkslhNk/tkv4y+NnsAIgNluVZlxIeKj1UgazohSNQVRHozs2lkuK0Ytl4TsFrE0X3ar7LpwEVvCLj3eh2kg4kNKNN/vOwWxvMlF9uCBq5FUHaBCst/OXeigjfGZ0ZK5iHsZN+R/iIlG+3V3VN1Rm29aPJPSuAgwl/lfPUfUP5c8QiwnDgdHqMi7VcuCpEtcTLjqDHBssqosRTLodcIZY6qLepm5kQgJ2FfcTPi+ZwT3Z/IFH6p/H7NeVbb8rVYeF/zqDJiWbI+gDy0xFnGgOLpFSBdHq679FjtjZk7Exgz3rVD+QsoSB8VYVOSqpHB1LQyQ2qBry+33CNpxlX5GaaLx5sbEKEguaJ+9R7Mbf8zQMa8EAXhqoT96kIj66IEk= lass@daedalus
-- 
cgit v1.2.3


From 397a1c89319cce2c0f37ef5eb308e40954727108 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 14 Feb 2018 01:32:22 +0100
Subject: ma {vbob,sdev}.r: disable vbox guest extensions for now

---
 makefu/1systems/sdev/config.nix | 6 ++++--
 makefu/1systems/vbob/config.nix | 6 +++++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix
index 38c044be4..3e9548aa1 100644
--- a/makefu/1systems/sdev/config.nix
+++ b/makefu/1systems/sdev/config.nix
@@ -6,7 +6,9 @@
     [ # Include the results of the hardware scan.
       <stockholm/makefu>
       (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
-      (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>)
+      { ## Guest Extensions are currently broken
+        # virtualisation.virtualbox.guest.enable = true;
+      }
       <stockholm/makefu/2configs/main-laptop.nix>
       # <secrets/extra-hosts.nix>
 
@@ -50,7 +52,7 @@
   fileSystems."/media/share" = {
     fsType = "vboxsf";
     device = "share";
-    options = [ "rw" "uid=9001" "gid=9001" ];
+    options = [ "rw" "uid=9001" "gid=9001" "nofail" ];
   };
 
 }
diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix
index ffd9deaee..24d42a69b 100644
--- a/makefu/1systems/vbob/config.nix
+++ b/makefu/1systems/vbob/config.nix
@@ -8,8 +8,12 @@
       {
         imports = [<stockholm/makefu/2configs/fs/single-partition-ext4.nix> ];
         boot.loader.grub.device = "/dev/sda";
-        virtualisation.virtualbox.guest.enable = true;
       }
+
+      { ## Virtualbox guest is broken on newer kernel
+        # virtualisation.virtualbox.guest.enable = true;
+      }
+
       # {
       #   imports = [
       #     <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>
-- 
cgit v1.2.3


From 908ad5d3a24ea05f4a0871045ed6271b0953cf25 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 14 Feb 2018 01:33:05 +0100
Subject: ma: add makefu-remote-builder

---
 krebs/3modules/makefu/default.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 56e5c6b82..eccf733dd 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -1038,6 +1038,10 @@ with import <stockholm/lib>;
       inherit (makefu) mail pgp;
       pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDoAtBa10AbiFXfYL4Za7e0CLeXJeH6FhMqVZFqElLkJBKmQ7c7WEMlnuRhEZWSFDXBpaS7p73s5MMOZA13uYv6fI2ipOOwE9Ej1EoMsrQGegBp2VDMo0wnr/sgTL1do+uGI85E/i0uFw0DYhXqlZQk1eK8SdgXYltiVL27IA3NG2kYuoTIvJgRnaPJjTbhLBWti3m586LuO+pBKtcTt1D9EV6wp+6Jum4owPtCgVPQaZfFGYWkEiINV83WX9HoIk4S3bTPLh8Kfp0je0xsioS4T9/cxSPgUie8MjSg0irvLJXRH0JOVuG5NvZTYhAAekwNkHll9CtypPrutjbrXPXf makefu@x";
     };
+    makefu-remote-builder = {
+      inherit (makefu) mail gpg;
+      pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPlhb0TIBW9RN9T8Is4YRIc1RjOg+cxbZCaDjbM4zxrX nixBuild";
+    };
     makefu-bob = {
       inherit (makefu) mail pgp;
       pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+fEK1bCB8cdDiBzXBXEWLFQyp/7xjNGQ5GyqHOtgxxe6Ypb0kAaWJaG3Ak/qI/nToGKwkQJLsuYNA3lZj2rFyBdoxnNO3kRFTc7NoaU5mC2BlHbpmn9dzvgiBoRAKAlzj/022u65SI19AFciKXtwqQfjuB3mPVOFOfCFB2SYjjWb8ffPnHp6PB5KKNLxaVPCbZgOdSju25/wB2lY00W8WIDOTqfbNClQnjkLsUZpTuRnvpHTemKtt1FH+WBZiMwMXRt19rm9LFSO7pvrZjdJz0l1TZVsODkbKZzQzSixoCPmdpPPAYaqrGUQpmukXk0xQtR3E2jEsk+FJv4AkIKqD";
-- 
cgit v1.2.3


From ac824ebe74912dc8cc3224a10f0d10973f6449c5 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 14 Feb 2018 01:33:29 +0100
Subject: ma gum.r: add workr

---
 makefu/1systems/gum/config.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index a656fdce3..b859efc94 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -148,6 +148,11 @@ in {
             allowedIPs = [ "10.244.0.5/32" ];
             publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw=";
           }
+          {
+            # workr
+            allowedIPs = [ "10.244.0.6/32" ];
+            publicKey = "OFhCF56BrV9tjqW1sxqXEKH/GdqamUT1SqZYSADl5GA=";
+          }
           ];
         };
       }
-- 
cgit v1.2.3


From f2eedeff52caa97245db1e47d2e2413d1c991d09 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 14 Feb 2018 01:33:51 +0100
Subject: ma omo.r: add cryptDisk3

---
 makefu/1systems/omo/config.nix | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index 1e087fef4..4e0d2a05f 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -25,16 +25,18 @@ let
   # |       |
   # |*      |
   # |* d2   |
-  # |  * r0 |
+  # |  *    |
+  # |  *    |
   # |_______|
   cryptDisk0 = byid "ata-ST2000DM001-1CH164_Z240XTT6";
   cryptDisk1 = byid "ata-TP02000GB_TPW151006050068";
   cryptDisk2 = byid "ata-ST4000DM000-1F2168_Z303HVSG";
+  cryptDisk3 = byid "ata-ST8000DM004-2CX188_ZCT01SG4";
   # cryptDisk3 = byid "ata-WDC_WD20EARS-00MVWB0_WD-WMAZA1786907";
   # all physical disks
 
   # TODO callPackage ../3modules/MonitorDisks { disks = allDisks }
-  dataDisks = [ cryptDisk0 cryptDisk1 cryptDisk2 ];
+  dataDisks = [ cryptDisk0 cryptDisk1 cryptDisk2 cryptDisk3 ];
   allDisks = [ rootDisk ] ++ dataDisks;
 in {
   imports =
@@ -127,6 +129,7 @@ in {
 
   makefu.snapraid = {
     enable = true;
+    # TODO: 3 is not protected
     disks = map toMapper [ 0 1 ];
     parity = toMapper 2;
   };
@@ -139,7 +142,7 @@ in {
   '';
   environment.systemPackages = with pkgs;[
     mergerfs # hard requirement for mount
-    wol # wake up filepimp
+    wol      # wake up filepimp
     f3
   ];
   fileSystems = let
@@ -151,6 +154,7 @@ in {
   in   cryptMount "crypt0"
     // cryptMount "crypt1"
     // cryptMount "crypt2"
+    // cryptMount "crypt3"
     // { "/media/cryptX" = {
             device = (lib.concatMapStringsSep ":" (d: (toMapper d)) [ 0 1 2 ]);
             fsType = "mergerfs";
@@ -179,6 +183,7 @@ in {
         (usbkey "crypt0" cryptDisk0)
         (usbkey "crypt1" cryptDisk1)
         (usbkey "crypt2" cryptDisk2)
+        (usbkey "crypt3" cryptDisk3)
       ];
     };
     loader.grub.device = lib.mkForce rootDisk;
-- 
cgit v1.2.3


From ed60f4e68c5d0422dcf702d35a3be9d9ef2503bf Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 14 Feb 2018 01:34:17 +0100
Subject: ma tools/mobility: re-introduce working exfat-nofuse

---
 makefu/2configs/tools/mobility.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/makefu/2configs/tools/mobility.nix b/makefu/2configs/tools/mobility.nix
index f2676f11c..1993a5212 100644
--- a/makefu/2configs/tools/mobility.nix
+++ b/makefu/2configs/tools/mobility.nix
@@ -5,5 +5,5 @@
     mosh
   ];
 
-  # boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
+  boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
 }
-- 
cgit v1.2.3


From 43c2a68a956a9630d0f1841310934065b429ecfd Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 14 Feb 2018 01:34:40 +0100
Subject: ma tools/studio: remove latency_msec

---
 makefu/2configs/tools/studio.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/makefu/2configs/tools/studio.nix b/makefu/2configs/tools/studio.nix
index 0356ba391..e0c68167f 100644
--- a/makefu/2configs/tools/studio.nix
+++ b/makefu/2configs/tools/studio.nix
@@ -9,8 +9,8 @@
     # owncloudclient
     (pkgs.writeScriptBin "prepare-pulseaudio" ''
       pactl load-module module-null-sink sink_name=stream sink_properties=device.description="Streaming"
-      pactl load-module module-loopback source=alsa_output.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo.monitor sink=stream latency_msec=1
-      pactl load-module module-loopback source=alsa_input.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo sink=stream latency_msec=1
+      pactl load-module module-loopback source=alsa_output.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo.monitor sink=stream
+      pactl load-module module-loopback source=alsa_input.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo sink=stream
       darkice -c ~/lol.conf
     '')
   ];
-- 
cgit v1.2.3


From b02b939e7ce78a7d66844a751551f7b0a56532d3 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 14 Feb 2018 01:35:06 +0100
Subject: ma source: cd36b3d -> 51810e0

---
 makefu/source.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/makefu/source.nix b/makefu/source.nix
index f06c9454f..708f0d20c 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -13,7 +13,8 @@ let
               then "buildbot"
               else "makefu";
   _file = <stockholm> + "/makefu/1systems/${name}/source.nix";
-  ref = "cd36b3d"; # nixos-17.09 @ 2018-02-06
+  # TODO: automate updating of this ref + cherry-picks
+  ref = "51810e0"; # nixos-17.09 @ 2018-02-14
                    # + do_sqlite3 ruby: 55a952be5b5
                    # + signal: 0f19beef3
 
-- 
cgit v1.2.3


From dc020a000c544c6eafe217365d76ee993bf4daba Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 14 Feb 2018 08:12:06 +0100
Subject: ma default: fix typo

---
 krebs/3modules/makefu/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index eccf733dd..0bed4d6da 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -1039,7 +1039,7 @@ with import <stockholm/lib>;
       pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDoAtBa10AbiFXfYL4Za7e0CLeXJeH6FhMqVZFqElLkJBKmQ7c7WEMlnuRhEZWSFDXBpaS7p73s5MMOZA13uYv6fI2ipOOwE9Ej1EoMsrQGegBp2VDMo0wnr/sgTL1do+uGI85E/i0uFw0DYhXqlZQk1eK8SdgXYltiVL27IA3NG2kYuoTIvJgRnaPJjTbhLBWti3m586LuO+pBKtcTt1D9EV6wp+6Jum4owPtCgVPQaZfFGYWkEiINV83WX9HoIk4S3bTPLh8Kfp0je0xsioS4T9/cxSPgUie8MjSg0irvLJXRH0JOVuG5NvZTYhAAekwNkHll9CtypPrutjbrXPXf makefu@x";
     };
     makefu-remote-builder = {
-      inherit (makefu) mail gpg;
+      inherit (makefu) mail pgp;
       pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPlhb0TIBW9RN9T8Is4YRIc1RjOg+cxbZCaDjbM4zxrX nixBuild";
     };
     makefu-bob = {
-- 
cgit v1.2.3


From 372d965133cfe224d4cd47f63ec1fd2c8475c1ae Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 14 Feb 2018 08:37:59 +0100
Subject: ma sdev.r: force virtualisation.virtualbox.guest.enable = false

---
 makefu/1systems/sdev/config.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix
index 3e9548aa1..a60a8db66 100644
--- a/makefu/1systems/sdev/config.nix
+++ b/makefu/1systems/sdev/config.nix
@@ -5,9 +5,10 @@
   imports =
     [ # Include the results of the hardware scan.
       <stockholm/makefu>
+
       (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
       { ## Guest Extensions are currently broken
-        # virtualisation.virtualbox.guest.enable = true;
+        virtualisation.virtualbox.guest.enable = lib.mkForce true;
       }
       <stockholm/makefu/2configs/main-laptop.nix>
       # <secrets/extra-hosts.nix>
-- 
cgit v1.2.3


From 931e25894dc43f7c7e37026f3cc29427aa07ba80 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 14 Feb 2018 09:41:59 +0100
Subject: ma vbox-guest: init

---
 makefu/1systems/sdev/config.nix   | 19 ++++++-------------
 makefu/1systems/vbob/config.nix   | 40 ++++-----------------------------------
 makefu/2configs/hw/vbox-guest.nix | 16 ++++++++++++++++
 3 files changed, 26 insertions(+), 49 deletions(-)
 create mode 100644 makefu/2configs/hw/vbox-guest.nix

diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix
index a60a8db66..81e8cd4d1 100644
--- a/makefu/1systems/sdev/config.nix
+++ b/makefu/1systems/sdev/config.nix
@@ -6,9 +6,12 @@
     [ # Include the results of the hardware scan.
       <stockholm/makefu>
 
-      (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
-      { ## Guest Extensions are currently broken
-        virtualisation.virtualbox.guest.enable = lib.mkForce true;
+      <stockholm/makefu/2configs/hw/vbox-guest.nix>
+      { # until virtualbox-image is fixed
+        imports = [
+            <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
+          ];
+        boot.loader.grub.device = "/dev/sda";
       }
       <stockholm/makefu/2configs/main-laptop.nix>
       # <secrets/extra-hosts.nix>
@@ -17,11 +20,6 @@
       <stockholm/makefu/2configs/tinc/retiolum.nix>
 
     ];
-  # workaround for https://github.com/NixOS/nixpkgs/issues/16641
-  services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ];
-
-  nixpkgs.config.allowUnfree = true;
-
   # allow sdev to deploy self
   users.extraUsers = {
     root = {
@@ -50,10 +48,5 @@
     8010
   ];
 
-  fileSystems."/media/share" = {
-    fsType = "vboxsf";
-    device = "share";
-    options = [ "rw" "uid=9001" "gid=9001" "nofail" ];
-  };
 
 }
diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix
index 24d42a69b..c74f6edbe 100644
--- a/makefu/1systems/vbob/config.nix
+++ b/makefu/1systems/vbob/config.nix
@@ -9,33 +9,8 @@
         imports = [<stockholm/makefu/2configs/fs/single-partition-ext4.nix> ];
         boot.loader.grub.device = "/dev/sda";
       }
-
-      { ## Virtualbox guest is broken on newer kernel
-        # virtualisation.virtualbox.guest.enable = true;
-      }
-
-      # {
-      #   imports = [
-      #     <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>
-      #   ];
-      #   virtualbox.baseImageSize = 35 * 1024;
-      #   fileSystems."/media/share" = {
-      #     fsType = "vboxsf";
-      #     device = "share";
-      #     options = [ "rw" "uid=9001" "gid=9001" ];
-      #   };
-      # }
-
-      # {
-      #   imports = [
-      #     <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
-      #   ];
-      #   fileSystems."/nix" = {
-      #     device ="/dev/disk/by-label/nixstore";
-      #     fsType = "ext4";
-      #   };
-      # }
-
+      <stockholm/makefu/2configs/hw/vbox-guest.nix>
+      # <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
 
       # base gui
       # <stockholm/makefu/2configs/main-laptop.nix>
@@ -79,14 +54,8 @@
     ];
   networking.extraHosts = import (toString <secrets/extra-hosts.nix>);
 
-  nixpkgs.config.allowUnfree = true;
-
   # allow vbob to deploy self
-  users.extraUsers = {
-    root = {
-        openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey  ];
-    };
-  };
+  users.extraUsers.root.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey  ];
 
   environment.shellAliases = {
     forti  = "cat ~/vpn/pw.txt | xclip; sudo forticlientsslvpn";
@@ -107,7 +76,6 @@
     #devpi-client
     ansible
   ];
-  # virtualisation.docker.enable = true;
 
 
   networking.firewall.allowedTCPPorts = [
@@ -115,6 +83,6 @@
     80
     8010
   ];
-
+  # required for qemu
   systemd.services."serial-getty@ttyS0".enable = true;
 }
diff --git a/makefu/2configs/hw/vbox-guest.nix b/makefu/2configs/hw/vbox-guest.nix
new file mode 100644
index 000000000..3ba8ef902
--- /dev/null
+++ b/makefu/2configs/hw/vbox-guest.nix
@@ -0,0 +1,16 @@
+{ lib, ...}:
+{
+  ## Guest Extensions are currently broken
+  imports = [
+    # (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
+  ];
+  # virtualisation.virtualbox.guest.enable = true;
+  services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ];
+
+  fileSystems."/media/share" = {
+    fsType = "vboxsf";
+    device = "share";
+    options = [ "rw" "uid=9001" "gid=9001" "nofail" ];
+  };
+  # virtualbox.baseImageSize = 35 * 1024;
+}
-- 
cgit v1.2.3


From cd31fcaefa6349248bd1a437027e83c7e05b22af Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 14 Feb 2018 09:49:57 +0100
Subject: ma docker: use 2configs

---
 makefu/1systems/omo/config.nix  | 2 +-
 makefu/1systems/sdev/config.nix | 4 +---
 makefu/1systems/vbob/config.nix | 1 -
 3 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index 4e0d2a05f..01438397e 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -71,6 +71,7 @@ in {
       <stockholm/makefu/2configs/mqtt.nix>
       <stockholm/makefu/2configs/remote-build/slave.nix>
       <stockholm/makefu/2configs/deployment/google-muell.nix>
+      <stockholm/makefu/2configs/virtualisation/docker.nix>
 
 
       # security
@@ -119,7 +120,6 @@ in {
   services.sabnzbd.enable = true;
   systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
 
-  virtualisation.docker.enable = true;
   makefu.ps3netsrv = {
     enable = true;
     servedir = "/media/cryptX/emu/ps3";
diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix
index 81e8cd4d1..7a87362d8 100644
--- a/makefu/1systems/sdev/config.nix
+++ b/makefu/1systems/sdev/config.nix
@@ -18,6 +18,7 @@
 
       # environment
       <stockholm/makefu/2configs/tinc/retiolum.nix>
+      <stockholm/makefu/2configs/virtualisation/docker.nix>
 
     ];
   # allow sdev to deploy self
@@ -31,7 +32,6 @@
     ppp xclip
     get
     passwdqc-utils
-    docker
     gnupg
     populate
     (pkgs.writeScriptBin "tor-browser" ''
@@ -40,8 +40,6 @@
     '')
   ];
 
-  virtualisation.docker.enable = true;
-
   networking.firewall.allowedTCPPorts = [
     25
     80
diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix
index c74f6edbe..1f68ad9c2 100644
--- a/makefu/1systems/vbob/config.nix
+++ b/makefu/1systems/vbob/config.nix
@@ -71,7 +71,6 @@
     fortclientsslvpn ppp xclip
     get
     logstash
-  #  docker
     #devpi-web
     #devpi-client
     ansible
-- 
cgit v1.2.3


From 3a3e168c8a5731038a7fd05808f7ebdf73b1abe8 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 14 Feb 2018 23:27:37 +0100
Subject: tv gitrepos: drop redundant fetch permissions

Everybody already has permission to fetch via HTTP.
---
 tv/2configs/gitrepos.nix | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index 2c4b4868e..dc50be4f1 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -128,11 +128,6 @@ let {
         repo = [ repo ];
         perm = push "refs/*" [ non-fast-forward create delete merge ];
       } ++
-      optional repo.public {
-        user = attrValues config.krebs.users;
-        repo = [ repo ];
-        perm = fetch;
-      } ++
       optional (repo.collaborators or [] != []) {
         user = repo.collaborators;
         repo = [ repo ];
-- 
cgit v1.2.3


From 1ccef680d2497903a988663e4114487315a99f39 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 15 Feb 2018 10:17:41 +0100
Subject: ma x.r: init wireguard, disable wifi, enable pcmanfm

---
 makefu/1systems/x/config.nix | 34 +++++++++++++++++++++++++++++++++-
 1 file changed, 33 insertions(+), 1 deletion(-)

diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index d5a9bdcfb..8d18b4506 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -60,7 +60,7 @@ with import <stockholm/lib>;
       # Hardware
       <stockholm/makefu/2configs/hw/tp-x230.nix>
       # <stockholm/makefu/2configs/hw/tpm.nix>
-      <stockholm/makefu/2configs/hw/rtl8812au.nix>
+      # <stockholm/makefu/2configs/hw/rtl8812au.nix>
       <stockholm/makefu/2configs/hw/network-manager.nix>
       <stockholm/makefu/2configs/hw/stk1160.nix>
       # <stockholm/makefu/2configs/rad1o.nix>
@@ -78,6 +78,38 @@ with import <stockholm/lib>;
       # <stockholm/makefu/2configs/lanparty/lancache-dns.nix>
       # <stockholm/makefu/2configs/lanparty/samba.nix>
       # <stockholm/makefu/2configs/lanparty/mumble-server.nix>
+      # <stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
+
+      {
+        networking.wireguard.interfaces.wg0 = {
+          ips = [ "10.244.0.2/24" ];
+          privateKeyFile = (toString <secrets>) + "/wireguard.key";
+          allowedIPsAsRoutes = true;
+          peers = [
+          {
+            # gum
+            endpoint = "${config.krebs.hosts.gum.nets.internet.ip4.addr}:51820";
+            allowedIPs = [ "10.244.0.0/24" ];
+            publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo=";
+          }
+          #{
+          #  # vbob
+          #  allowedIPs = [ "10.244.0.3/32" ];
+          #  publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw=";
+          #}
+          ];
+        };
+      }
+
+      { # auto-mounting
+        services.udisks2.enable = true;
+        services.devmon.enable = true;
+        # services.gnome3.gvfs.enable = true;
+        users.users.makefu.packages = with pkgs;[
+          gvfs pcmanfm lxmenu-data
+        ];
+        environment.variables.GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ];
+      }
 
     ];
 
-- 
cgit v1.2.3


From 11a7d704e22f56c83c1af3c8ca0bfcbb510316f2 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 15 Feb 2018 13:18:17 +0100
Subject: nixpkgs: 2062ac5 -> c831224

---
 krebs/source.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/source.nix b/krebs/source.nix
index 27450c2a3..73ebf135d 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -18,7 +18,7 @@ in
       stockholm.file = toString <stockholm>;
       nixpkgs.git = {
         url = https://github.com/NixOS/nixpkgs;
-        ref = "2062ac5aa2dc0770322272e3d2b647cf431dd893"; # nixos-17.09 @ 2018-02-09
+        ref = "c831224528cd6bfd49bfc2c18b9c5d9015651077"; # nixos-17.09 @ 2018-02-15
       };
     }
     override
-- 
cgit v1.2.3


From 5187d0177c2c347838bac00fa981703bfd9a983e Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 15 Feb 2018 14:12:17 +0100
Subject: l wine: remove wine64

---
 lass/2configs/wine.nix | 15 ---------------
 1 file changed, 15 deletions(-)

diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix
index d60b1feea..dd82b34eb 100644
--- a/lass/2configs/wine.nix
+++ b/lass/2configs/wine.nix
@@ -19,23 +19,8 @@ in {
         pkgs.wine
       ];
     };
-    wine64 = {
-      name = "wine64";
-      description = "user for running wine in 64bit";
-      home = "/home/wine64";
-      useDefaultShell = true;
-      extraGroups = [
-        "audio"
-        "video"
-      ];
-      createHome = true;
-      packages = [
-        (pkgs.wine.override { wineBuild = "wineWow"; })
-      ];
-    };
   };
   security.sudo.extraConfig = ''
     ${mainUser.name} ALL=(wine) NOPASSWD: ALL
-    ${mainUser.name} ALL=(wine64) NOPASSWD: ALL
   '';
 }
-- 
cgit v1.2.3


From 69247ffe949fa6918a4e5667c211c2f3643cb086 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 15 Feb 2018 19:21:53 +0100
Subject: exim: RIP

nixpkgs has caught up
---
 krebs/5pkgs/simple/exim/default.nix | 64 -------------------------------------
 1 file changed, 64 deletions(-)
 delete mode 100644 krebs/5pkgs/simple/exim/default.nix

diff --git a/krebs/5pkgs/simple/exim/default.nix b/krebs/5pkgs/simple/exim/default.nix
deleted file mode 100644
index 4911c1d9c..000000000
--- a/krebs/5pkgs/simple/exim/default.nix
+++ /dev/null
@@ -1,64 +0,0 @@
-{ coreutils, fetchurl, db, openssl, pcre, perl, pkgconfig, stdenv }:
-
-stdenv.mkDerivation rec {
-  name = "exim-4.90.1";
-
-  src = fetchurl {
-    url = "http://ftp.exim.org/pub/exim/exim4/${name}.tar.xz";
-    sha256 = "09ppq8l7cah6dcqwdvpa6r12i6fdcd9lvxlfp18mggj3438xz62w";
-  };
-
-  nativeBuildInputs = [ pkgconfig ];
-  buildInputs = [ coreutils db openssl pcre perl ];
-
-  preBuild = ''
-    sed '
-      s:^\(BIN_DIRECTORY\)=.*:\1='"$out"'/bin:
-      s:^\(CONFIGURE_FILE\)=.*:\1=/etc/exim.conf:
-      s:^\(EXIM_USER\)=.*:\1=ref\:nobody:
-      s:^\(SPOOL_DIRECTORY\)=.*:\1=/exim-homeless-shelter:
-      s:^# \(SUPPORT_MAILDIR\)=.*:\1=yes:
-      s:^EXIM_MONITOR=.*$:# &:
-      s:^\(FIXED_NEVER_USERS\)=root$:\1=0:
-      s:^# \(WITH_CONTENT_SCAN\)=.*:\1=yes:
-      s:^# \(AUTH_PLAINTEXT\)=.*:\1=yes:
-      s:^# \(SUPPORT_TLS\)=.*:\1=yes:
-      s:^# \(USE_OPENSSL_PC=openssl\)$:\1:
-      s:^# \(LOG_FILE_PATH=syslog\)$:\1:
-      s:^# \(HAVE_IPV6=yes\)$:\1:
-      s:^# \(CHOWN_COMMAND\)=.*:\1=${coreutils}/bin/chown:
-      s:^# \(CHGRP_COMMAND\)=.*:\1=${coreutils}/bin/chgrp:
-      s:^# \(CHMOD_COMMAND\)=.*:\1=${coreutils}/bin/chmod:
-      s:^# \(MV_COMMAND\)=.*:\1=${coreutils}/bin/mv:
-      s:^# \(RM_COMMAND\)=.*:\1=${coreutils}/bin/rm:
-      s:^# \(TOUCH_COMMAND\)=.*:\1=${coreutils}/bin/touch:
-      s:^# \(PERL_COMMAND\)=.*:\1=${perl}/bin/perl:
-      #/^\s*#.*/d
-      #/^\s*$/d
-    ' < src/EDITME > Local/Makefile
-  '';
-
-  installPhase = ''
-    mkdir -p $out/bin $out/share/man/man8
-    cp doc/exim.8 $out/share/man/man8
-
-    ( cd build-Linux-*
-      cp exicyclog exim_checkaccess exim_dumpdb exim_lock exim_tidydb \
-        exipick exiqsumm exigrep exim_dbmbuild exim exim_fixdb eximstats \
-        exinext exiqgrep exiwhat \
-        $out/bin )
-
-    ( cd $out/bin
-      for i in mailq newaliases rmail rsmtp runq sendmail; do
-        ln -s exim $i
-      done )
-  '';
-
-  meta = {
-    homepage = http://exim.org/;
-    description = "A mail transfer agent (MTA)";
-    license = stdenv.lib.licenses.gpl3;
-    platforms = stdenv.lib.platforms.linux;
-    maintainers = [ stdenv.lib.maintainers.tv ];
-  };
-}
-- 
cgit v1.2.3


From cdf69ce25896caf40932c0389b33b2fa9c3ab77a Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 16 Feb 2018 20:48:56 +0100
Subject: ma vbox-guest: remove from vhosts, prepare for working upstream

---
 makefu/1systems/sdev/config.nix   | 2 +-
 makefu/1systems/vbob/config.nix   | 2 +-
 makefu/2configs/hw/vbox-guest.nix | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix
index 7a87362d8..d209a0781 100644
--- a/makefu/1systems/sdev/config.nix
+++ b/makefu/1systems/sdev/config.nix
@@ -6,7 +6,7 @@
     [ # Include the results of the hardware scan.
       <stockholm/makefu>
 
-      <stockholm/makefu/2configs/hw/vbox-guest.nix>
+     #  <stockholm/makefu/2configs/hw/vbox-guest.nix>
       { # until virtualbox-image is fixed
         imports = [
             <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix
index 1f68ad9c2..64709de3c 100644
--- a/makefu/1systems/vbob/config.nix
+++ b/makefu/1systems/vbob/config.nix
@@ -9,7 +9,7 @@
         imports = [<stockholm/makefu/2configs/fs/single-partition-ext4.nix> ];
         boot.loader.grub.device = "/dev/sda";
       }
-      <stockholm/makefu/2configs/hw/vbox-guest.nix>
+      # <stockholm/makefu/2configs/hw/vbox-guest.nix>
       # <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
 
       # base gui
diff --git a/makefu/2configs/hw/vbox-guest.nix b/makefu/2configs/hw/vbox-guest.nix
index 3ba8ef902..65f915a2f 100644
--- a/makefu/2configs/hw/vbox-guest.nix
+++ b/makefu/2configs/hw/vbox-guest.nix
@@ -2,9 +2,9 @@
 {
   ## Guest Extensions are currently broken
   imports = [
-    # (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
+    (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
   ];
-  # virtualisation.virtualbox.guest.enable = true;
+  virtualisation.virtualbox.guest.enable = true;
   services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ];
 
   fileSystems."/media/share" = {
-- 
cgit v1.2.3


From 24b8fbc40be4008bb32697309c729df72132454d Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 16 Feb 2018 21:56:41 +0100
Subject: ma x.r: vbox+extensionpack does not build

---
 makefu/1systems/x/config.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 8d18b4506..b4d4aa66e 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -40,7 +40,7 @@ with import <stockholm/lib>;
       # Virtualization
       <stockholm/makefu/2configs/virtualisation/libvirt.nix>
       <stockholm/makefu/2configs/virtualisation/docker.nix>
-      <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
+      # <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
       {
         networking.firewall.allowedTCPPorts = [ 8080 ];
         networking.nat = {
-- 
cgit v1.2.3


From b28b86580d22e67d9a0552e96841643f77e03927 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 16 Feb 2018 21:57:05 +0100
Subject: ma sdev.,vbob.r: allow unfree

---
 makefu/1systems/sdev/config.nix | 2 ++
 makefu/1systems/vbob/config.nix | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix
index d209a0781..c2cd23d1e 100644
--- a/makefu/1systems/sdev/config.nix
+++ b/makefu/1systems/sdev/config.nix
@@ -27,6 +27,8 @@
         openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey  ];
     };
   };
+  # corefonts
+  nixpkgs.config.allowUnfree = true;
 
   environment.systemPackages = with pkgs;[
     ppp xclip
diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix
index 64709de3c..208dd1ff7 100644
--- a/makefu/1systems/vbob/config.nix
+++ b/makefu/1systems/vbob/config.nix
@@ -67,6 +67,10 @@
     ln -fs ${pkgs.ppp}/bin/pppd /usr/sbin/pppd
     ln -fs ${pkgs.coreutils}/bin/tail /usr/bin/tail
   '';
+
+  # for forticlient
+  nixpkgs.config.allowUnfree = true;
+
   environment.systemPackages = with pkgs;[
     fortclientsslvpn ppp xclip
     get
-- 
cgit v1.2.3


From 94c59247d13622b0293be54cdb5893526434f5d1 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Sun, 18 Feb 2018 10:41:57 +0100
Subject: brauerei: +backlight

---
 jeschli/1systems/brauerei/config.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix
index e4109c638..eb2bb11d2 100644
--- a/jeschli/1systems/brauerei/config.nix
+++ b/jeschli/1systems/brauerei/config.nix
@@ -79,6 +79,8 @@
     jetbrains.goland
   # document viewer
     zathura
+  # xorg
+    xorg.xbacklight
   ];
 
   # Some programs need SUID wrappers, can be configured further or are
-- 
cgit v1.2.3


From 99b28c290fe92f74dcfa75f5d0d173447b96bab9 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 19 Feb 2018 00:19:41 +0100
Subject: l icarus.r: update ssh pubkey

---
 krebs/3modules/lass/ssh/icarus.rsa | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/3modules/lass/ssh/icarus.rsa b/krebs/3modules/lass/ssh/icarus.rsa
index e3cb74081..1126c331e 100644
--- a/krebs/3modules/lass/ssh/icarus.rsa
+++ b/krebs/3modules/lass/ssh/icarus.rsa
@@ -1 +1 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDm4qnRU8/Zyb+7x/QxW1grN+i1qcN39Sr/TSkBdccAPyfPdk8ph/G+wZKgsyr9sl5CgbA4hOsqDBN97dp4dKghKARuk0GldHDgo+2odWwBTa4EOSmE4Bfj3z7r9tW33Y+ujy55L4w5Qw21lj51mbhc0qvC/03xypEeKsLM0RtNAf8TsdGMPGmbha7uCF75VjFJvrHysbjonh6ZQ+Or8N0MSNABZ9oawJQxxBUqtLFhnq20zCJmm281f9GS/EaGYwcpOjiHd4fj3XWyfEIJRK/LRBZXkidvVDN7mhOQY3G+qiGZfPeyged9CRDRFoc5QbZ43NtrmPS+yUtjHQZKynkjI0lA00fegRzb0FkEJmYSy1Vdqgj338CjNwcuTaKJTw2EotMqMuHyk1FllnphafJtgMTMLIGoZRTpJpC91gbP0MGTnRoCwD4McZcz1YD3cxng101QsLsDv/FPxzbyxr+P6rjBB6eP6IhP4k4ALjWzoMURdCo1BW4//zt+PXImUpcX2+urtAMmVBQ8BwZry1hsEcR+r6C1Yb+jzeWGnvtfjXSFv+ZjpA0eEnqeKeh3LDCxybjkok51zdTe97EZ0sDAnKcnrVzpXJwehY02E2N9Sw1HhvWIUUulr09a2bC2rYR7HWryOjaEzT2aKmUyrxPkflCawB8gn2iSbVMWK74VJw== lass@icarus
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgEuFS5MwYQRF+0MKAQvyv6O+0ky0QnOKGMVZgFXE4g2JrByTCXQAeQmyJquM1wl9IRD63res8ZguMoAz2PkHfNbRSSsR7pH/G3DaJRl0VGf14zO3bjBbogQ45j1Bwxi78h44SDmuBAkp0t76ca16kWGhwEVt03+8sqmbLV90RjHZlrFw2sDgTu35SDz1q/ZzkdyFP3xSIBUnsQD64qRLMx64yLcBp0uu2h7gBBCVyA1T+VR3Nc1yIOyv0nUaqEHz+CDATtFlgGTgT6cCXoIPN0QAuIa3pDxt7htD/POsWuFbpbqrBQVcgun5s3J5X0OmNyoqGqqubcycvuYipZUjBCxyTb7RxCqj2oR8alSaeGZm64I0VSGX/iSCtXKaEJqBbxwNUgDH6B2oUeZbRwgPl/SG8vBku1oKzt/36IBoY8HttcosqLkfTquyyO7KVtOBu04geCmmiqJpSV4j5iYMxvrD0AQ3JJmrcbzUYoCGxlYO19TPsa+Ybhn/E8suach75+DIPj5LacYAh9Wjirw67Kg5QyYEt8XGTR2xxF78CFi0JGBRcyorPfFPLznmVntqJLe6dGNL3njgdD0Ocz8V5ktk1pjY5D2nG8GXfd45NQl2QjTLYnYX4dGuudBXth0nEJMv/MRHZrXVViIqwazdq4mA5z1Yu4Tb3l17d2cAZobzdut6JuZbd7itXAPIiY0vEWXr8lpEuE8Uz9mz8aPxZlhmHSXvNcwhq+i2+cFO8OPwUGbnE2cAHpymlQ3aDRgpptAIMU2LjIAblqsvA72asJpuRqu7ZOoy0vVRCOhktIzZXWR9hF5/CM/7NZ5skvHzYlmgkvnuu4jDDGusF32Zyiip0WJg+Iijqe8VpOqCup5UEF5QG32yQwaZDrKd71hq7Z1xNe0vEPN8yCxpes8hWafYY9m8YRrUduDVlOon7SzmdU76RPn2oF6udCGP7A/hEeRiwrDaRuIwchh99Xw3LioxXNzLYB1aXd+yKuZyhW+witC20ISdyZz7JPIrb49JCGH8FtbcDzD1B8Xd1By34POfhxriSr9UG5Hj9LGbA3/aKMOajZdcbrKXorUrKdhAuZv1z4rjW5iwYgXF2G/nseeCOw+DPEcB3GexsyCTUzSjJ6fy3Aqlzppwttx5MfkbNhPZWRCfDX3i0g8e0aFlgvlj99aGgUQeEpYg8peZhe1lxl25Ftc0R7pYmXPDeCY1yWxZiXZ3YtVVr43c/FEaQHXfkZ2I+t5lG6CmgJhhYjUry5Sx4/NgfBvpmU22cIBWNmyTn9q3gDFmeoIiTwlF654K7NnsWrdKr2L2fGI10Xe/J/GYkkzX39e5bToQPXh23gUfIr7faYEPBsVU/SaEkWNHojzf/NKjPT0utvlFr0HqnFYSdk4wpWzcrhii7E/UhgKvpA/k2Vlj4ZhkejfZXQWxRbJzejkVSJcUGim+Dt1WUZJXVOgEkJ3WA6z+ha2FN2sBDdvRKlad55aelvRrbu3/vPzEuE= lass@icarus
-- 
cgit v1.2.3


From 8b3916ad4ada99d4e48d8ad1a85f5dd8d4d40457 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 19 Feb 2018 00:20:23 +0100
Subject: l helios.r: add minio.cert

---
 lass/1systems/helios/config.nix | 37 +++++++++++++++++++++++++++++--------
 1 file changed, 29 insertions(+), 8 deletions(-)

diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix
index 5a553572e..c4d99cb2c 100644
--- a/lass/1systems/helios/config.nix
+++ b/lass/1systems/helios/config.nix
@@ -137,14 +137,35 @@ with import <stockholm/lib>;
   networking.hostName = lib.mkForce "BLN02NB0162";
 
   security.pki.certificateFiles = [
-   (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "14vz9c0fk6li0a26vx0s5ha6y3yivnshx9pjlh9vmnpkbph5a7rh"; })
-   (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "0r1dd48a850cv7whk4g2maik550rd0vsrsl73r6x0ivzz7ap1xz5"; })
-   (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "0b5cdchdkvllnr0kz35d8jrmrf9cjw0kd98mmvzr0x6nkc8hwpdy"; })
-
-   (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "0rn57zv1ry9vj4p2248mxmafmqqmdhbrfx1plszrxsphshbk2hfz"; })
-   (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "0w88qaqhwxzvdkx40kzj2gka1yi85ipppjdkxah4mscwfhlryrnk"; })
-   (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; })
-   (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; })
+    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "14vz9c0fk6li0a26vx0s5ha6y3yivnshx9pjlh9vmnpkbph5a7rh"; })
+    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "0r1dd48a850cv7whk4g2maik550rd0vsrsl73r6x0ivzz7ap1xz5"; })
+    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "0b5cdchdkvllnr0kz35d8jrmrf9cjw0kd98mmvzr0x6nkc8hwpdy"; })
+
+    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "0rn57zv1ry9vj4p2248mxmafmqqmdhbrfx1plszrxsphshbk2hfz"; })
+    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "0w88qaqhwxzvdkx40kzj2gka1yi85ipppjdkxah4mscwfhlryrnk"; })
+    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; })
+    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; })
+    (pkgs.writeText "minio.cert" ''
+      -----BEGIN CERTIFICATE-----
+      MIIDFDCCAfygAwIBAgIQBEKYm9VmbR6T/XNLP2P5kDANBgkqhkiG9w0BAQsFADAS
+      MRAwDgYDVQQKEwdBY21lIENvMB4XDTE4MDIxNDEyNTk1OVoXDTE5MDIxNDEyNTk1
+      OVowEjEQMA4GA1UEChMHQWNtZSBDbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+      AQoCggEBAMmRGUTMDxOaoEZ3osG1ZpGj4enHl6ToWaoCXvRXvI6RB/99QOFlwLdL
+      8lGjIbXyovNkH686pVsfgCTOLRGzftWHmWgfmaSUv0TToBW8F9DN4ww9YgiLZjvV
+      YZunRyp1n0x9OrBXMs7xEBBa4q0AG1IvlRJTrd7CW519FlVq7T95LLB7P6t6K54C
+      ksG4kEzXLRPD/FMdU7LWbhWnQSOxPMCq8erTv3kW3A3Y9hSAKOFQKQHH/3O2HDrM
+      CbK5ldNklswg2rIHxx7kg1fteLD1lVCNPfCMfuwlLUaMeoRZ03HDof8wFlRz3pzw
+      hQRWPvfLfRvFCZ0LFNvfgAqXtmG/ywUCAwEAAaNmMGQwDgYDVR0PAQH/BAQDAgKk
+      MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wLAYDVR0RBCUw
+      I4IJbG9jYWxob3N0ggZoZWxpb3OCCGhlbGlvcy5yhwR/AAABMA0GCSqGSIb3DQEB
+      CwUAA4IBAQBzrPb3NmAn60awoJG3d4BystaotaFKsO3iAnP4Lfve1bhKRELIjJ30
+      hX/mRYkEVRbfwKRgkkLab4zpJ/abjb3DjFNo8E4QPNeCqS+8xxeBOf7x61Kg/0Ox
+      jRQ95fTATyItiChwNkoxYjVIwosqxBVsbe3KxwhkmKPQ6wH/nvr6URX/IGUz2qWY
+      EqHdjsop83u4Rjn3C0u46U0P+W4U5IFiLfcE3RzFFYh67ko5YEhkyXP+tBNSgrTM
+      zFisVoQZdXpMCWWxBVWulB4FvvTx3jKUPRZVOrfexBfY4TA/PyhXLoz7FeEK9n2a
+      qFkrxy+GrHBXfSRZgCaHQFdKorg2fwwa
+      -----END CERTIFICATE-----
+    '')
   ];
 
   lass.screenlock.command = "${pkgs.i3lock}/bin/i3lock -i /home/lass/lock.png -t -f";
-- 
cgit v1.2.3


From d8c6ef4d103da4701092dc8120abe63bb855014a Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 19 Feb 2018 09:45:39 +0100
Subject: l prism.r: add jeschli user

---
 lass/1systems/prism/config.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index b498d94ff..c0e4620cc 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -292,6 +292,16 @@ in {
     <stockholm/krebs/2configs/reaktor-krebs.nix>
     <stockholm/lass/2configs/dcso-dev.nix>
     {
+      users.users.jeschli = {
+        uid = genid "jeschli";
+        isNormalUser = true;
+        openssh.authorizedKeys.keys = with config.krebs.users; [
+          jeschli.pubkey
+          jeschli-bln.pubkey
+          jeschli-bolide.pubkey
+          jeschli-brauerei.pubkey
+        ];
+      };
       krebs.git.rules = [
         {
           user = with config.krebs.users; [
-- 
cgit v1.2.3


From 8c600fd0f5c8d63115c5527733885a14ad210913 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 19 Feb 2018 09:46:00 +0100
Subject: l shodan.r: ignore lidswitch

---
 lass/1systems/shodan/config.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix
index ef015aebc..7fb57544f 100644
--- a/lass/1systems/shodan/config.nix
+++ b/lass/1systems/shodan/config.nix
@@ -61,4 +61,8 @@ with import <stockholm/lib>;
     SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:29:26:bc", NAME="wl0"
     SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:0c:a7:63", NAME="et0"
   '';
+
+  services.logind.extraConfig = ''
+    HandleLidSwitch=ignore
+  '';
 }
-- 
cgit v1.2.3


From ae9dc0e1a645633be77559492840252517eb7c74 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 19 Feb 2018 09:46:50 +0100
Subject: l minecraft: open port for dynmap

---
 lass/2configs/minecraft.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/2configs/minecraft.nix b/lass/2configs/minecraft.nix
index aa33dcccc..6f8ceb358 100644
--- a/lass/2configs/minecraft.nix
+++ b/lass/2configs/minecraft.nix
@@ -17,5 +17,6 @@
   krebs.iptables.tables.filter.INPUT.rules = [
     { predicate = "-p tcp --dport 25565"; target = "ACCEPT"; }
     { predicate = "-p udp --dport 25565"; target = "ACCEPT"; }
+    { predicate = "-p tcp --dport 8123"; target = "ACCEPT"; }
   ];
 }
-- 
cgit v1.2.3


From 1adeeffb7e0a6f7321743f431737cfc3d711f2eb Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 19 Feb 2018 09:47:35 +0100
Subject: l vim: add govet workaround

---
 lass/2configs/vim.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix
index 5fe9e1450..5d19ae75d 100644
--- a/lass/2configs/vim.nix
+++ b/lass/2configs/vim.nix
@@ -6,6 +6,9 @@ let
     environment.systemPackages = [
       (hiPrio vim)
       pkgs.python35Packages.flake8
+      (pkgs.writeDashBin "govet" ''
+        go vet "$@"
+      '')
     ];
 
     environment.etc.vimrc.source = vimrc;
-- 
cgit v1.2.3


From efb192f5153f48aa9f3ddde5ee25bc794ccf49bb Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 19 Feb 2018 09:50:45 +0100
Subject: l vim: run gometalinter

---
 lass/2configs/vim.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix
index 5d19ae75d..6014fd082 100644
--- a/lass/2configs/vim.nix
+++ b/lass/2configs/vim.nix
@@ -71,6 +71,9 @@ let
     let g:syntastic_python_checkers=['flake8']
     let g:syntastic_python_flake8_post_args='--ignore=E501'
 
+    let g:go_metalinter_autosave = 1
+    let g:go_metalinter_deadline = "10s"
+
     nmap <esc>q :buffer 
     nmap <M-q> :buffer 
 
-- 
cgit v1.2.3


From 28f96d4cb1753d0632f42ce0894297f427323133 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 19 Feb 2018 09:53:56 +0100
Subject: l: php5 -> php7

---
 lass/2configs/websites/util.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix
index 36ae1a904..62055d0fd 100644
--- a/lass/2configs/websites/util.nix
+++ b/lass/2configs/websites/util.nix
@@ -32,7 +32,6 @@ rec {
     let
       domain = head domains;
     in {
-      services.phpfpm.phpPackage = pkgs.php56;
       services.nginx.virtualHosts."${domain}" = {
         enableACME = true;
         enableSSL = true;
-- 
cgit v1.2.3


From ebb5d67cf320b3fdaf7966f503fff54cfda3b637 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 19 Feb 2018 11:33:25 +0100
Subject: ma urlwatch: taskwarrior is now on github

---
 makefu/2configs/urlwatch/default.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix
index 677950f43..d0fb4fe41 100644
--- a/makefu/2configs/urlwatch/default.nix
+++ b/makefu/2configs/urlwatch/default.nix
@@ -34,7 +34,7 @@ in {
       http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/
       http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
       https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
-      https://git.tasktools.org/TM/taskd/info/refs?service=git-upload-pack
+
       http://www.iozone.org/src/current/
 
       {
@@ -51,6 +51,8 @@ in {
       "embray/d2to1"
       "dorimanx/exfat-nofuse"
       "rapid7/metasploit-framework"
+      "GothenburgBitFactory/taskserver"
+      "GothenburgBitFactory/taskwarrior"
     ];
   };
 }
-- 
cgit v1.2.3


From 8654c0511b43a3773a34685a00d5768c6e08acc2 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 19 Feb 2018 13:42:00 +0100
Subject: github: update known hosts

---
 krebs/3modules/default.nix | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 9c343309a..6fe01e466 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -233,6 +233,7 @@ let
               "github.com"
               # List generated with
               # curl -sS https://api.github.com/meta | jq -r .git[] | cidr2glob
+              "192.30.252.*"
               "192.30.253.*"
               "192.30.254.*"
               "192.30.255.*"
@@ -240,9 +241,12 @@ let
               "185.199.109.*"
               "185.199.110.*"
               "185.199.111.*"
-              "18.195.85.27"
+              "13.229.188.59"
+              "13.250.177.223"
               "18.194.104.89"
+              "18.195.85.27"
               "35.159.8.160"
+              "52.74.223.119"
             ];
             publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
           };
-- 
cgit v1.2.3


From c4fdec7ce910c319c675388c59a65c44d202d5b1 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 21 Feb 2018 16:00:33 +0100
Subject: ma x.r: add bluetooth

---
 makefu/1systems/x/config.nix | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index b4d4aa66e..ad2ad8779 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -100,7 +100,43 @@ with import <stockholm/lib>;
           ];
         };
       }
+      { # bluetooth+pulse config
+        # for blueman-applet
+        users.users.makefu.packages = [
+          pkgs.blueman
+        ];
+        hardware.pulseaudio = {
+          enable = true;
+          package = pkgs.pulseaudioFull;
+          # systemWide = true;
+          support32Bit = true;
+          configFile = pkgs.writeText "default.pa" ''
+            load-module module-udev-detect
+            load-module module-bluetooth-policy
+            load-module module-bluetooth-discover
+            load-module module-native-protocol-unix
+            load-module module-always-sink
+            load-module module-console-kit
+            load-module module-systemd-login
+            load-module module-intended-roles
+            load-module module-position-event-sounds
+            load-module module-filter-heuristics
+            load-module module-filter-apply
+            load-module module-switch-on-connect
+            '';
+        };
 
+        # presumably a2dp Sink
+        # Enable profile:
+        ## pacmd set-card-profile "$(pactl list cards short | egrep -o bluez_card[[:alnum:]._]+)" a2dp_sink
+        hardware.bluetooth.extraConfig = '';
+          [general]
+          Enable=Source,Sink,Media,Socket
+        '';
+
+        # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
+        hardware.bluetooth.enable = true;
+      }
       { # auto-mounting
         services.udisks2.enable = true;
         services.devmon.enable = true;
-- 
cgit v1.2.3


From b5d83996a80c422879dc0be1a1d9d3e0a92c763d Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 22 Feb 2018 09:58:45 +0100
Subject: ma 6tests/secrets: add auth.nix dummy

---
 makefu/6tests/data/secrets/torrent-secrets/auth.nix | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 makefu/6tests/data/secrets/torrent-secrets/auth.nix

diff --git a/makefu/6tests/data/secrets/torrent-secrets/auth.nix b/makefu/6tests/data/secrets/torrent-secrets/auth.nix
new file mode 100644
index 000000000..0967ef424
--- /dev/null
+++ b/makefu/6tests/data/secrets/torrent-secrets/auth.nix
@@ -0,0 +1 @@
+{}
-- 
cgit v1.2.3


From aef9e595f021ca9c6676d743b24b7de2a2592f5d Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 22 Feb 2018 18:23:12 +0100
Subject: l baseX: use network-manager

---
 lass/2configs/baseX.nix           |  1 +
 lass/2configs/network-manager.nix | 24 ++++++++++++++++++++++++
 2 files changed, 25 insertions(+)
 create mode 100644 lass/2configs/network-manager.nix

diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 61a006a52..93189b0d3 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -10,6 +10,7 @@ in {
     ./livestream.nix
     ./dns-stuff.nix
     ./urxvt.nix
+    ./network-manager.nix
     {
       hardware.pulseaudio = {
         enable = true;
diff --git a/lass/2configs/network-manager.nix b/lass/2configs/network-manager.nix
new file mode 100644
index 000000000..c4f757de1
--- /dev/null
+++ b/lass/2configs/network-manager.nix
@@ -0,0 +1,24 @@
+{ pkgs, lib, ... }:
+{
+  networking.wireless.enable = lib.mkForce false;
+
+  systemd.services.modemmanager = {
+    description = "ModemManager";
+    after = [ "network-manager.service" ];
+    bindsTo = [ "network-manager.service" ];
+    wantedBy = [ "network-manager.service" ];
+    serviceConfig = {
+      ExecStart = "${pkgs.modemmanager}/bin/ModemManager";
+      PrivateTmp = true;
+      Restart = "always";
+      RestartSec = "5";
+    };
+  };
+  networking.networkmanager.enable = true;
+  users.users.mainUser = {
+    extraGroups = [ "networkmanager" ];
+    packages = with pkgs; [
+      gnome3.gnome_keyring gnome3.dconf
+    ];
+  };
+}
-- 
cgit v1.2.3


From 87bc9a72eec639f8a73414e498ee2674355af640 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 22 Feb 2018 18:34:24 +0100
Subject: l baseX: run xmonad only in xmonad session

---
 lass/2configs/baseX.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 93189b0d3..2b7a5c924 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -122,13 +122,14 @@ in {
       name = "xmonad";
       start = ''
         ${pkgs.xorg.xhost}/bin/xhost +LOCAL:
+        ${pkgs.systemd}/bin/systemctl --user start xmonad
         exec ${pkgs.coreutils}/bin/sleep infinity
       '';
     }];
   };
 
   systemd.user.services.xmonad = {
-    wantedBy = [ "graphical-session.target" ];
+    #wantedBy = [ "graphical-session.target" ];
     environment = {
       DISPLAY = ":${toString config.services.xserver.display}";
       RXVT_SOCKET = "%t/urxvtd-socket";
-- 
cgit v1.2.3


From 1b61fa920eb775406bb00855fb22485f4e9c160a Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 22 Feb 2018 22:17:38 +0100
Subject: nixpkgs: c831224 -> d09e425

---
 krebs/source.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/source.nix b/krebs/source.nix
index 73ebf135d..c2fbbc5f8 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -18,7 +18,7 @@ in
       stockholm.file = toString <stockholm>;
       nixpkgs.git = {
         url = https://github.com/NixOS/nixpkgs;
-        ref = "c831224528cd6bfd49bfc2c18b9c5d9015651077"; # nixos-17.09 @ 2018-02-15
+        ref = "d09e425aea3e09b6cec5c7b05cc0603f6853748b"; # nixos-17.09 @ 2018-02-22
       };
     }
     override
-- 
cgit v1.2.3


From 23a7012581e11e73f1dd9ceb5683c7384836a318 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 24 Feb 2018 12:15:13 +0100
Subject: l: init dpdkm

---
 krebs/3modules/lass/default.nix | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 655a38030..e269d1fa1 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -551,6 +551,32 @@ with import <stockholm/lib>;
         };
       };
     };
+    dpdkm = {
+      ci = false;
+      external = true;
+      nets = rec {
+        retiolum = {
+          ip4.addr = "10.243.29.173";
+          ip6.addr = "42:4992:6a6d:900::1";
+          aliases = [ "dpdkm.r" ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj
+            NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp
+            qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP
+            X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn
+            f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa
+            bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL
+            Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T
+            B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w
+            tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n
+            dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls
+            mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ==
+            -----END RSA PUBLIC KEY-----
+          '';
+        };
+      };
+    };
     xerxes = {
       cores = 2;
       nets = rec {
-- 
cgit v1.2.3


From 2d6f67e5358b1c60b7e778e3844f84434c0140e0 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 25 Feb 2018 23:32:59 +0100
Subject: l mail: use tags for mailboxes

---
 lass/2configs/mail.nix | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index e83201cd8..2cf20b32c 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -28,6 +28,11 @@ let
     shack = [ "to:shackspace.de" ];
   };
 
+  tag-mails = pkgs.writeDashBin "nm-init-tag" ''
+    ${pkgs.notmuch}/bin/notmuch new
+    ${concatMapStringsSep "\n" (i: ''${pkgs.notmuch}/bin/notmuch tag -inbox +${i.name} -- tag:inbox ${concatMapStringsSep " or " (f: "${f}") i.value}'') (mapAttrsToList nameValuePair mailboxes)}
+  '';
+
   muttrc = pkgs.writeText "muttrc" ''
     # gpg
     source ${pkgs.neomutt}/share/doc/mutt/samples/gpg.rc
@@ -80,10 +85,9 @@ let
       # V
     ''} %r |"
 
-    virtual-mailboxes "INBOX" "notmuch://?query=tag:inbox ${concatMapStringsSep " " (f: "and NOT ${f}") (flatten (attrValues mailboxes))}"
+    virtual-mailboxes "INBOX" "notmuch://?query=tag:inbox"
     virtual-mailboxes "Unread" "notmuch://?query=tag:unread"
-    ${concatMapStringsSep "\n" (i: ''${"  "}virtual-mailboxes "${i.name}" "notmuch://?query=${concatMapStringsSep " or " (f: "${f}") i.value}"'') (mapAttrsToList nameValuePair mailboxes)}
-    virtual-mailboxes "BOX" "notmuch://?query=${concatMapStringsSep " and " (f: "NOT ${f}") (flatten (attrValues mailboxes))}"
+    ${concatMapStringsSep "\n" (i: ''${"  "}virtual-mailboxes "${i.name}" "notmuch://?query=tag:${i.name}"'') (mapAttrsToList nameValuePair mailboxes)}
     virtual-mailboxes "TODO" "notmuch://?query=tag:TODO"
     virtual-mailboxes "Starred" "notmuch://?query=tag:*"
     virtual-mailboxes "Archive" "notmuch://?query=tag:archive"
@@ -163,5 +167,6 @@ in {
     mutt
     pkgs.much
     pkgs.notmuch
+    tag-mails
   ];
 }
-- 
cgit v1.2.3


From 5b9fe77d8f163c64f4c8960db8ebeadba2c5407c Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 25 Feb 2018 23:33:15 +0100
Subject: l mail: add more mailboxes

---
 lass/2configs/mail.nix | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 2cf20b32c..c6866c69d 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -21,11 +21,14 @@ let
   '';
 
   mailboxes = {
-    wireguard = [ "to:wireguard@lists.zx2c4" ];
     c-base = [ "to:c-base.org" ];
-    security = [ "to:seclists.org" "to:security" "to:bugtraq" ];
+    dezentrale = [ "to:dezentrale.space" ];
+    kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" ];
     nix-devel = [ "to:nix-devel@googlegroups.com" ];
+    patreon = [ "to:patreon@lassul.us" ];
+    security = [ "to:seclists.org" "to:security" "to:bugtraq" ];
     shack = [ "to:shackspace.de" ];
+    wireguard = [ "to:wireguard@lists.zx2c4" ];
   };
 
   tag-mails = pkgs.writeDashBin "nm-init-tag" ''
-- 
cgit v1.2.3


From c222aadefe4c07a5ebc96b59cd274191e765bd75 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 26 Feb 2018 18:59:43 +0100
Subject: ma hydra.wbob.r: init

---
 krebs/3modules/makefu/default.nix   |  1 +
 makefu/1systems/wbob/config.nix     |  6 +++++-
 makefu/2configs/hydra/stockholm.nix | 34 ++++++++++++++++++++++++++++++++++
 3 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 makefu/2configs/hydra/stockholm.nix

diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 0bed4d6da..e137da7ca 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -503,6 +503,7 @@ with import <stockholm/lib>;
           # ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732";
           aliases = [
             "wbob.r"
+            "hydra.wbob.r"
           ];
           tinc.pubkey = ''
             -----BEGIN RSA PUBLIC KEY-----
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index 6434ba273..637d8e2d8 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -29,7 +29,8 @@ in {
       # <stockholm/makefu/2configs/vncserver.nix>
 
       # Services
-      <stockholm/makefu/2configs/remote-build/slave.nix>
+      <stockholm/makefu/2configs/hydra/stockholm.nix>
+
       <stockholm/makefu/2configs/share/wbob.nix>
       (let
         musicDirectory = "/data/music";
@@ -83,6 +84,9 @@ in {
             load-module module-filter-apply
             load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
             load-module module-switch-on-connect
+            # may be required for "system-wide" pulse to connect to bluetooth
+            #module-bluez5-device
+            #module-bluez5-discover
             '';
         };
         # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
diff --git a/makefu/2configs/hydra/stockholm.nix b/makefu/2configs/hydra/stockholm.nix
new file mode 100644
index 000000000..4bdb09213
--- /dev/null
+++ b/makefu/2configs/hydra/stockholm.nix
@@ -0,0 +1,34 @@
+# iterative:
+# $ hydra-create-user krebs --password derp --role admin
+# curl 'http://hydra.wbob.r/project/.new' -X PUT -H 'Host: hydra.wbob.r' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H 'X-Requested-With: XMLHttpRequest' -H 'Cookie: redirect_to=%252F; hydra_session=abcdefghijklmnopqrstuvwxyz' -H 'Connection: keep-alive' --data 'enabled=on&visible=on&name=stockholm&displayname=Stockholm&description=make+all+systems+into+1systems&homepage=https%3A%2F%2Fkrebsco.de&owner=krebs&declfile=spec.json&decltype=git&declvalue=http%3A%2F%2Fcgit.euer.krebsco.de%2Fhydra-stockholm'
+
+{
+
+  # TODO postgres backup
+  services.postgresql.enable = true;
+
+  services.hydra = {
+    enable = true;
+    hydraURL = "http://hydra.wbob.r"; # externally visible URL
+    notificationSender = "hydra@wbob.r";
+    # you will probably also want, otherwise *everything* will be built from scratch
+    useSubstitutes = true;
+    port = 3030;
+    buildMachinesFiles = [];
+  };
+
+  networking.firewall.allowedTCPPorts = [ 80 ];
+  services.nginx = {
+    enable = true;
+    virtualHosts."hydra.wbob.r" = {
+      locations."/" =  {
+        proxyPass = "http://localhost:3030/";
+        extraConfig = ''
+          proxy_set_header   Host $host;
+          proxy_set_header   X-Real-IP          $remote_addr;
+          proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        '';
+      };
+    };
+  };
+}
-- 
cgit v1.2.3


From b0edf1be81e463174d9b3a1bd2ff2aff7ef8734e Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 26 Feb 2018 19:05:50 +0100
Subject: ma programs-db: rip

---
 makefu/5pkgs/default.nix             |  2 +-
 makefu/5pkgs/programs-db/default.nix | 12 ------------
 2 files changed, 1 insertion(+), 13 deletions(-)
 delete mode 100644 makefu/5pkgs/programs-db/default.nix

diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix
index 80a0d33cd..b1d6df67e 100644
--- a/makefu/5pkgs/default.nix
+++ b/makefu/5pkgs/default.nix
@@ -3,7 +3,7 @@ self: super: let
 
   # This callPackage will try to detect obsolete overrides.
   callPackage = path: args: let
-    override = super.callPackage path args;
+    override =  super.callPackage path args;
     upstream = optionalAttrs (override ? "name")
       (super.${(parseDrvName override.name).name} or {});
   in if upstream ? "name" &&
diff --git a/makefu/5pkgs/programs-db/default.nix b/makefu/5pkgs/programs-db/default.nix
deleted file mode 100644
index f40b1b96e..000000000
--- a/makefu/5pkgs/programs-db/default.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ stdenv }:
-
-stdenv.mkDerivation rec {
-  name = "programs-db";
-  src = builtins.fetchTarball https://nixos.org/channels/nixos-unstable/nixexprs.tar.xz ;
-
-  phases = [ "unpackPhase" "installPhase" ];
-  installPhase = ''
-    cp programs.sqlite $out
-  '';
-
-}
-- 
cgit v1.2.3


From 99d4464e6ce548b2441dd5d420d4d851b4b1523e Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 26 Feb 2018 22:03:59 +0100
Subject: ma git: init hydra-stockholm

---
 makefu/2configs/git/cgit-retiolum.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index eacbd99cf..1109e2519 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -28,6 +28,7 @@ let
     init-stockholm = {
       cgit.desc = "Init stuff for stockholm";
     };
+    hydra-stockholm = { };
   };
 
   priv-repos = mapAttrs make-priv-repo {
-- 
cgit v1.2.3

[cgit] Unable to lock slot /tmp/cgit/85100000.lock: Permission denied (13)