From d63de0f8604a5155a62c88f04c94905238d00011 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Fri, 12 Jan 2018 12:01:08 +0100
Subject: jeschli enklave: import IMw

---
 jeschli/1systems/enklave/config.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/jeschli/1systems/enklave/config.nix b/jeschli/1systems/enklave/config.nix
index 010089017..76e718699 100644
--- a/jeschli/1systems/enklave/config.nix
+++ b/jeschli/1systems/enklave/config.nix
@@ -4,6 +4,7 @@
   imports = [
     <stockholm/jeschli>
     <stockholm/jeschli/2configs/retiolum.nix>
+    <stockholm/jeschli/2configs/IM.nix>
     <stockholm/jeschli/2configs/os-templates/CentOS-7-64bit.nix>
     {
       networking.dhcpcd.allowInterfaces = [
-- 
cgit v1.2.3


From 05b3e4b0cb4e83dcc84939919ca0a83e694606bf Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Fri, 12 Jan 2018 12:03:01 +0100
Subject: jeschli: +irc alias

---
 jeschli/2configs/default.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/jeschli/2configs/default.nix b/jeschli/2configs/default.nix
index 6d788d283..0ac3708bb 100644
--- a/jeschli/2configs/default.nix
+++ b/jeschli/2configs/default.nix
@@ -23,6 +23,9 @@ with import <stockholm/lib>;
     proot
     populate
 
+  # aliases
+    (writeDashBin "irc" "ssh chat@enklave -t tmux a")
+
   #style
     most
     rxvt_unicode.terminfo
-- 
cgit v1.2.3


From 3131b72a7c2a260e2f985a0fc8abccae7cce9280 Mon Sep 17 00:00:00 2001
From: Markus Hihn <markus.hihn@dcso.de>
Date: Fri, 19 Jan 2018 10:36:35 +0100
Subject: j bln: +virtualbox

---
 jeschli/1systems/bln/config.nix |  1 +
 jeschli/2configs/virtualbox.nix | 23 +++++++++++++++++++++++
 2 files changed, 24 insertions(+)
 create mode 100644 jeschli/2configs/virtualbox.nix

diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 9e5f8c52e..9c491c8a1 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -8,6 +8,7 @@
   imports =
     [ # Include the results of the hardware scan.
       <stockholm/jeschli>
+      <stockholm/jeschli/2configs/virtualbox.nix>
       ./hardware-configuration.nix
       # ./dcso-vpn.nix
     ];
diff --git a/jeschli/2configs/virtualbox.nix b/jeschli/2configs/virtualbox.nix
new file mode 100644
index 000000000..b2cb851a1
--- /dev/null
+++ b/jeschli/2configs/virtualbox.nix
@@ -0,0 +1,23 @@
+{ config, pkgs, ... }:
+
+let
+  mainUser = config.users.extraUsers.markus;
+
+in {
+  #services.virtualboxHost.enable = true;
+  virtualisation.virtualbox.host.enable = true;
+
+  users.extraUsers = {
+    virtual = {
+      name = "virtual";
+      description = "user for running VirtualBox";
+      home = "/home/virtual";
+      useDefaultShell = true;
+      extraGroups = [ "vboxusers" "audio" ];
+      createHome = true;
+    };
+  };
+  security.sudo.extraConfig = ''
+    ${mainUser.name} ALL=(virtual) NOPASSWD: ALL
+  '';
+}
-- 
cgit v1.2.3


From 7b4bb4646815beafb56782b7934fbc755602dcc4 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Fri, 19 Jan 2018 13:30:41 +0100
Subject: jeschli: +IM

---
 jeschli/2configs/IM.nix | 56 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 jeschli/2configs/IM.nix

diff --git a/jeschli/2configs/IM.nix b/jeschli/2configs/IM.nix
new file mode 100644
index 000000000..171b78242
--- /dev/null
+++ b/jeschli/2configs/IM.nix
@@ -0,0 +1,56 @@
+with (import <stockholm/lib>);
+{ config, lib, pkgs, ... }:
+let
+  tmux = pkgs.writeDashBin "tmux" ''
+    export TERM=xterm-256color
+    exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" ''
+      set-option -g default-terminal screen-256color
+    ''} "$@"
+  '';
+in {
+
+  services.bitlbee = {
+    enable = true;
+    portNumber = 6666;
+    plugins = [
+      pkgs.bitlbee-facebook
+      pkgs.bitlbee-steam
+      pkgs.bitlbee-discord
+    ];
+    libpurple_plugins = [ pkgs.telegram-purple ];
+  };
+
+  users.extraUsers.chat = {
+    home = "/home/chat";
+    uid = genid "chat";
+    useDefaultShell = true;
+    createHome = true;
+    openssh.authorizedKeys.keys = with config.krebs.users; [
+      jeschli.pubkey
+      jeschli-bln.pubkey
+      jeschli-brauerei.pubkey
+    ];
+    packages = [ tmux ]; 
+  };
+
+
+  systemd.services.chat = {
+    description = "chat environment setup";
+    after = [ "network.target" ];
+    wantedBy = [ "multi-user.target" ];
+
+    restartIfChanged = false;
+
+    path = [
+      pkgs.rxvt_unicode.terminfo
+    ];
+
+    serviceConfig = {
+      User = "chat";
+      RemainAfterExit = true;
+      Type = "oneshot";
+      ExecStart = "${tmux}/bin/tmux -2 new-session -d -s IM ${pkgs.weechat}/bin/weechat";
+      ExecStop = "${tmux}/bin/tmux kill-session -t IM";
+    };
+  };
+}
-- 
cgit v1.2.3


From 2398bc71ee5cf5fc8a28eae825792bc5c14ab4ca Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 20 Jan 2018 12:49:37 +0100
Subject: l radio: force play regularly

---
 lass/2configs/radio.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index 7f531bf3a..a83d51f1d 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -118,6 +118,7 @@ in {
       if test $(timeLeft) -le $LIMIT; then
         ${add_random}/bin/add_random
       fi
+      ${pkgs.mpc_cli}/bin/mpc play > /dev/null
     '';
   in {
     description = "radio playlist autoadder";
-- 
cgit v1.2.3


From 247aad46d30a6baa79e3b489e57c63ee8f9a430e Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 20 Jan 2018 13:03:21 +0100
Subject: l mors.r: use nixUnstable

---
 lass/1systems/mors/config.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index c231a0b10..936666a73 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -192,7 +192,7 @@ with import <stockholm/lib>;
     '';
   };
 
-  #nix.package = pkgs.nixUnstable;
+  nix.package = pkgs.nixUnstable;
   programs.adb.enable = true;
   users.users.mainUser.extraGroups = [ "adbusers" ];
 }
-- 
cgit v1.2.3


From 3bd62207d4b60db4ca5f89bb84dc842b62bdfbaf Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 20 Jan 2018 13:03:51 +0100
Subject: l: set ssh agentTimeout to 10m

---
 lass/2configs/baseX.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 5cb7eb03f..5ca024574 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -53,6 +53,7 @@ in {
 
   time.timeZone = "Europe/Berlin";
 
+  programs.ssh.agentTimeout = "10m";
   programs.ssh.startAgent = true;
   services.openssh.forwardX11 = true;
 
-- 
cgit v1.2.3


From baf4fc520b9faae6ad07c1b9f6d6623b92768ce6 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Sat, 20 Jan 2018 20:49:48 +0000
Subject: j: +bolide

---
 jeschli/1systems/bolide/config.nix                 | 134 +++++++++++++++++++++
 jeschli/1systems/bolide/hardware-configuration.nix |  32 +++++
 jeschli/1systems/bolide/source.nix                 |   4 +
 krebs/3modules/jeschli/default.nix                 |  40 ++++++
 4 files changed, 210 insertions(+)
 create mode 100644 jeschli/1systems/bolide/config.nix
 create mode 100644 jeschli/1systems/bolide/hardware-configuration.nix
 create mode 100644 jeschli/1systems/bolide/source.nix

diff --git a/jeschli/1systems/bolide/config.nix b/jeschli/1systems/bolide/config.nix
new file mode 100644
index 000000000..cb3eb0396
--- /dev/null
+++ b/jeschli/1systems/bolide/config.nix
@@ -0,0 +1,134 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+      <stockholm/jeschli>
+      <stockholm/jeschli/2configs/urxvt.nix>
+    ];
+
+  krebs.build.host = config.krebs.hosts.bolide;
+  # Use the GRUB 2 boot loader.
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  # boot.loader.grub.efiSupport = true;
+  # boot.loader.grub.efiInstallAsRemovable = true;
+  # boot.loader.efi.efiSysMountPoint = "/boot/efi";
+  # Define on which hard drive you want to install Grub.
+  boot.loader.grub.device = "/dev/sdb"; # or "nodev" for efi only
+  boot.initrd.luks.devices = [ {
+    name = "bla";
+    device = "/dev/disk/by-uuid/53f1eeaf-a7ac-456c-a2af-778dd8b8d5b0";
+    preLVM = true;
+    allowDiscards = true;
+  } ]; 
+#  networking.hostName = "bolide"; # Define your hostname.
+  networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+
+  # Select internationalisation properties.
+  # i18n = {
+  #   consoleFont = "Lat2-Terminus16";
+  #   consoleKeyMap = "us";
+  #   defaultLocale = "en_US.UTF-8";
+  # };
+
+  # Set your time zone.
+  # time.timeZone = "Europe/Amsterdam";
+
+  # List packages installed in system profile. To search by name, run:
+  # $ nix-env -qaP | grep wget
+   nixpkgs.config.allowUnfree = true; 
+   environment.systemPackages = with pkgs; [
+     wget vim
+   # system helper
+     ag
+     curl
+     copyq
+     dmenu
+     git
+     i3lock
+     keepass
+     networkmanagerapplet
+     rsync
+     terminator
+     tmux
+     wget
+   #  rxvt_unicode
+   # editors
+     emacs
+   # internet
+     thunderbird
+     chromium
+     google-chrome
+   # programming languages
+     go
+     gcc
+     ghc
+     python35
+     python35Packages.pip
+   # go tools
+     golint
+     gotools
+   # dev tools
+     gnumake
+     jetbrains.pycharm-professional
+     jetbrains.webstorm
+     jetbrains.goland
+   # document viewer
+     zathura
+   ];
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.bash.enableCompletion = true;
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  # Enable CUPS to print documents.
+  # services.printing.enable = true;
+
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+  # services.xserver.layout = "us";
+  # services.xserver.xkbOptions = "eurosign:e";
+
+  services.xserver.displayManager.sddm.enable = true;
+  services.xserver.windowManager.xmonad.enable = true;
+  services.xserver.windowManager.xmonad.enableContribAndExtras = true;
+  # Enable touchpad support.
+  # services.xserver.libinput.enable = true;
+
+  # Enable the KDE Desktop Environment.
+  # services.xserver.displayManager.sddm.enable = true;
+  # services.xserver.desktopManager.plasma5.enable = true;
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+   users.extraUsers.jeschli = {
+     isNormalUser = true;
+     uid = 1000;
+   };
+
+  # This value determines the NixOS release with which your system is to be
+  # compatible, in order to avoid breaking some software such as database
+  # servers. You should change this only after NixOS release notes say you
+  # should.
+  system.stateVersion = "17.09"; # Did you read the comment?
+
+}
+
diff --git a/jeschli/1systems/bolide/hardware-configuration.nix b/jeschli/1systems/bolide/hardware-configuration.nix
new file mode 100644
index 000000000..183b29e42
--- /dev/null
+++ b/jeschli/1systems/bolide/hardware-configuration.nix
@@ -0,0 +1,32 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, ... }:
+
+{
+  imports =
+    [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.kernelModules = [ "kvm-intel" "wl" ];
+  boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
+
+  fileSystems."/" =
+    { device = "/dev/bolide-pool/bolide-root";
+      fsType = "ext4";
+    };
+
+  fileSystems."/home" =
+    { device = "/dev/bolide-pool/bolide-home";
+      fsType = "ext4";
+    };
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/3aeb67c4-5b6e-4df2-8013-607fe0fb8525";
+      fsType = "ext4";
+    };
+  swapDevices = [ ];
+
+  nix.maxJobs = lib.mkDefault 8;
+  powerManagement.cpuFreqGovernor = "powersave";
+}
diff --git a/jeschli/1systems/bolide/source.nix b/jeschli/1systems/bolide/source.nix
new file mode 100644
index 000000000..0bd7af50f
--- /dev/null
+++ b/jeschli/1systems/bolide/source.nix
@@ -0,0 +1,4 @@
+import <stockholm/jeschli/source.nix> {
+  name = "bolide";
+  secure = true;
+}
diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix
index c7e882742..ed9bfad29 100644
--- a/krebs/3modules/jeschli/default.nix
+++ b/krebs/3modules/jeschli/default.nix
@@ -163,6 +163,43 @@ with import <stockholm/lib>;
       };
     };
 
+    bolide = {
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.27.31";
+          ip6.addr = "42::31";
+          aliases = [
+            "bolide.r"
+          ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIIECgKCBAEAn9mkcX4WvyClMxiHgpvM7nNFbGuUVIxM71luzhfroTxMxcWBcik+
+            m7ensF256uQeUw4+y/d3wVj06ARnJubdGa1zrM54ghLp6dDTULnUhPfgIbCeP+Zz
+            A9hlZsD+yx9ZkPmSMhaakz5dKVlx9KFy4IrS42uGCquXIZ979loZ0372MxYxmPEY
+            sIiuZXQcLOiJa5ajJMHS2UEkr4rCvpa/nOJ3AcEl0QbCjX1WALjPZEw9Ogrwergy
+            tv0d8dkXHB80DZ4sEjA7+BxB/sVrI4YpT9diTqEHNlkhjYjk6x9o0aBAIfJoyFYK
+            Yo2eb8SYN4qwoNbtXr5JLvT0i6thT2R+jXm9h11NIGS91x4cJc2P7eIZI2J33gsV
+            VOfcZ4BfJSQSbd1G12EpgzM6UlorNGMqG2DfH3XPbQ0Ez19tNlEUqlbT3dnvVA5y
+            kpwWDEJrZB3SDvwtHQf9/4j/jXFlMNu4GE1kcwm+a4LvGFne37atY3irv3xZ9ih4
+            ygRbKfFFmxTqK3Cl2Vwxf/dsUm/P+hVF5nzROu7v7wkyU90nYp/AnpXywc4rEAVj
+            M8/7H6OlY59yqElJkSdsMum7HtytpsvvenQWW85Ycz+/Ti3nmYuaILgme2Q6JfA3
+            c6aNRv8A31m4GIuacHNGJOi2WfJab076bYw82HnX4bVoft9i2SxjZrXr75euz/4k
+            jGC4A4YQnrUi4wTBiSc3jm69wb3NXHYoKHjDIwDUUI91vUOKaTO/09RlAYr5EWT3
+            nekSaOu9nCrpTR6dq+yc4MktFjHBKPs2ReFKfDHkYzKiNSn5Ei9g3QhpCMF1LE19
+            RDvBbFawXtH3M8JHofalwsek44eso0tWA3RzFmiH2WzSLD2UV8a2la9vIfJbMvw3
+            LqunwCgC0QWtSTjh+X6H0MBKcGcie5bisKfkXQExx0cnNERDoXpe1E8g5EmJBt2B
+            8anRC6thNhpAuMTB8hZy+RP9AsRBxUE9lr9oKDH3JrHRBk1S4LktuNL3Zf8UqnRO
+            s7hGPzr8nw5yXV61xXFmXwA0snBsNfo83XpuiWJgz2qrz6/EWLZBgnLNyq22udxl
+            O9EGExulbija5rmrSp1MGi7K2K2qAx06KP3C1TerpSY0BW6ZhX/4MK/WIRihDBG4
+            JLg/gxX/4FES2qGmjCkW74TQDHq6B8xFuJQ3y5nD1cZBN4+VDNb1+mQbR06Zn0Sc
+            pDASYWimJzqxR+s/cr0a8PwoE/RdjwOYlXIOW4tDcK12Am6XRRf87cycG9ueNzhy
+            RwrvUJ4JMyUA5sbo2sbumAMqiytNZ7ReRVK6S5IiMpysr4/lHb2OQSPhQArDCprg
+            KXNgncRZsrL9VgVueVmOp45qkAkapeQ8wQIDAQAB
+            -----END RSA PUBLIC KEY-----
+          '';
+        };
+      };
+    };
 
   };
   users = {
@@ -176,5 +213,8 @@ with import <stockholm/lib>;
    jeschli-brauerei = {
      pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos";
    };
+   jeschli-bolide = {
+     pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGnLjnFw3OYJJy/ID9RCWHTtnVcKRfROIj1tJdJZoOWzGMY+kgyCN/WNBg7JJtCW22yU5O3ftSdN851URCBZ6FgYmcvURBxUOKPlyX5EoxUrrnbmtxJM9+OIT3Dt2RWfrqX6aEQ57nwe/qIFKo9UaoedB/FOzsw1f3U5zBxVuWVRQrsnPxkbPWHmPAGB4CvL897tb83uecDexmGZpLe/0dN4768i2nYaSwrNL+HtqZCvkEqEmnfHlmqqXhiuq83q8su/WSXAtDbUVucG3frgOir14YCbrWKf59+MugxhYOEYBqp+KME5+niFGoulg+NBW/HzH6U+DiH4RFBJhCu1Gr jeschli@bolide";
+   };
   };
 }
-- 
cgit v1.2.3


From 767122003dd4389692e0a736ececd0a3372d4008 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 21 Jan 2018 19:57:36 +0100
Subject: l nixpkgs: d9a2891 -> 5141f28

---
 lass/source.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lass/source.nix b/lass/source.nix
index eaae841fd..223954a51 100644
--- a/lass/source.nix
+++ b/lass/source.nix
@@ -10,7 +10,7 @@ in
       nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
       nixpkgs.git = {
         url = https://github.com/nixos/nixpkgs;
-        ref = "d9a2891";
+        ref = "5141f28";
       };
       secrets = getAttr builder {
         buildbot.file = toString <stockholm/lass/2configs/tests/dummy-secrets>;
-- 
cgit v1.2.3


From 697b202e25d9c738e6d5ebf265f1005520cfb1ac Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 22 Jan 2018 18:05:43 +0100
Subject: l zsh: use zsh in nix-shell & better prompt

---
 lass/2configs/zsh.nix | 64 +++++++++++++++++++++++++++++++--------------------
 1 file changed, 39 insertions(+), 25 deletions(-)

diff --git a/lass/2configs/zsh.nix b/lass/2configs/zsh.nix
index 7b0ef79f3..f2c32ba26 100644
--- a/lass/2configs/zsh.nix
+++ b/lass/2configs/zsh.nix
@@ -72,25 +72,6 @@
       alias la='ls -la'
 
       #fancy window title magic
-      case $TERM in
-        (*xterm* | *rxvt*)
-          function precmd {
-            if test -n "$SSH_CLIENT"; then
-              echo -ne "\033]0;$$ $USER@$HOST $PWD\007"
-            else
-              echo -ne "\033]0;$$ $USER@$PWD\007"
-            fi
-          }
-          # This is seen while the shell waits for a command to complete.
-          function preexec {
-            if test -n "$SSH_CLIENT"; then
-              echo -ne "\033]0;$$ $USER@$HOST $PWD $1\007"
-            else
-              echo -ne "\033]0;$$ $USER@$PWD $1\007"
-            fi
-          }
-        ;;
-      esac
     '';
     promptInit = ''
       # TODO: figure out why we need to set this here
@@ -101,27 +82,60 @@
       autoload -U promptinit
       promptinit
 
-      error='%(?..%F{red}%?%f )'
+      p_error='%(?..%F{red}%?%f )'
+      t_error='%(?..%? )'
 
       case $UID in
         0)
-          username='%F{red}root%f '
+          p_username='%F{red}root%f'
+          t_username='root'
           ;;
         1337)
-          username=""
+          p_username=""
+          t_username=""
           ;;
         *)
-          username='%F{blue}%n%f '
+          p_username='%F{blue}%n%f'
+          t_username='%n'
           ;;
       esac
 
       if test -n "$SSH_CLIENT"; then
-        PROMPT="$error$username@%F{magenta}%M%f %~ "
+        p_hostname='@%F{magenta}%M%f '
+        t_hostname='@%M '
+      else
+        p_hostname=""
+        t_hostname=""
+      fi
+
+      #check if in nix shell
+      if test -n "$buildInputs"; then
+        p_nixshell='%F{green}[s]%f '
+        t_nixshell='[s] '
       else
-        PROMPT="$error$username%~ "
+        p_nixshell=""
+        t_nixshell=""
       fi
+
+      PROMPT="$p_error$p_username$p_hostname$p_nixshell%~ "
+      TITLE="$t_error$t_username$t_hostname$t_nixshell%~"
+      case $TERM in
+        (*xterm* | *rxvt*)
+          function precmd {
+            PROMPT_EVALED="$(print -P $TITLE)"
+            echo -ne "\033]0;$$ $PROMPT_EVALED\007"
+          }
+          # This is seen while the shell waits for a command to complete.
+          function preexec {
+            PROMPT_EVALED="$(print -P $TITLE)"
+            echo -ne "\033]0;$$ $PROMPT_EVALED $1\007"
+          }
+        ;;
+      esac
     '';
   };
+  environment.shellAliases.ns = "nix-shell --command zsh";
+
   users.users.mainUser.shell = "/run/current-system/sw/bin/zsh";
   users.users.root.shell = "/run/current-system/sw/bin/zsh";
 }
-- 
cgit v1.2.3


From 10f27ee8bd7a7f56f634dc8ea2bc4d40db9e655a Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Tue, 23 Jan 2018 19:35:46 +0100
Subject: j vim: refactoring

---
 jeschli/2configs/vim.nix | 148 +++++++++++++++++++++++++++++------------------
 1 file changed, 92 insertions(+), 56 deletions(-)

diff --git a/jeschli/2configs/vim.nix b/jeschli/2configs/vim.nix
index 1a2231a86..65ce7dfa4 100644
--- a/jeschli/2configs/vim.nix
+++ b/jeschli/2configs/vim.nix
@@ -1,5 +1,6 @@
 { config, pkgs, ... }:
 
+with import <stockholm/lib>;
 let
   customPlugins.vim-javascript = pkgs.vimUtils.buildVimPlugin {
     name = "vim-javascript";
@@ -16,72 +17,76 @@ let
        owner = "mxw";
        repo = "vim-jsx";
        rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a";
-       sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a"; 
+       sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a";
      };
    };
 in {
-# {
   environment.systemPackages = [
     (pkgs.vim_configurable.customize {
       name = "vim";
-
-    vimrcConfig.customRC = ''
-  set nocompatible 
-
-	:imap jk <Esc>
-	:vmap v v
-	:map gr :GoRun<Enter>
-	:nnoremap <S-TAB> :bnext<CR>
-	:nnoremap <C-TAB> <c-w><c-w>
-  :map nf :NERDTreeToggle<CR>
-	set autowrite
-	set number
-	set ruler
-  set path+=** 
-  set wildmenu
-
-	noremap x "_x
-	set clipboard=unnamedplus
-
-  let g:jsx_ext_required = 0
-
-	let g:go_list_type = "quickfix"
-	let g:go_test_timeout = '10s'
-	let g:go_fmt_command = "goimports"
-	let g:go_snippet_case_type = "camelcase"
-	let g:go_highlight_types = 1
-	let g:go_highlight_fields = 1
-	let g:go_highlight_functions = 1
-	let g:go_highlight_methods = 1
-  let g:go_highlight_extra_types = 1
-  autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4 
-  let g:rehash256 = 1
-  let g:molokai_original = 1
-  colorscheme molokai
-	let g:go_metalinter_enabled = ['vet', 'golint', 'errcheck']
-	let g:go_metalinter_autosave = 1
-	" let g:go_metalinter_autosave_enabled = ['vet', 'golint']
-	" let g:go_def_mode = 'godef'
-	" let g:go_decls_includes = "func,type"
-
-
-	" Trigger configuration. Do not use <tab> if you use https://github.com/Valloric/YouCompleteMe.
-	let g:UltiSnipsExpandTrigger="<c-e>"
-	let g:UltiSnipsJumpForwardTrigger="<c-t>"
-	let g:UltiSnipsJumpBackwardTrigger="<c-q>"
-
-	" If you want :UltiSnipsEdit to split your window.
-	let g:UltiSnipsEditSplit="vertical"
-
-	if has('persistent_undo')      "check if your vim version supports it
-	set undofile                 "turn on the feature  
-	set undodir=$HOME/.vim/undo  "directory where the undo files will be stored
-	endif     
+      vimrcConfig.customRC = let
+        colorscheme = ''colorscheme molokai'';
+        setStatements = ''
+          set autowrite
+          set clipboard=unnamedplus
+          set nocompatible
+          set path+=**
+          set ruler
+          set undodir=$HOME/.vim/undo  "directory where the undo files will be stored
+          set undofile                 "turn on the feature
+          set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
+          set wildmenu
+          set listchars=trail:¶
+        '';
+        remapStatements = ''
+          imap jk <Esc>
+          map gr :GoRun<Enter>         " Map gr to execute go run
+          map nf :NERDTreeToggle<CR>
+          nnoremap <C-TAB> <c-w><c-w>
+          nnoremap <S-TAB> :bnext<CR>
+          noremap x "_x
+          vmap v v
+        '';
+        settingsForGo = ''
+          let g:go_decls_includes = "func,type"
+          let g:go_def_mode = 'godef'
+          let g:go_fmt_command = "goimports"
+          let g:go_highlight_extra_types = 1
+          let g:go_highlight_fields = 1
+          let g:go_highlight_functions = 1
+          let g:go_highlight_methods = 1
+          let g:go_highlight_types = 1
+          let g:go_list_type = "quickfix"
+          let g:go_metalinter_autosave = 1
+          let g:go_metalinter_enabled = ['vet', 'golint', 'errcheck']
+          let g:go_snippet_case_type = "camelcase"
+          let g:go_test_timeout = '10s'
+          let g:jsx_ext_required = 0
+          let g:molokai_original = 1
+          let g:rehash256 = 1
         '';
 
+      in ''
+        ${colorscheme}
+        ${remapStatements}
+        ${setStatements}
+        ${settingsForGo}
+        " I dont know what this line is about
+        autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4
+      '';
        vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
        vimrcConfig.vam.pluginDictionaries = [
-         { names = [ "undotree" "molokai" "Syntastic" "ctrlp" "surround" "snipmate" "nerdtree" "easymotion"]; } 
+         { names = [
+            "ctrlp"
+            "easymotion"
+            "molokai"
+            "nerdtree"
+            "snipmate"
+            "surround"
+            "Syntastic"
+            "undotree"
+           ];
+         }
          { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
          { names = [ "vim-go" ]; ft_regex = "^go\$"; } # wanted: nsf/gocode
          { names = [ "vim-javascript" ]; ft_regex = "^js\$"; }
@@ -89,4 +94,35 @@ in {
        ];
     })
   ];
+
+  # set up the directories up if they are not there.
+# Needs to be changed.
+#  vim = let
+#    dirs = {
+#      backupdir = "$HOME/.cache/vim/backup";
+#      swapdir   = "$HOME/.cache/vim/swap";
+#      undodir   = "$HOME/.cache/vim/undo";
+#    };
+#    files = {
+#      viminfo   = "$HOME/.cache/vim/info";
+#    };
+#
+#    mkdirs = let
+#      dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s));
+#                 in assert out != ""; out;
+#      alldirs = attrValues dirs ++ map dirOf (attrValues files);
+#    in unique (sort lessThan alldirs);
+#  in
+#    pkgs.symlinkJoin {
+#      name = "vim";
+#      paths = [
+#        (pkgs.writeDashBin "vim" ''
+#          set -efu
+#          (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
+#          exec ${pkgs.vim}/bin/vim "$@"
+#        '')
+#        pkgs.vim
+#      ];
+#    };
+
 }
-- 
cgit v1.2.3


From dcae1c81a715081dfbf9b06b40c1ac78c2438a02 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Tue, 23 Jan 2018 19:40:10 +0100
Subject: jeschli brauerei: +aliases

---
 jeschli/1systems/brauerei/config.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix
index 2dec45795..e4109c638 100644
--- a/jeschli/1systems/brauerei/config.nix
+++ b/jeschli/1systems/brauerei/config.nix
@@ -35,6 +35,13 @@
   time.timeZone = "Europe/Amsterdam";
   nixpkgs.config.allowUnfree = true;
   # List packages installed in system profile. To search by name, run: # $ nix-env -qaP | grep wget
+  environment.shellAliases = {
+    n = "nix-shell";
+    stocki = pkgs.writeDash "deploy" ''
+      cd ~/stockholm
+      exec nix-shell -I stockholm="$PWD" --run 'deploy  --system="brauerei"'
+    '';
+  };
   environment.systemPackages = with pkgs; [
   # system helper
     ag
-- 
cgit v1.2.3


From 59518f2fbdddfe64764b4a549eeabda76b671576 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 23 Jan 2018 19:56:36 +0100
Subject: krebs: disable CI

---
 krebs/1systems/puyak/config.nix | 1 -
 krebs/1systems/wolf/config.nix  | 1 -
 2 files changed, 2 deletions(-)

diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index d2664ef84..67257eacd 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -7,7 +7,6 @@
     <stockholm/krebs/2configs/secret-passwords.nix>
     <stockholm/krebs/2configs/hw/x220.nix>
 
-    <stockholm/krebs/2configs/buildbot-krebs.nix>
     <stockholm/krebs/2configs/stats/puyak-client.nix>
     <stockholm/krebs/2configs/binary-cache/nixos.nix>
     <stockholm/krebs/2configs/binary-cache/prism.nix>
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 9d6955e7e..1b269e39a 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -12,7 +12,6 @@ in
     <stockholm/krebs/2configs/stats/wolf-client.nix>
 
     <stockholm/krebs/2configs/graphite.nix>
-    <stockholm/krebs/2configs/buildbot-krebs.nix>
     <stockholm/krebs/2configs/binary-cache/nixos.nix>
     <stockholm/krebs/2configs/binary-cache/prism.nix>
 
-- 
cgit v1.2.3


From 31fc8a8e2e8109eb2b262e907014cdacf58ed9cf Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 23 Jan 2018 20:00:14 +0100
Subject: l git: show diff of prism/master

---
 lass/2configs/git.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index 59c0f5220..1fe87c666 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -79,9 +79,9 @@ let
         nick = config.krebs.build.host.name;
         channel = "#xxx";
         server = "irc.r";
-        verbose = false;
+        verbose = config.krebs.build.host.name == "prism";
         # TODO define branches in some kind of option per repo
-        branches = [ "master" "staging*" ];
+        branches = [ "master" ];
       };
     };
   };
-- 
cgit v1.2.3


From 7368b6a9dace5de4a798100066b3583faabb6f7b Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 23 Jan 2018 23:21:47 +0100
Subject: l mail: template with nix

---
 lass/2configs/mail.nix | 34 ++++++++++++++++++----------------
 1 file changed, 18 insertions(+), 16 deletions(-)

diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 962efaf3f..a26f3fcbb 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -1,3 +1,4 @@
+with import <stockholm/lib>;
 { pkgs, ... }:
 
 let
@@ -19,6 +20,14 @@ let
     text/html; ${pkgs.elinks}/bin/elinks -dump ; copiousoutput;
   '';
 
+  inboxes = [
+    { l = "wireguard"; q = [ "wireguard@lists.zx2c4" ]; }
+    { l = "c-base"; q = [ "c-base.org" ]; }
+    { l = "security"; q = [ "seclists.org" "security" "bugtraq" ]; }
+    { l = "nix-devel"; q = [ "nix-devel@googlegroups.com" ]; }
+    { l = "shack"; q = [ "shackspace.de" ]; }
+  ];
+
   muttrc = pkgs.writeText "muttrc" ''
     # gpg
     source ${pkgs.neomutt}/share/doc/mutt/samples/gpg.rc
@@ -72,22 +81,15 @@ let
     ''} %r |"
 
     virtual-mailboxes \
-        "Unread"    "notmuch://?query=tag:unread"\
-        "INBOX"     "notmuch://?query=tag:inbox \
-                     and NOT to:nix-devel\
-                     and NOT to:shackspace\
-                     and NOT to:security\
-                     and NOT to:c-base" \
-        "shack"     "notmuch://?query=to:shackspace"\
-        "c-base"    "notmuch://?query=to:c-base"\
-        "security"  "notmuch://?query=to:securityfocus or from:security-alert@hpe.com"\
-        "nix"       "notmuch://?query=to:nix-devel"\
-        "radio"     "notmuch://?query=to:radio or tag:radio"\
-        "TODO"      "notmuch://?query=tag:TODO"\
-        "Starred"   "notmuch://?query=tag:*"\
-        "Archive"   "notmuch://?query=tag:archive"\
-        "Sent"      "notmuch://?query=tag:sent"\
-        "Junk"      "notmuch://?query=tag:junk"
+      "Unread" "notmuch://?query=tag:unread"\
+      "INBOX" "notmuch://?query=tag:inbox ${concatMapStringsSep " " (f: "and NOT to:${f}") (concatMap (l: l.q) inboxes)}"\
+    ${concatMapStringsSep "\n" (i: ''${"  "}"${i.l}" "notmuch://?query=${concatMapStringsSep " or " (f: "to:${f}") i.q}"\'') inboxes}
+      "BOX" "notmuch://?query=${concatMapStringsSep " and " (f: "NOT to:${f}") (concatMap (l: l.q) inboxes)}"\
+      "TODO" "notmuch://?query=tag:TODO"\
+      "Starred" "notmuch://?query=tag:*"\
+      "Archive" "notmuch://?query=tag:archive"\
+      "Sent" "notmuch://?query=tag:sent"\
+      "Junk" "notmuch://?query=tag:junk"
 
     tag-transforms "junk"     "k" \
                    "unread"   "u" \
-- 
cgit v1.2.3


From 22c6aff64698eec5231a9c43b4fb3642d2b97f97 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 23 Jan 2018 23:41:16 +0100
Subject: l mail: use attrSets

---
 lass/2configs/mail.nix | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index a26f3fcbb..7c58e8c5f 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -20,13 +20,13 @@ let
     text/html; ${pkgs.elinks}/bin/elinks -dump ; copiousoutput;
   '';
 
-  inboxes = [
-    { l = "wireguard"; q = [ "wireguard@lists.zx2c4" ]; }
-    { l = "c-base"; q = [ "c-base.org" ]; }
-    { l = "security"; q = [ "seclists.org" "security" "bugtraq" ]; }
-    { l = "nix-devel"; q = [ "nix-devel@googlegroups.com" ]; }
-    { l = "shack"; q = [ "shackspace.de" ]; }
-  ];
+  mailboxes = {
+    wireguard = [ "wireguard@lists.zx2c4" ];
+    c-base = [ "c-base.org" ];
+    security = [ "seclists.org" "security" "bugtraq" ];
+    nix-devel = [ "nix-devel@googlegroups.com" ];
+    shack = [ "shackspace.de" ];
+  };
 
   muttrc = pkgs.writeText "muttrc" ''
     # gpg
@@ -82,9 +82,9 @@ let
 
     virtual-mailboxes \
       "Unread" "notmuch://?query=tag:unread"\
-      "INBOX" "notmuch://?query=tag:inbox ${concatMapStringsSep " " (f: "and NOT to:${f}") (concatMap (l: l.q) inboxes)}"\
-    ${concatMapStringsSep "\n" (i: ''${"  "}"${i.l}" "notmuch://?query=${concatMapStringsSep " or " (f: "to:${f}") i.q}"\'') inboxes}
-      "BOX" "notmuch://?query=${concatMapStringsSep " and " (f: "NOT to:${f}") (concatMap (l: l.q) inboxes)}"\
+      "INBOX" "notmuch://?query=tag:inbox ${concatMapStringsSep " " (f: "and NOT to:${f}") (flatten (attrValues mailboxes))}"\
+    ${concatMapStringsSep "\n" (i: ''${"  "}"${i.name}" "notmuch://?query=${concatMapStringsSep " or " (f: "to:${f}") i.value}"\'') (mapAttrsToList nameValuePair mailboxes)}
+      "BOX" "notmuch://?query=${concatMapStringsSep " and " (f: "NOT to:${f}") (flatten (attrValues mailboxes))}"\
       "TODO" "notmuch://?query=tag:TODO"\
       "Starred" "notmuch://?query=tag:*"\
       "Archive" "notmuch://?query=tag:archive"\
-- 
cgit v1.2.3


From 4851c2fe0e2f4df65b06ece3e0a84c6bab88a525 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 24 Jan 2018 14:49:09 +0100
Subject: nixpkgs: 0b30c1d -> b222a0

---
 krebs/source.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/source.nix b/krebs/source.nix
index b952aa2a2..2a45a0092 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -17,6 +17,6 @@ in
     stockholm.file = toString <stockholm>;
     nixpkgs.git = {
       url = https://github.com/NixOS/nixpkgs;
-      ref = "0b30c1dd4c638e318957fc6a9198cf2429e38cb5"; # nixos-17.09 @ 2018-01-04
+      ref = "b222a0713f4a689519686421b3fbf5ca0c9bd3da"; # nixos-17.09 @ 2018-01-23
     };
   }
-- 
cgit v1.2.3


From 83b5966b184effe9cfa192a06575c2b145915132 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 24 Jan 2018 14:49:50 +0100
Subject: l nixpkgs: follow krebs

---
 lass/source.nix | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/lass/source.nix b/lass/source.nix
index 223954a51..e3332c5de 100644
--- a/lass/source.nix
+++ b/lass/source.nix
@@ -8,10 +8,7 @@ in
   evalSource (toString _file) [
     {
       nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
-      nixpkgs.git = {
-        url = https://github.com/nixos/nixpkgs;
-        ref = "5141f28";
-      };
+      nixpkgs = (import <stockholm/krebs/source.nix> host).nixpkgs;
       secrets = getAttr builder {
         buildbot.file = toString <stockholm/lass/2configs/tests/dummy-secrets>;
         lass.pass = {
-- 
cgit v1.2.3


From e00acc20944364ba185cbdedab9347179d2004d8 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 24 Jan 2018 17:26:24 +0100
Subject: source: enable override

---
 krebs/source.nix | 33 ++++++++++++++++++---------------
 1 file changed, 18 insertions(+), 15 deletions(-)

diff --git a/krebs/source.nix b/krebs/source.nix
index 2a45a0092..fcc7fb74f 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -1,22 +1,25 @@
 with import <stockholm/lib>;
-host@{ name, secure ? false }: let
+host@{ name, secure ? false, override ? {} }: let
   builder = if getEnv "dummy_secrets" == "true"
               then "buildbot"
               else "krebs";
   _file = <stockholm> + "/krebs/1systems/${name}/source.nix";
 in
-  evalSource (toString _file) {
-    nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix";
-    secrets = getAttr builder {
-      buildbot.file = toString <stockholm/krebs/6tests/data/secrets>;
-      krebs.pass = {
-        dir = "${getEnv "HOME"}/brain";
-        name = "krebs-secrets/${name}";
+  evalSource (toString _file) [
+    {
+      nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix";
+      secrets = getAttr builder {
+        buildbot.file = toString <stockholm/krebs/6tests/data/secrets>;
+        krebs.pass = {
+          dir = "${getEnv "HOME"}/brain";
+          name = "krebs-secrets/${name}";
+        };
       };
-    };
-    stockholm.file = toString <stockholm>;
-    nixpkgs.git = {
-      url = https://github.com/NixOS/nixpkgs;
-      ref = "b222a0713f4a689519686421b3fbf5ca0c9bd3da"; # nixos-17.09 @ 2018-01-23
-    };
-  }
+      stockholm.file = toString <stockholm>;
+      nixpkgs.git = {
+        url = https://github.com/NixOS/nixpkgs;
+        ref = "b222a0713f4a689519686421b3fbf5ca0c9bd3da"; # nixos-17.09 @ 2018-01-23
+      };
+    }
+    override
+  ]
-- 
cgit v1.2.3


From e55897eb6a195dba6353f79baf7517df99bea379 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 26 Jan 2018 15:53:41 +0100
Subject: l eddi.r: public ip change

---
 krebs/3modules/lass/default.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 37bb31563..1634a62ac 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -458,7 +458,8 @@ with import <stockholm/lib>;
       external = true;
       nets = rec {
         internet = {
-          ip4.addr = "129.215.90.4";
+          # eddie.thalheim.io
+          ip4.addr = "129.215.197.11";
           aliases = [ "eddie.i" ];
         };
         retiolum = rec {
-- 
cgit v1.2.3


From 7d30101dd3f4b6e1191e37ea6a81c1c33fa535de Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 13:57:55 +0100
Subject: Revert "ma hw/stk1160: rip"

This reverts commit 1cbc2e5aa359e7e9b4b32c9ef75902576347a6d0.
---
 makefu/1systems/x/config.nix   |  6 ++----
 makefu/2configs/hw/stk1160.nix | 15 +++++++++++++++
 2 files changed, 17 insertions(+), 4 deletions(-)
 create mode 100644 makefu/2configs/hw/stk1160.nix

diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 3686acb6e..a32db91e1 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -61,7 +61,7 @@ with import <stockholm/lib>;
       <stockholm/makefu/2configs/hw/tp-x230.nix>
       <stockholm/makefu/2configs/hw/rtl8812au.nix>
       <stockholm/makefu/2configs/hw/wwan.nix>
-      # <stockholm/makefu/2configs/hw/stk1160.nix>
+      <stockholm/makefu/2configs/hw/stk1160.nix>
       # <stockholm/makefu/2configs/rad1o.nix>
 
       # Filesystem
@@ -86,6 +86,7 @@ with import <stockholm/lib>;
 
   nixpkgs.config.allowUnfree = true;
 
+  environment.systemPackages = [ pkgs.passwdqc-utils ];
 
 
   # configure pulseAudio to provide a HDMI sink as well
@@ -103,7 +104,4 @@ with import <stockholm/lib>;
   '';
   # hard dependency because otherwise the device will not be unlocked
   boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
-
-  nix.package = pkgs.nixUnstable;
-  environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
 }
diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
new file mode 100644
index 000000000..b3a9e1a5a
--- /dev/null
+++ b/makefu/2configs/hw/stk1160.nix
@@ -0,0 +1,15 @@
+{ pkgs, ... }:
+{
+  # TODO: un-pin linuxPackages somehow
+  boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages;
+  nixpkgs.config.packageOverrides = pkgs: {
+    linux_4_9 = pkgs.linux_4_9.override {
+        extraConfig = ''
+          MEDIA_ANALOG_TV_SUPPORT y
+          VIDEO_STK1160_COMMON m
+          VIDEO_STK1160_AC97 y
+          VIDEO_STK1160 m
+        '';
+    };
+  };
+}
-- 
cgit v1.2.3


From a645fb4b9acd5103bcb1b33ada8ba93f120834fa Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 14:15:02 +0100
Subject: ma photostore.krebsco.de: enable ssl

---
 makefu/2configs/deployment/photostore.krebsco.de.nix | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/makefu/2configs/deployment/photostore.krebsco.de.nix b/makefu/2configs/deployment/photostore.krebsco.de.nix
index 9e16a384a..ecbca9ea3 100644
--- a/makefu/2configs/deployment/photostore.krebsco.de.nix
+++ b/makefu/2configs/deployment/photostore.krebsco.de.nix
@@ -26,14 +26,16 @@ in {
   services.nginx = {
     enable = mkDefault true;
     virtualHosts."photostore.krebsco.de" = {
-        locations = {
-          "/".extraConfig = ''
-          uwsgi_pass                  unix://${wsgi-sock};
-          uwsgi_param UWSGI_CHDIR     ${workdir};
-          uwsgi_param UWSGI_MODULE    cuserver.main;
-          uwsgi_param UWSGI_CALLABLE  app;
-          include                     ${pkgs.nginx}/conf/uwsgi_params;
-        '';
+      enableACME = true;
+      forceSSL = true;
+      locations = {
+        "/".extraConfig = ''
+        uwsgi_pass                  unix://${wsgi-sock};
+        uwsgi_param UWSGI_CHDIR     ${workdir};
+        uwsgi_param UWSGI_MODULE    cuserver.main;
+        uwsgi_param UWSGI_CALLABLE  app;
+        include                     ${pkgs.nginx}/conf/uwsgi_params;
+      '';
       };
     };
   };
-- 
cgit v1.2.3


From 0c8071080121deb593be0899bc20ec3eb3169688 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 14:15:48 +0100
Subject: ma gum.r: add vpn pubkeys for work router

---
 makefu/1systems/gum/config.nix | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index f473d9e4c..a656fdce3 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -109,6 +109,8 @@ in {
       #}
       { # wireguard server
 
+        # opkg install wireguard luci-proto-wireguard
+
         # TODO: networking.nat
 
         # boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
@@ -136,9 +138,23 @@ in {
             allowedIPs = [ "10.244.0.3/32" ];
             publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw=";
           }
+          {
+            # x-test
+            allowedIPs = [ "10.244.0.4/32" ];
+            publicKey = "vZ/AJpfDLJyU3DzvYeW70l4FNziVgSTumA89wGHG7XY=";
+          }
+          {
+            # work-router
+            allowedIPs = [ "10.244.0.5/32" ];
+            publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw=";
+          }
           ];
         };
       }
+      { # iperf3
+        networking.firewall.allowedUDPPorts = [ 5201 ];
+        networking.firewall.allowedTCPPorts = [ 5201 ];
+      }
 
   ];
   makefu.dl-dir = "/var/download";
-- 
cgit v1.2.3


From 79ac162a9e967993252d910f5a6bb74c810fd0a1 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 14:16:11 +0100
Subject: ma hw/stk1160: bump linux kernel

---
 makefu/2configs/hw/stk1160.nix | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
index b3a9e1a5a..bdd146365 100644
--- a/makefu/2configs/hw/stk1160.nix
+++ b/makefu/2configs/hw/stk1160.nix
@@ -1,9 +1,8 @@
-{ pkgs, ... }:
+{ pkgs, lib, ... }:
 {
   # TODO: un-pin linuxPackages somehow
-  boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages;
   nixpkgs.config.packageOverrides = pkgs: {
-    linux_4_9 = pkgs.linux_4_9.override {
+    linux_4_14 = pkgs.linux_4_14.override {
         extraConfig = ''
           MEDIA_ANALOG_TV_SUPPORT y
           VIDEO_STK1160_COMMON m
-- 
cgit v1.2.3


From 0cad7868a46613eb76fe1a8271efe2a9230e85ad Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 28 Jan 2018 15:08:50 +0100
Subject: infest prepare: define _which on nixos_iso

---
 krebs/4lib/infest/prepare.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/krebs/4lib/infest/prepare.sh b/krebs/4lib/infest/prepare.sh
index 78c1c6ec1..cbc62102c 100644
--- a/krebs/4lib/infest/prepare.sh
+++ b/krebs/4lib/infest/prepare.sh
@@ -81,6 +81,9 @@ prepare_debian() {
 }
 
 prepare_nixos_iso() {
+  _which() (
+    type -p "$1"
+  )
   mountpoint /mnt
 
   type git 2>/dev/null || nix-env -iA nixos.git
-- 
cgit v1.2.3


From cd276a21f2aa55192e072ac8339b45201066d58b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 15:09:18 +0100
Subject: wolf.r: pin et0

---
 krebs/1systems/wolf/config.nix | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 1b269e39a..6addb0818 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -2,6 +2,9 @@
 let
   shack-ip = config.krebs.build.host.nets.shack.ip4.addr;
   influx-host = "127.0.0.1";
+  ext-if = "et0";
+  external-mac = "52:54:b0:0b:af:fe";
+
 in
 {
   imports = [
@@ -111,7 +114,7 @@ in
   networking = {
     firewall.enable = false;
     firewall.allowedTCPPorts = [ 8088 8086 8083 ];
-    interfaces.enp0s3.ip4 = [{
+    interfaces."${ext-if}".ip4 = [{
       address = shack-ip;
       prefixLength = 20;
     }];
@@ -160,6 +163,9 @@ in
     config.krebs.users.makefu-omo.pubkey
     "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
   ];
+  services.udev.extraRules = ''
+    SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
+  '';
 
   time.timeZone = "Europe/Berlin";
   sound.enable = false;
-- 
cgit v1.2.3


From 1f8ad80695e93687999b8151ddd2e7f2c40b085b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 15:12:37 +0100
Subject: ma cgit: disable irc hook

---
 makefu/2configs/git/cgit-retiolum.nix | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index da246f66a..eacbd99cf 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -53,15 +53,6 @@ let
   make-krebs-repo = with git; name: { cgit ? {}, ... }: {
     inherit cgit name;
     public = true;
-    hooks = {
-      post-receive = pkgs.git-hooks.irc-announce {
-        nick = config.networking.hostName;
-        verbose = config.krebs.build.host.name == "gum";
-        channel = "#xxx";
-        # TODO remove the hardcoded hostname
-        server = "irc.r";
-      };
-    };
   };
 
 
-- 
cgit v1.2.3


From 32c800ec3fc508c6c8d025a31c9b922d9fdbe04d Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 15:19:26 +0100
Subject: ma hw/stk1160: fix invalid kernel option

---
 makefu/2configs/hw/stk1160.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
index bdd146365..4ac639a25 100644
--- a/makefu/2configs/hw/stk1160.nix
+++ b/makefu/2configs/hw/stk1160.nix
@@ -6,7 +6,6 @@
         extraConfig = ''
           MEDIA_ANALOG_TV_SUPPORT y
           VIDEO_STK1160_COMMON m
-          VIDEO_STK1160_AC97 y
           VIDEO_STK1160 m
         '';
     };
-- 
cgit v1.2.3


From eb1ecbe5b49e74862d61e67235e9eb74862cae56 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Sun, 28 Jan 2018 18:32:29 +0000
Subject: jeschli vim: +vim-elm

---
 jeschli/2configs/vim.nix | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/jeschli/2configs/vim.nix b/jeschli/2configs/vim.nix
index 65ce7dfa4..7721b1d40 100644
--- a/jeschli/2configs/vim.nix
+++ b/jeschli/2configs/vim.nix
@@ -20,6 +20,7 @@ let
        sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a";
      };
    };
+
 in {
   environment.systemPackages = [
     (pkgs.vim_configurable.customize {
@@ -65,11 +66,17 @@ in {
           let g:molokai_original = 1
           let g:rehash256 = 1
         '';
-
+        settingsForElm = ''
+          let g:polyglot_disabled = ['elm']
+          let g:elm_detailed_complete = 1
+          let g:elm_format_autosave = 1
+          let g:elm_syntastic_show_warnings = 1
+        '';
       in ''
         ${colorscheme}
         ${remapStatements}
         ${setStatements}
+        ${settingsForElm}
         ${settingsForGo}
         " I dont know what this line is about
         autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4
@@ -85,6 +92,7 @@ in {
             "surround"
             "Syntastic"
             "undotree"
+            "elm-vim"
            ];
          }
          { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
-- 
cgit v1.2.3


From 2682c735526d6593795d324a50dda5fd557c6ef1 Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Sun, 28 Jan 2018 18:34:54 +0000
Subject: jeschli bolide: +j std config

---
 jeschli/1systems/bolide/config.nix | 184 +++++++++++++++++++------------------
 1 file changed, 96 insertions(+), 88 deletions(-)

diff --git a/jeschli/1systems/bolide/config.nix b/jeschli/1systems/bolide/config.nix
index cb3eb0396..83640801f 100644
--- a/jeschli/1systems/bolide/config.nix
+++ b/jeschli/1systems/bolide/config.nix
@@ -26,7 +26,7 @@
     device = "/dev/disk/by-uuid/53f1eeaf-a7ac-456c-a2af-778dd8b8d5b0";
     preLVM = true;
     allowDiscards = true;
-  } ]; 
+  } ];
 #  networking.hostName = "bolide"; # Define your hostname.
   networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
 
@@ -42,93 +42,101 @@
 
   # List packages installed in system profile. To search by name, run:
   # $ nix-env -qaP | grep wget
-   nixpkgs.config.allowUnfree = true; 
-   environment.systemPackages = with pkgs; [
-     wget vim
-   # system helper
-     ag
-     curl
-     copyq
-     dmenu
-     git
-     i3lock
-     keepass
-     networkmanagerapplet
-     rsync
-     terminator
-     tmux
-     wget
-   #  rxvt_unicode
-   # editors
-     emacs
-   # internet
-     thunderbird
-     chromium
-     google-chrome
-   # programming languages
-     go
-     gcc
-     ghc
-     python35
-     python35Packages.pip
-   # go tools
-     golint
-     gotools
-   # dev tools
-     gnumake
-     jetbrains.pycharm-professional
-     jetbrains.webstorm
-     jetbrains.goland
-   # document viewer
-     zathura
-   ];
-
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  # programs.bash.enableCompletion = true;
-  # programs.mtr.enable = true;
-  # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
-
-  # List services that you want to enable:
-
-  # Enable the OpenSSH daemon.
-  services.openssh.enable = true;
-
-  # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
-  # Or disable the firewall altogether.
-  # networking.firewall.enable = false;
-
-  # Enable CUPS to print documents.
-  # services.printing.enable = true;
-
-  # Enable the X11 windowing system.
-  services.xserver.enable = true;
-  # services.xserver.layout = "us";
-  # services.xserver.xkbOptions = "eurosign:e";
-
-  services.xserver.displayManager.sddm.enable = true;
-  services.xserver.windowManager.xmonad.enable = true;
-  services.xserver.windowManager.xmonad.enableContribAndExtras = true;
-  # Enable touchpad support.
-  # services.xserver.libinput.enable = true;
-
-  # Enable the KDE Desktop Environment.
-  # services.xserver.displayManager.sddm.enable = true;
-  # services.xserver.desktopManager.plasma5.enable = true;
-
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-   users.extraUsers.jeschli = {
-     isNormalUser = true;
-     uid = 1000;
-   };
-
-  # This value determines the NixOS release with which your system is to be
-  # compatible, in order to avoid breaking some software such as database
-  # servers. You should change this only after NixOS release notes say you
-  # should.
-  system.stateVersion = "17.09"; # Did you read the comment?
+  environment.shellAliases = {
+    n = "nix-shell";
+    stocki = pkgs.writeDash "deploy" ''
+      cd ~/stockholm
+      exec nix-shell -I stockholm="$PWD" --run 'deploy  --system="bolide"'
+    '';
+  };
+  nixpkgs.config.allowUnfree = true;
+  environment.systemPackages = with pkgs; [
+    wget vim
+  # system helper
+    ag
+    curl
+    copyq
+    dmenu
+    git
+    i3lock
+    keepass
+    networkmanagerapplet
+    rsync
+    terminator
+    tmux
+    wget
+  #  rxvt_unicode
+  # editors
+    emacs
+  # internet
+    thunderbird
+    chromium
+    google-chrome
+  # programming languages
+    go
+    gcc
+    ghc
+    python35
+    python35Packages.pip
+  # go tools
+    golint
+    gotools
+  # dev tools
+    elmPackages.elm
+    gnumake
+    jetbrains.pycharm-professional
+    jetbrains.webstorm
+    jetbrains.goland
+  # document viewer
+    zathura
+  ];
+
+ # Some programs need SUID wrappers, can be configured further or are
+ # started in user sessions.
+ # programs.bash.enableCompletion = true;
+ # programs.mtr.enable = true;
+ # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
+
+ # List services that you want to enable:
+
+ # Enable the OpenSSH daemon.
+ services.openssh.enable = true;
+
+ # Open ports in the firewall.
+ # networking.firewall.allowedTCPPorts = [ ... ];
+ # networking.firewall.allowedUDPPorts = [ ... ];
+ # Or disable the firewall altogether.
+ # networking.firewall.enable = false;
+
+ # Enable CUPS to print documents.
+ # services.printing.enable = true;
+
+ # Enable the X11 windowing system.
+ services.xserver.enable = true;
+ # services.xserver.layout = "us";
+ # services.xserver.xkbOptions = "eurosign:e";
+
+ services.xserver.displayManager.sddm.enable = true;
+ services.xserver.windowManager.xmonad.enable = true;
+ services.xserver.windowManager.xmonad.enableContribAndExtras = true;
+ # Enable touchpad support.
+ # services.xserver.libinput.enable = true;
+
+ # Enable the KDE Desktop Environment.
+ # services.xserver.displayManager.sddm.enable = true;
+ # services.xserver.desktopManager.plasma5.enable = true;
+
+ # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.extraUsers.jeschli = {
+    isNormalUser = true;
+    uid = 1000;
+  };
+
+ # This value determines the NixOS release with which your system is to be
+ # compatible, in order to avoid breaking some software such as database
+ # servers. You should change this only after NixOS release notes say you
+ # should.
+ system.stateVersion = "17.09"; # Did you read the comment?
 
 }
 
-- 
cgit v1.2.3


From 3ba905f2b0cff91cdeaa46c3eaed34d4bfc01215 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 29 Jan 2018 14:45:26 +0100
Subject: ma wbob-kiosk: provide chromium

---
 makefu/2configs/gui/wbob-kiosk.nix | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix
index 4b7a0c333..7db749227 100644
--- a/makefu/2configs/gui/wbob-kiosk.nix
+++ b/makefu/2configs/gui/wbob-kiosk.nix
@@ -1,11 +1,13 @@
-{ lib, ... }:
+{ pkgs, lib, ... }:
 {
 
   imports = [
       ./base.nix
   ];
+  users.users.makefu.packages = [ pkgs.chromium ];
   services.xserver = {
     layout = lib.mkForce "de";
+    xkbVariant = lib.mkForce "";
 
     windowManager = lib.mkForce {
       awesome.enable = false;
@@ -16,7 +18,7 @@
     # xrandrHeads = [ "HDMI1" "HDMI2" ];
     # prevent screen from turning off, disable dpms
     displayManager.sessionCommands = ''
-      xset s off -dpms
+      xset -display :0 s off -dpms
       xrandr --output HDMI2 --right-of HDMI1
     '';
   };
-- 
cgit v1.2.3


From 71397b0aa5f27b0b6dbe22101287f60b237e32f0 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 29 Jan 2018 14:47:00 +0100
Subject: ma wbob.r: enable mpd via bluetooth

---
 makefu/1systems/wbob/config.nix | 126 ++++++++++++++++++++--------------------
 1 file changed, 62 insertions(+), 64 deletions(-)

diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index f44211b93..6434ba273 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -18,7 +18,7 @@ in {
       <stockholm/makefu/2configs/virtualisation/libvirt.nix>
       <stockholm/makefu/2configs/tinc/retiolum.nix>
       <stockholm/makefu/2configs/mqtt.nix>
-      # <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
+      <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
 
       <stockholm/makefu/2configs/stats/client.nix>
 
@@ -31,6 +31,63 @@ in {
       # Services
       <stockholm/makefu/2configs/remote-build/slave.nix>
       <stockholm/makefu/2configs/share/wbob.nix>
+      (let
+        musicDirectory = "/data/music";
+      in {
+        services.mpd = {
+          enable = true;
+          inherit musicDirectory;
+          # dataDir = "/home/anders/.mpd";
+          network.listenAddress = "any";
+          extraConfig = ''
+            audio_output {
+              type    "pulse"
+              name    "Local MPD"
+              server  "127.0.0.1"
+            }
+          '';
+        };
+        # open because of truestedInterfaces
+        # networking.firewall.allowedTCPPorts = [ 6600 4713 ];
+        services.samba.shares.music = {
+          path = musicDirectory;
+          "read only" = "no";
+          browseable = "yes";
+          "guest ok" = "yes";
+        };
+
+        sound.enable = true;
+        hardware.pulseaudio = {
+          enable = true;
+          package = pkgs.pulseaudioFull;
+          # systemWide = true;
+          support32Bit = true;
+          zeroconf.discovery.enable = true;
+          zeroconf.publish.enable = true;
+          tcp = {
+            enable = true;
+            anonymousClients.allowAll = true;
+            anonymousClients.allowedIpRanges =  [ "127.0.0.1" "192.168.8.0/24" ];
+          };
+          configFile = pkgs.writeText "default.pa" ''
+            load-module module-udev-detect
+            load-module module-bluetooth-policy
+            load-module module-bluetooth-discover
+            load-module module-native-protocol-unix
+            load-module module-always-sink
+            load-module module-console-kit
+            load-module module-systemd-login
+            load-module module-intended-roles
+            load-module module-position-event-sounds
+            load-module module-filter-heuristics
+            load-module module-filter-apply
+            load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
+            load-module module-switch-on-connect
+            '';
+        };
+        # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
+        hardware.bluetooth.enable = true;
+      })
 
       # Sensors
       <stockholm/makefu/2configs/stats/telegraf>
@@ -147,7 +204,10 @@ in {
   boot.loader.grub.device = rootdisk;
   hardware.cpu.intel.updateMicrocode = true;
   boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
-  boot.kernelModules = [ "kvm-intel" ];
+
+  boot.kernelModules = [ "kvm-intel"
+    "snd-seq" "snd-rawmidi"
+  ];
   fileSystems = {
     "/" = {
       device = rootdisk + "-part1";
@@ -174,66 +234,4 @@ in {
       serverAddress = "x.r";
     };
   };
-  security.wrappers.fping = {
-    source = "${pkgs.fping}/bin/fping";
-    setuid = true;
-  };
-  services.smokeping = {
-    enable = true;
-    targetConfig = ''
-      probe = FPing
-      menu = Top
-      title = Network Latency Grapher
-      remark = Welcome to this SmokePing website.
-
-      + network
-      menu = Net latency
-      title = Network latency (ICMP pings)
-
-      ++ google
-      probe = FPing
-      host = google.de
-      ++ webde
-      probe = FPing
-      host = web.de
-
-      + services
-      menu = Service latency
-      title = Service latency (DNS, HTTP)
-
-      ++ HTTP
-      menu = HTTP latency
-      title = Service latency (HTTP)
-
-      +++ webdeping
-      probe = EchoPingHttp
-      host = web.de
-
-      +++ googwebping
-      probe = EchoPingHttp
-      host = google.de
-
-      #+++ webwww
-      #probe = Curl
-      #host = web.de
-
-      #+++ googwebwww
-      #probe = Curl
-      #host = google.de
-    '';
-    probeConfig = ''
-       + FPing
-       binary = /run/wrappers/bin/fping
-       + EchoPingHttp
-       pings = 5
-       url = /
-
-       #+ Curl
-       ## probe-specific variables
-       #binary = ${pkgs.curl}/bin/curl
-       #step = 60
-       ## a default for this target-specific variable
-       #urlformat = http://%host%/
-    '';
-  };
 }
-- 
cgit v1.2.3


From b31a37799eff274215d4cd9d435a9c16d496a88c Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 30 Jan 2018 08:11:00 +0100
Subject: ma pkgs.pfsshell: init

---
 makefu/5pkgs/pfsshell/default.nix | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 makefu/5pkgs/pfsshell/default.nix

diff --git a/makefu/5pkgs/pfsshell/default.nix b/makefu/5pkgs/pfsshell/default.nix
new file mode 100644
index 000000000..fc6b37069
--- /dev/null
+++ b/makefu/5pkgs/pfsshell/default.nix
@@ -0,0 +1,27 @@
+{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub, upx, wine }:
+stdenv.mkDerivation rec {
+  pname = "pfsshell";
+  version = "64f8c2";
+  name = "${pname}-${version}";
+
+  src = fetchFromGitHub {
+    owner = "makefu";
+    repo = "pfsshell";
+    rev = version;
+    sha256 = "01lbqf8s91p8id58xa16fp555i03vfycqvhv7qzpnrjy6yvp9dm8";
+  };
+
+  buildInputs = [ ];
+
+  makeFlags = [ ];
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp pfsshell $out/bin
+  '';
+
+  meta = {
+    homepage = https://github.com/uyjulian/pfsshell ;
+    description = "browse and transfer files to/from PFS filesystems";
+  };
+}
-- 
cgit v1.2.3


From 7b49153a48924274a9174002e766b9f56b532ba2 Mon Sep 17 00:00:00 2001