From 54feede990f042cc75a240dab50ad2016ed4c9ec Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 7 Sep 2017 21:51:24 +0200 Subject: ma vncserver: retab --- makefu/2configs/vncserver.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/2configs/vncserver.nix b/makefu/2configs/vncserver.nix index 3d1d9fe75..e62a3f748 100644 --- a/makefu/2configs/vncserver.nix +++ b/makefu/2configs/vncserver.nix @@ -33,7 +33,7 @@ in { serviceConfig = { User = "nobody"; ExecStart = "${pkgs.novnc}/bin/launch-novnc.sh --listen ${toString web_port} --vnc localhost:${toString vnc_port}"; - PrivateTmp = true; + PrivateTmp = true; }; }; }; -- cgit v1.2.3 From 265bfe7949c7cccd80763d0b642df7b00f102a41 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 9 Sep 2017 16:27:30 +0200 Subject: wolf: add plattenschwein pubkey --- krebs/1systems/wolf/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 91aabb716..4796d26fd 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -100,6 +100,7 @@ in users.extraUsers.root.openssh.authorizedKeys.keys = [ config.krebs.users.ulrich.pubkey config.krebs.users.makefu-omo.pubkey + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup ]; time.timeZone = "Europe/Berlin"; -- cgit v1.2.3 From e03866490e69df3040ca3143e55ca3538aa06db1 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 9 Sep 2017 20:58:36 +0200 Subject: ma steam: fix startup reference: https://github.com/NixOS/nixpkgs/issues/25957 --- makefu/2configs/steam.nix | 6 ------ makefu/2configs/tools/games.nix | 6 ++++-- makefu/2configs/tools/steam.nix | 10 ++++++++++ 3 files changed, 14 insertions(+), 8 deletions(-) delete mode 100644 makefu/2configs/steam.nix create mode 100644 makefu/2configs/tools/steam.nix diff --git a/makefu/2configs/steam.nix b/makefu/2configs/steam.nix deleted file mode 100644 index d4ec84abf..000000000 --- a/makefu/2configs/steam.nix +++ /dev/null @@ -1,6 +0,0 @@ -{pkgs, ...}: -{ - environment.systemPackages = [ pkgs.steam ]; - hardware.opengl.driSupport32Bit = true; - hardware.pulseaudio.support32Bit = true; -} diff --git a/makefu/2configs/tools/games.nix b/makefu/2configs/tools/games.nix index 47f06287b..0257e1870 100644 --- a/makefu/2configs/tools/games.nix +++ b/makefu/2configs/tools/games.nix @@ -1,8 +1,10 @@ { pkgs, ... }: { - krebs.per-user.makefu.packages = with pkgs; [ - steam + imports = [ + ../steam.nix + ]; + users.users.makefu.packages = with pkgs; [ games-user-env ]; } diff --git a/makefu/2configs/tools/steam.nix b/makefu/2configs/tools/steam.nix new file mode 100644 index 000000000..dbe51270d --- /dev/null +++ b/makefu/2configs/tools/steam.nix @@ -0,0 +1,10 @@ +{pkgs, ...}: +{ + environment.systemPackages = [ + (pkgs.steam.override { + newStdcpp = true; + }) + ]; + hardware.opengl.driSupport32Bit = true; + hardware.pulseaudio.support32Bit = true; +} -- cgit v1.2.3 From f82de12a9a235a97085b768848c97dd023285066 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 9 Sep 2017 20:58:50 +0200 Subject: ma docker: add self to docker group --- makefu/2configs/virtualisation/docker.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/makefu/2configs/virtualisation/docker.nix b/makefu/2configs/virtualisation/docker.nix index ddef9e371..951bdbf26 100644 --- a/makefu/2configs/virtualisation/docker.nix +++ b/makefu/2configs/virtualisation/docker.nix @@ -1,8 +1,9 @@ -{ pkgs, ... }: +{ pkgs, config, ... }: { virtualisation.docker.enable = true; environment.systemPackages = with pkgs;[ docker docker_compose ]; + users.extraUsers.${config.krebs.build.user.name}.extraGroups = [ "docker" ]; } -- cgit v1.2.3 From 31b9df0a3b7828887ff9ee4eaddf12b26707c3bf Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 10 Sep 2017 01:32:53 +0200 Subject: wolf: add telegraf snmp --- krebs/1systems/wolf/config.nix | 53 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 4796d26fd..d89d0b0b2 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -1,6 +1,7 @@ { config, pkgs, ... }: let shack-ip = config.krebs.build.host.nets.shack.ip4.addr; + influx-host = "127.0.0.1"; in { imports = [ @@ -23,6 +24,58 @@ in + { + systemd.services.telegraf.path = [ pkgs.net_snmp ]; # for snmptranslate + #systemd.services.telegraf.environment = { + # "MIBDIRS" : ""; # extra mibs like ADSL + #}; + services.telegraf = { + enable = true; + extraConfig = { + inputs = { + snmp = { + agents = [ "10.0.1.3:161" ]; + version = 2; + community = "shack"; + name = "snmp"; + field = [ + { + name = "hostname"; + oid = "RFC1213-MIB::sysName.0"; + is_tag = true; + } + { + name = "load-percent"; #cisco + oid = ".1.3.6.1.4.1.9.9.109.1.1.1.1.4.9"; + } + { + name = "uptime"; + oid = "DISMAN-EVENT-MIB::sysUpTimeInstance"; + } + ]; + table = [{ + name = "snmp"; + inherit_tags = [ "hostname" ]; + oid = "IF-MIB::ifXTable"; + field = [{ + name = "ifName"; + oid = "IF-MIB::ifName"; + is_tag = true; + }]; + }]; + }; + }; + outputs = { + influxdb = { + urls = [ "http://${influx-host}:8086" ]; + database = "telegraf"; + write_consistency = "any"; + timeout = "5s"; + }; + }; + }; + }; + } ]; # use your own binary cache, fallback use cache.nixos.org (which is used by -- cgit v1.2.3 From dede52e436625471e905360d4d78d5a9c5d6fe81 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 10 Sep 2017 13:05:34 +0200 Subject: ma x: steam is now a tool --- makefu/1systems/x/config.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index faa29f3db..892eb1095 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -56,7 +56,6 @@ with import ; - # # Hardware -- cgit v1.2.3 From 8a50e700166835c86d4339647c378c465a2970a3 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 10 Sep 2017 13:40:59 +0200 Subject: ma tools/games: fix path to steam --- makefu/2configs/tools/games.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/2configs/tools/games.nix b/makefu/2configs/tools/games.nix index 0257e1870..8e815da5e 100644 --- a/makefu/2configs/tools/games.nix +++ b/makefu/2configs/tools/games.nix @@ -2,7 +2,7 @@ { imports = [ - ../steam.nix + ./steam.nix ]; users.users.makefu.packages = with pkgs; [ games-user-env -- cgit v1.2.3 From ffbd8c9d51753e479fb2c9f83721e0fda58c441a Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 11 Sep 2017 23:01:24 +0200 Subject: wolf.r: add copyKernels --- krebs/1systems/wolf/config.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index d89d0b0b2..21ae20ea0 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -139,6 +139,9 @@ in boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/vda"; + # without it `/nix/store` is not added grub paths + boot.loader.grub.copyKernels = true; + fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; swapDevices = [ -- cgit v1.2.3 From 044320bfe49d822f102daf82b270e20308f9049f Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 11 Sep 2017 23:02:10 +0200 Subject: wolf muell_caller: bump to latest version --- krebs/2configs/shack/muell_caller.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/2configs/shack/muell_caller.nix b/krebs/2configs/shack/muell_caller.nix index 2d8d78e33..7e8d278f6 100644 --- a/krebs/2configs/shack/muell_caller.nix +++ b/krebs/2configs/shack/muell_caller.nix @@ -6,8 +6,8 @@ let name = "muell_caller-2017-06-01"; src = pkgs.fetchgit { url = "https://github.com/shackspace/muell_caller/"; - rev = "bbd4009"; - sha256 = "1bfnfl2vdh0p5wzyz5p48qh04vvsg2445avg86fzhzragx25fqv0"; + rev = "ee4e499"; + sha256 = "0q1v07q633sbqg4wkgf0zya2bnqrikpyjhzp05iwn2vcs8rvsi3k"; }; buildInputs = [ (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [ -- cgit v1.2.3 From 2b4d7d951299d7dada001476872d809310f40810 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 11 Sep 2017 23:02:28 +0200 Subject: ma gum.r: disable torrent --- makefu/1systems/gum/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 934bfa685..2f288e708 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -40,7 +40,7 @@ in { # services - + # -- cgit v1.2.3 From 4b19401a82378ef9d091c8f58da0a67b33ec8ac6 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 11 Sep 2017 23:02:58 +0200 Subject: ma printer: add SXC-3205W network scanner --- makefu/2configs/printer.nix | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix index 0865a0841..51e69d8b7 100644 --- a/makefu/2configs/printer.nix +++ b/makefu/2configs/printer.nix @@ -14,17 +14,20 @@ in { # scanners are printers just in reverse anyway services.saned.enable = true; - users.users."${mainUser}".extraGroups = [ "scanner" ]; + users.users."${mainUser}".extraGroups = [ "scanner" "lp" ]; hardware.sane = { enable = true; - extraBackends = [ pkgs.samsungUnifiedLinuxDriver ]; + extraBackends = [ ]; # $ scanimage -p --format=jpg --mode=Gray --source="Automatic Document Feeder" -v --batch="lol%d.jpg" --resolution=150 # requires 'sane-extra', scan via: - extraConfig."magicolor" = '' - net 10.42.20.30 0x2098 - ''; # 10.42.20.30: uhrenkind.shack magicolor 1690mf + #extraConfig."magicolor" = '' + # net 10.42.20.30 0x2098 + #''; # 10.42.20.30: uhrenkind.shack magicolor 1690mf + extraConfig."xerox_mfp" = '' + tcp 192.168.1.5 + ''; #home printer SCX-3205W }; } -- cgit v1.2.3 From 4ea52583d189d2c72b0a64cf605216f8b5bbcf56 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 11 Sep 2017 23:09:47 +0200 Subject: ma tools: add scanner-tools --- makefu/2configs/tools/all.nix | 1 + makefu/2configs/tools/scanner-tools.nix | 7 +++++++ 2 files changed, 8 insertions(+) create mode 100644 makefu/2configs/tools/scanner-tools.nix diff --git a/makefu/2configs/tools/all.nix b/makefu/2configs/tools/all.nix index c7a116918..7755e2872 100644 --- a/makefu/2configs/tools/all.nix +++ b/makefu/2configs/tools/all.nix @@ -7,6 +7,7 @@ ./extra-gui.nix ./games.nix ./media.nix + ./scanner-tools.nix ./sec.nix ./sec-gui.nix ./studio.nix diff --git a/makefu/2configs/tools/scanner-tools.nix b/makefu/2configs/tools/scanner-tools.nix new file mode 100644 index 000000000..ef2e913e4 --- /dev/null +++ b/makefu/2configs/tools/scanner-tools.nix @@ -0,0 +1,7 @@ +{ + # ln -s /run/current-system/sw/bin/xsane ~/.gimp-2.8/plug-ins/xsane + nixpkgs.config.packageOverrides = pkgs: { + xsaneGimp = pkgs.xsane.override { gimpSupport = true; }; + }; +} + -- cgit v1.2.3 From 3d45f25458cf0f64d509bb25fa5634c592399806 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 12 Sep 2017 21:13:37 +0200 Subject: tv charybdis: after network-online.target --- tv/3modules/charybdis/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/3modules/charybdis/default.nix b/tv/3modules/charybdis/default.nix index 859dc122c..e252f2e1d 100644 --- a/tv/3modules/charybdis/default.nix +++ b/tv/3modules/charybdis/default.nix @@ -52,7 +52,7 @@ in { systemd.services.charybdis = { wantedBy = [ "multi-user.target" ]; requires = [ "secret.service" ]; - after = [ "network.target" "secret.service" ]; + after = [ "network-online.target" "secret.service" ]; environment = { BANDB_DBPATH = "${cfg.user.home}/ban.db"; }; -- cgit v1.2.3 From ab36abc9338b5bf2ffe0b090961ec26be5677663 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 15 Sep 2017 00:08:47 +0200 Subject: withGetopt: init --- krebs/5pkgs/simple/withGetopt.nix | 106 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 106 insertions(+) create mode 100644 krebs/5pkgs/simple/withGetopt.nix diff --git a/krebs/5pkgs/simple/withGetopt.nix b/krebs/5pkgs/simple/withGetopt.nix new file mode 100644 index 000000000..fd59adcaf --- /dev/null +++ b/krebs/5pkgs/simple/withGetopt.nix @@ -0,0 +1,106 @@ +with import ; +{ utillinux, writeDash }: + +opt-spec: cmd-spec: let + + cmd = cmd-spec opts; + + cmd-script = + if typeOf cmd == "set" + then "exec ${cmd}" + else cmd; + + opts = mapAttrs (name: value: value // rec { + long = value.long or (replaceStrings ["_"] ["-"] name); + ref = value.ref or "\"\$${varname}\""; + switch = value.switch or false; + varname = value.varname or (replaceStrings ["-"] ["_"] name); + }) opt-spec; + + # true if b requires a to define its default value + opts-before = a: b: + test ".*[$]${stringAsChars (c: "[${c}]") a.varname}\\>.*" (b.default or ""); + + opts-list = let + sort-out = toposort opts-before (attrValues opts); + in + if sort-out ? result + then sort-out.result + else throw "toposort output: ${toJSON sort-out}"; + + wrapper-name = + if typeOf cmd == "set" && cmd ? name + then "${cmd.name}-getopt" + else "getopt-wrapper"; + +in writeDash wrapper-name '' + set -efu + + wrapper_name=${shell.escape wrapper-name} + + ${concatStringsSep "\n" (mapAttrsToList (name: opt: /* sh */ '' + unset ${opt.varname} + '') opts)} + + args=$(${utillinux}/bin/getopt \ + -n "$wrapper_name" \ + -o "" \ + -l ${concatMapStringsSep "," + (opt: opt.long + optionalString (!opt.switch) ":") + (attrValues opts)} \ + -s sh \ + -- "$@") + if \test $? != 0; then exit 1; fi + eval set -- "$args" + + while :; do + case $1 in + ${concatStringsSep "\n" (mapAttrsToList (name: opt: /* sh */ '' + --${opt.long}) + ${if opt.switch then /* sh */ '' + ${opt.varname}=true + shift + '' else /* sh */ '' + ${opt.varname}=$2 + shift 2 + ''} + ;; + '') opts)} + --) + shift + break + esac + done + + ${concatMapStringsSep "\n" + (opt: /* sh */ '' + if \test "''${${opt.varname}+1}" != 1; then + printf '%s: missing mandatory option '--%s'\n' \ + "$wrapper_name" \ + ${shell.escape opt.long} + error=1 + fi + '') + (filter + (x: ! hasAttr "default" x) + (attrValues opts))} + if test "''${error+1}" = 1; then + exit 1 + fi + + ${concatMapStringsSep "\n" + (opt: /* sh */ '' + if \test "''${${opt.varname}+1}" != 1; then + ${opt.varname}=${opt.default} + fi + '') + (filter + (hasAttr "default") + opts-list)} + + ${concatStringsSep "\n" (mapAttrsToList (name: opt: /* sh */ '' + export ${opt.varname} + '') opts)} + + ${cmd-script} +'' -- cgit v1.2.3 From b28dabfc0720578b46fd7664b233a12666fbca0c Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 15 Sep 2017 00:33:34 +0200 Subject: shell: use withGetopt --- shell.nix | 122 ++++++++++++++++++++++++-------------------------------------- 1 file changed, 47 insertions(+), 75 deletions(-) diff --git a/shell.nix b/shell.nix index a4ccc3187..661ac81a8 100644 --- a/shell.nix +++ b/shell.nix @@ -6,43 +6,38 @@ let # high level commands # - # usage: deploy - # [--force-populate] - # [--quiet] - # [--source=PATH] - # --system=SYSTEM - # [--target=TARGET] - # [--user=USER] - cmds.deploy = pkgs.writeDash "cmds.deploy" '' + cmds.deploy = pkgs.withGetopt { + force-populate = { default = /* sh */ "false"; switch = true; }; + quiet = { default = /* sh */ "false"; switch = true; }; + source_file = { + default = /* sh */ "$user/1systems/$system/source.nix"; + long = "source"; + }; + system = {}; + target.default = /* sh */ "$system"; + user.default = /* sh */ "$LOGNAME"; + } (opts: pkgs.writeDash "cmds.deploy" '' set -efu - command=deploy - . ${init.args} - \test -n "''${quiet-}" || quiet=false - \test -n "''${target-}" || target=$system - \test -n "''${user-}" || user=$LOGNAME - \test -n "''${source_file}" || source_file=$user/1systems/$system/source.nix . ${init.env} - . ${init.proxy} + . ${init.proxy opts} exec ${utils.deploy} - ''; - - # usage: install - # [--force-populate] - # [--quiet] - # [--source=PATH] - # --system=SYSTEM - # --target=TARGET - # [--user=USER] - cmds.install = pkgs.writeBash "cmds.install" '' + ''); + + cmds.install = pkgs.withGetopt { + force-populate = { default = /* sh */ "false"; switch = true; }; + quiet = { default = /* sh */ "false"; switch = true; }; + source_file = { + default = /* sh */ "$user/1systems/$system/source.nix"; + long = "source"; + }; + system = {}; + target = {}; + user.default = /* sh */ "$LOGNAME"; + } (opts: pkgs.writeBash "cmds.install" '' set -efu - command=install - . ${init.args} - \test -n "''${quiet-}" || quiet=false - \test -n "''${user-}" || user=$LOGNAME - \test -n "''${source_file}" || source_file=$user/1systems/$system/source.nix . ${init.env} if \test "''${using_proxy-}" != true; then @@ -55,7 +50,7 @@ let # TODO inline prepare.sh? fi - . ${init.proxy} + . ${init.proxy opts} # Reset PATH because we need access to nixos-install. # TODO provide nixos-install instead of relying on prepare.sh @@ -75,30 +70,28 @@ let cd exec nixos-install - ''; - - # usage: test - # [--force-populate] - # [--quiet] - # [--source=PATH] - # --system=SYSTEM - # --target=TARGET - # [--user=USER] - cmds.test = pkgs.writeDash "cmds.test" /* sh */ '' + ''); + + cmds.test = pkgs.withGetopt { + force-populate = { default = /* sh */ "false"; switch = true; }; + quiet = { default = /* sh */ "false"; switch = true; }; + source_file = { + default = /* sh */ "$user/1systems/$system/source.nix"; + long = "source"; + }; + system = {}; + target = {}; + user.default = /* sh */ "$LOGNAME"; + } (opts: pkgs.writeDash "cmds.test" /* sh */ '' set -efu export dummy_secrets=true - command=test - . ${init.args} - \test -n "''${quiet-}" || quiet=false - \test -n "''${user-}" || user=$LOGNAME - \test -n "''${source_file}" || source_file=$user/1systems/$system/source.nix . ${init.env} - . ${init.proxy} + . ${init.proxy opts} exec ${utils.build} config.system.build.toplevel - ''; + ''); # # low level commands @@ -163,28 +156,6 @@ let echo ''; - init.args = pkgs.writeText "init.args" /* sh */ '' - args=$(${pkgs.utillinux}/bin/getopt -n "$command" -s sh \ - -o Qs:t:u: \ - -l force-populate,quiet,source:,system:,target:,user: \ - -- "$@") - if \test $? != 0; then exit 1; fi - eval set -- "$args" - force_populate=false - source_file= - while :; do case $1 in - --force-populate) force_populate=true; shift;; - -Q|--quiet) quiet=true; shift;; - --source) source_file=$2; shift 2;; - -s|--system) system=$2; shift 2;; - -t|--target) target=$2; shift 2;; - -u|--user) user=$2; shift 2;; - --) shift; break;; - esac; done - for arg; do echo "$command: bad argument: $arg" >&2; done - if \test $# != 0; then exit 2; fi - ''; - init.env = pkgs.writeText "init.env" /* sh */ '' export quiet export system @@ -201,7 +172,7 @@ let export target_local="$(echo $target_object | ${pkgs.jq}/bin/jq -r .local)" ''; - init.proxy = pkgs.writeText "init.proxy" /* sh */ '' + init.proxy = opts: pkgs.writeText "init.proxy" /* sh */ '' if \test "''${using_proxy-}" != true; then source=$(get-source "$source_file") @@ -219,11 +190,12 @@ let NIX_PATH=$(quote "$target_path") \ STOCKHOLM_VERSION=$(quote "$STOCKHOLM_VERSION") \ nix-shell --run "$(quote " - quiet=$(quote "$quiet") \ - system=$(quote "$system") \ - target=$(quote "$target") \ + ${lib.concatStringsSep " " (lib.mapAttrsToList + (name: opt: /* sh */ "${opt.varname}=\$(quote ${opt.ref})") + opts + )} \ using_proxy=true \ - $(quote "$command" "$@") + $(quote "$0" "$@") ")" fi fi -- cgit v1.2.3 From c40c6ead1ec8f632ea85c788a4009d6aad646dbf Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 18 Sep 2017 00:04:06 +0200 Subject: l websites lassul.us: use enableACME --- lass/2configs/websites/lassulus.nix | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 93b817c3b..d37dd5301 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -14,14 +14,6 @@ in { security.acme = { certs."lassul.us" = { - email = "lass@lassul.us"; - webroot = "/var/lib/acme/acme-challenges"; - plugins = [ - "account_key.json" - "key.pem" - "fullchain.pem" - "full.pem" - ]; allowKeysForGroup = true; group = "lasscert"; }; @@ -71,13 +63,11 @@ in { ]; services.nginx.virtualHosts."lassul.us" = { + enableACME = true; serverAliases = [ "lassul.us" ]; locations."/".extraConfig = '' root /srv/http/lassul.us; ''; - locations."/.well-known/acme-challenge".extraConfig = '' - root /var/lib/acme/challenges/lassul.us/; - ''; locations."= /retiolum-hosts.tar.bz2".extraConfig = '' alias ${config.krebs.tinc.retiolum.hostsArchive}; ''; -- cgit v1.2.3 From 7e30bd3d1c9ebd7aefde3b00f086806b7a2b287e Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 18 Sep 2017 15:04:25 +0200 Subject: l vim: fetchgit -> fetchFromGitHub we need this to clone git repos when our key is not authenticated to github.com --- lass/2configs/vim.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 29800dbeb..7f36fcd90 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -106,9 +106,10 @@ let pkgs.vimPlugins.undotree (pkgs.vimUtils.buildVimPlugin { name = "file-line-1.0"; - src = pkgs.fetchgit { - url = git://github.com/bogado/file-line; - rev = "refs/tags/1.0"; + src = pkgs.fetchFromGitHub { + owner = "bogado"; + repo = "file-line"; + rev = "1.0"; sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0"; }; }) -- cgit v1.2.3 From 388bed48209ad7f5c774ff005afc255c6a71934d Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 19 Sep 2017 09:00:54 +0200 Subject: tv nixpkgs-overlays: init This module allows to have per-system nixpkgs-overlays and is required because at the moment of committing, only xu has an up-to-date stockholm development directory in /home/tv/stockholm. --- tv/1systems/xu/config.nix | 5 +++++ tv/2configs/default.nix | 6 +----- tv/3modules/default.nix | 1 + tv/3modules/nixpkgs-overlays.nix | 23 +++++++++++++++++++++++ 4 files changed, 30 insertions(+), 5 deletions(-) create mode 100644 tv/3modules/nixpkgs-overlays.nix diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix index 0abd544ce..d4a10fe10 100644 --- a/tv/1systems/xu/config.nix +++ b/tv/1systems/xu/config.nix @@ -155,5 +155,10 @@ with import ; # The NixOS release to be compatible with for stateful data such as databases. system.stateVersion = "15.09"; + tv.nixpkgs-overlays = { + krebs = "/home/tv/stockholm/krebs/5pkgs"; + tv = "/home/tv/stockholm/tv/5pkgs"; + }; + virtualisation.virtualbox.host.enable = true; } diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 241a16b25..9ad0253a3 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -90,11 +90,7 @@ with import ; environment.variables = { NIX_PATH = mkForce (concatStringsSep ":" [ "secrets=/var/src/stockholm/null" - "nixpkgs-overlays=${pkgs.runCommand "nixpkgs-overlays" {} '' - mkdir $out - ln -s /home/tv/stockholm/krebs/5pkgs $out/krebs - ln -s /home/tv/stockholm/tv/5pkgs $out/tv - ''}" + "nixpkgs-overlays=${config.tv.nixpkgs-overlays}" "/var/src" ]); }; diff --git a/tv/3modules/default.nix b/tv/3modules/default.nix index 83dc212a6..57ffbfab8 100644 --- a/tv/3modules/default.nix +++ b/tv/3modules/default.nix @@ -6,6 +6,7 @@ _: ./ejabberd ./hosts.nix ./iptables.nix + ./nixpkgs-overlays.nix ./x0vncserver.nix ]; } diff --git a/tv/3modules/nixpkgs-overlays.nix b/tv/3modules/nixpkgs-overlays.nix new file mode 100644 index 000000000..4eb7a86bd --- /dev/null +++ b/tv/3modules/nixpkgs-overlays.nix @@ -0,0 +1,23 @@ +with import ; +{ config, pkgs, ... }: { + + options.tv.nixpkgs-overlays = mkOption { + apply = src: + pkgs.runCommand "nixpkgs-overlays" {} '' + mkdir $out + ${concatStringsSep "\n" (mapAttrsToList (name: path: + "ln -s ${shell.escape path} $out/${shell.escape name}" + ) src)} + '' // { + inherit src; + }; + type = types.attrsOf types.absolute-pathname; + }; + + config = { + tv.nixpkgs-overlays = { + krebs = mkDefault "/var/src/stockholm/krebs/5pkgs"; + tv = mkDefault "/var/src/stockholm/tv/5pkgs"; + }; + }; +} -- cgit v1.2.3 From 49212f1a7b82538dfdc5e55a36538b123d4c3c83 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 10:05:58 +0200 Subject: l dishfire.r: listen retiolum on 993 --- krebs/3modules/lass/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 4e2d6df99..5cd1834b2 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -34,6 +34,7 @@ with import ; HwgPw5pstabyrsDWXybSYUb+8LcZf+unGwIDAQAB -----END RSA PUBLIC KEY----- ''; + tinc.port = 993; }; }; ssh.privkey.path = ; -- cgit v1.2.3 From f92d4754f462b49a1a69a0e6c0958d29a5e5ae54 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 10:06:36 +0200 Subject: l hosts: add helios.r --- krebs/3modules/lass/default.nix | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 5cd1834b2..ce19c0a05 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -295,6 +295,37 @@ with import ; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEB/MmASvx3i09DY1xFVM5jOhZRZA8rMRqtf8bCIkC+t"; }; + helios = { + cores = 8; + nets = { + retiolum = { + ip4.addr = "10.243.133.117"; + ip6.addr = "42:0:0:0:0:0:3:7105"; + aliases = [ + "helios.r" + "cgit.helios.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAp+SRmP5MoCSYInx4Dm5MLZzNyXVgfo/CDoeUlUT35X0yE7WHGWsG + wHPCu+3RWfBUjuqNdb0qiGtRi3Q/LwznwBROPOX8gMXia/DgCLbIjn5Rx081pTIo + 3epbUCFtNgyDWg8IHF87ZnVBXTYAy5g4tz9u8kw82D8mR18o595TuZ9t5pDc/Kvi + fPHZenT6cd6FtL9uankX/jan1PRP9xTrhpE8dAQ6g+7XH7knMK3cno/Ztis5YzHt + Ith0bsIjk5of7hhITj0MXtTikjDqWxkpF5mfOK1cG/rC1goTmB9AfcENUBnu9iAM + I/alzqk3CEczznLyaOckfx2fRuar912LAdiJ5v7VPztfvN1p3gIxq5M0Rgkq+98B + H/s32xNRBPvqoIleKnhwE9gfrCLaAVqpaMkgKRvgsTkSDNYNhh4smQ3eAKKwwDH/ + QG3sfP8xyNyDFhBtCiDGkf9hNqBBMaKjZoh8DasZNtcfOop3fGw7jmUUbB6cG8cp + +EfYbcb5mVpmrIyXgOTwwYcp7tn+zkd4Wa8C9Q98eFTs0HGVGxGX9Hj6PM/kXK4C + aIqIQVNpnJ/9cOwT8JFIriG1MWTOXbamUusKTLs8SRp3ZkyM7XUEcLL5HMh09rUw + rzEAmE7TywXVhd7j2IaEy+bx2dfGQH2bFoh6Drm6Olo+ySi1utB5dGkCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + secure = true; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqpx9jJnn4QMGO8BOrGOLRN1rgpIkR14sQb8S+otWEL"; + }; iso = { ci = false; cores = 1; @@ -357,6 +388,10 @@ with import ; pubkey = builtins.readFile ./ssh/mors.rsa; pgp.pubkeys.default = builtins.readFile ./pgp/mors.pgp; }; + lass-helios = { + mail = "lass@helios.r"; + pubkey = builtins.readFile ./ssh/helios.rsa; + }; lass-uriel = { mail = "lass@uriel.r"; pubkey = builtins.readFile ./ssh/uriel.rsa; -- cgit v1.2.3 From 1f341a2e5e4a6215213bd239a519f13aa732f4e1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 10:06:48 +0200 Subject: l dishfire.r: open port 993 (for tinc) --- lass/1systems/dishfire/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/1systems/dishfire/config.nix b/lass/1systems/dishfire/config.nix index 416edeb82..25e8759b1 100644 --- a/lass/1systems/dishfire/config.nix +++ b/lass/1systems/dishfire/config.nix @@ -88,6 +88,7 @@ }; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport smtp"; target = "ACCEPT"; } + { predicate = "-p tcp --dport 993"; target = "ACCEPT"; } ]; } ]; -- cgit v1.2.3 From 9eff836daa6f6ddf75882d19fe76dec36de38d49 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 10:21:05 +0200 Subject: l hosts: add helios.r ssh key --- krebs/3modules/lass/ssh/helios.rsa | 1 + 1 file changed, 1 insertion(+) create mode 100644 krebs/3modules/lass/ssh/helios.rsa diff --git a/krebs/3modules/lass/ssh/helios.rsa b/krebs/3modules/lass/ssh/helios.rsa new file mode 100644 index 000000000..58f81726c --- /dev/null +++ b/krebs/3modules/lass/ssh/helios.rsa @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgGZE0z5+0A42GHI2VYrN9Ra60EwlKqARZUi9e0pbiQxwKi42Y3+Jy2UIAB9rUW51Pw0K6L2FzHZyk9w4fMWjAB+OSaGi8CViGOrBmP8Xm0TSd6a725RSOKTH1jv4u54W6+VQcZpe4RepsuasvN4Rd3FYz1O0ffiroPYS0Hs7ui3HG5rZZsz+FArJ/s2mL525P9VQwMlCAdrepWXgGSPSa/ogmhMCSRttV5R0WCnvXYA4aq45scxjxIWXu/Y/FggslSpRGEnRChHiua5kPWqREC1eNbMOjYJc7OxDIZjzcwHcDHH3U1oIBEjNY8UqMFy3t87cm0BTH9yA6qQnkexCmbRGA0mnAJ1XskgL6KcZuYw+zRo6zVmnZCgRyheenBJhQy/28ZDSwCDBOayl6tAbWivesUZb0/nqucvbdRxTDd6nbSH8q8Cp1qZvP1yrhZ9X2m4Rm66UenHOPOEiyOoVQgfYb2EFHsYVN62shGcfaaL8g4rjUXsUJEheGX5ll5MOMSclUhI8Zk31APq/xuLGGIn+tipjOSX2OVZrSE+KkgitMxOOF1kx33IQGnBKQD8K/a9vVmpTrTAnfXR5oJrXp+XRZ3viXr0rUkG5KfS/zjL8ZC8ckeSkX75BLbPbimUa6TfA/lddipb76zOOOREiD4Sw+MkGDh5xnzwxMY05fjOUmk/v++WcOTTNyrknygdaC8Qx0Gv4Wxmcd+LzmIc5wZZjenwYhp4KpR55EIP966uBUcD+HlkHZnNNZUzOJA8NE+oPQbaM3qCuThe9q9hVYt08/rZ9ANwgb/ChCwEOYLNnofdgrvDb91qenwEUiE9wy79Dwgqh2SRAMN4ZTxRrVjw3potBMRuNc5HMDDXbKfGF1T6O+vBPpcQ8x+rztBDpF/lqjGqoCqyFNG/VnFHFZ5kjLkLmx6S69iRL7wg/KI1NA14tdSLJZ2qDqo5n8rbnGeAWTQB8ZgzhPO39fyOYGCdTJ8e2dIDEw8SUWaVsTnkc/PHOcGAMt2LrL6USszrLSQgU4ediPBWJjX4jk2wxLRPyBz8Z2QLWrsxV0bh1CstIsbBh1p8jMXAKJ+UXqzRWGR5T6d7lensqM0/uWqzu++w6/whQQh9Hzs6GX8l+ELMn0szkRaM9dZpAz5p9HHdYkANwsIIe8CPznRvudQ0CPManTQsjR8GZ3RjGx002VUdbDh5xx7P9Efsa6m8kkNCbUNMSHjmvC9M2sR5ww2WsnvpGBCU8sNYf4y9QvKI1LIYkG1MObhEKHyf5wxFp25bwHyxPkHGULhJKM/MdDT42flddEJCTEwiCPVuaJsr7Adr6Oni4kzY+S7CiP7YArM0v2Vg9mgVmi11koF9hcZ6zyyKAWVviDRLVIA0/eY66T/FiSS/g12zW1keuhFipNEWyZdD/r8LwfDpInAAqN5g65dx6eoyoB6AZatEwwsnn6zcDP51B1q0TC9Y+TXK5TSBE50oFxa2SLu4Gj7YOi1AoRqKxSPVktE= lass@helios -- cgit v1.2.3 From 797535fc1ff1dd88239e06ecee861d228107c6e9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 11:30:57 +0200 Subject: git: add repo.admins option --- krebs/3modules/git.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 93211d9d4..610c20bb4 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -186,6 +186,17 @@ let }; repo = types.submodule ({ config, ... }: { options = { + admins = mkOption { + type = types.listOf types.user; + default = []; + description = '' + List of users that should be able to do everything with this repo. + + This option is currently not used by krebs.git but instead can be + used to create rules. See e.g. for + an example. + ''; + }; cgit = { desc = mkOption { type = types.nullOr types.str; -- cgit v1.2.3 From ca89d9a176cdbda04bacecf809bf2346a615891e Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 11:42:50 +0200 Subject: l git: use repo.admins --- lass/2configs/git.nix | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 7bce93ae1..3991acadc 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -14,7 +14,7 @@ let root-desc = "keep calm and engage"; }; }; - repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos; + repos = repos; rules = rules; }; @@ -87,8 +87,8 @@ let public = true; }; - make-restricted-repo = name: { collaborators ? [], announce ? false, hooks ? {}, ... }: { - inherit collaborators name; + make-restricted-repo = name: { admins ? [], collaborators ? [], announce ? false, hooks ? {}, ... }: { + inherit admins collaborators name; public = false; hooks = optionalAttrs announce { post-receive = pkgs.git-hooks.irc-announce { @@ -111,15 +111,20 @@ let repo = [ repo ]; perm = push "refs/*" [ non-fast-forward create delete merge ]; } ++ - optional repo.public { - user = attrValues config.krebs.users; + optional (length (repo.admins or []) > 0) { + user = repo.admins; repo = [ repo ]; - perm = fetch; + perm = push "refs/*" [ non-fast-forward create delete merge ]; } ++ optional (length (repo.collaborators or []) > 0) { user = repo.collaborators; repo = [ repo ]; perm = fetch; + } ++ + optional repo.public { + user = attrValues config.krebs.users; + repo = [ repo ]; + perm = fetch; }; in out -- cgit v1.2.3 From 79c5b963555dd617d88584cb5250f9744ff2a402 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 11:45:33 +0200 Subject: l: use the same font everywhere --- lass/2configs/baseX.nix | 6 ++++++ lass/2configs/xresources.nix | 4 ++-- lass/5pkgs/default.nix | 4 ++-- lass/5pkgs/xmonad-lass.nix | 17 +++++++++++------ 4 files changed, 21 insertions(+), 10 deletions(-) diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 3a99e65a0..0e0273dcc 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -27,6 +27,12 @@ in { lass ALL= (root) NOPASSWD:SETENV: ${pkgs.sshuttle}/bin/.sshuttle-wrapped ''; } + { #font magic + options.lass.myFont = mkOption { + type = types.str; + default = "-schumacher-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1"; + }; + } ]; users.extraUsers.mainUser.extraGroups = [ "audio" "video" ]; diff --git a/lass/2configs/xresources.nix b/lass/2configs/xresources.nix index 2fbc31677..adbcd353d 100644 --- a/lass/2configs/xresources.nix +++ b/lass/2configs/xresources.nix @@ -8,8 +8,8 @@ let URxvt*scrollBar: false URxvt*urgentOnBell: true URxvt*SaveLines: 4096 - URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 - URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 + URxvt*font: ${config.lass.myFont} + URxvt*boldFont: ${config.lass.myFont} ! ref https://github.com/muennich/urxvt-perls URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index 6e6ba56fa..a339d3bf4 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }@args: +{ config, pkgs, ... }@args: { nixpkgs.config.packageOverrides = rec { @@ -20,7 +20,7 @@ rs = pkgs.callPackage ./rs/default.nix {}; urban = pkgs.callPackage ./urban/default.nix {}; xml2json = pkgs.callPackage ./xml2json/default.nix {}; - xmonad-lass = import ./xmonad-lass.nix { inherit pkgs; }; + xmonad-lass = import ./xmonad-lass.nix { inherit config pkgs; }; yt-next = pkgs.callPackage ./yt-next/default.nix {}; }; } diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index 67a1dc787..db439192a 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ config, pkgs, ... }: pkgs.writeHaskell "xmonad-lass" { executables.xmonad = { extra-depends = [ @@ -40,7 +40,7 @@ import XMonad.Hooks.UrgencyHook (SpawnUrgencyHook(..), withUrgencyHook) import XMonad.Layout.FixedColumn (FixedColumn(..)) import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin)) import XMonad.Layout.NoBorders (smartBorders) -import XMonad.Prompt (autoComplete, searchPredicate, XPConfig) +import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig) import XMonad.Prompt.Window (windowPromptGoto, windowPromptBringCopy) import XMonad.Util.EZConfig (additionalKeysP) import XMonad.Layout.SimpleFloat (simpleFloat) @@ -51,7 +51,7 @@ urxvtcPath :: FilePath urxvtcPath = "${pkgs.rxvt_unicode}/bin/urxvtc" myFont :: String -myFont = "-schumacher-*-*-*-*-*-*-*-*-*-*-*-iso10646-*" +myFont = "${config.lass.myFont}" main :: IO () main = getArgs >>= \case @@ -107,8 +107,8 @@ myKeyMap = , ("M4-C-k", spawn "${pkgs.xorg.xkill}/bin/xkill") , ("M4-a", focusUrgent) - , ("M4-S-r", renameWorkspace def) - , ("M4-S-a", addWorkspacePrompt def) + , ("M4-S-r", renameWorkspace myXPConfig) + , ("M4-S-a", addWorkspacePrompt myXPConfig) , ("M4-S-", removeEmptyWorkspace) , ("M4-S-c", kill1) , ("M4-", toggleWS) @@ -141,8 +141,13 @@ forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X () forkFile path args env = xfork (executeFile path False args env) >> return () +myXPConfig :: XPConfig +myXPConfig = def + { font = myFont + } + autoXPConfig :: XPConfig -autoXPConfig = def +autoXPConfig = myXPConfig { autoComplete = Just 5000 } -- cgit v1.2.3 From c83cd3492a180e41c071e31ae8e4225b5c2083fc Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 11:46:29 +0200 Subject: l: add dpass + bindings --- lass/5pkgs/default.nix | 1 + lass/5pkgs/dpass/default.nix | 12 ++++++++++++ lass/5pkgs/xmonad-lass.nix | 1 + 3 files changed, 14 insertions(+) create mode 100644 lass/5pkgs/dpass/default.nix diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index a339d3bf4..46633ba1a 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -3,6 +3,7 @@ { nixpkgs.config.packageOverrides = rec { acronym = pkgs.callPackage ./acronym/default.nix {}; + dpass = pkgs.callPackage ./dpass {}; ejabberd = pkgs.callPackage ./ejabberd { erlang = pkgs.erlangR16; }; diff --git a/lass/5pkgs/dpass/default.nix b/lass/5pkgs/dpass/default.nix new file mode 100644 index 000000000..7e75d50c7 --- /dev/null +++ b/lass/5pkgs/dpass/default.nix @@ -0,0 +1,12 @@ +{ pass, writeOut, writeDash, ... }: + +writeOut "dsco-pass" { + "/bin/dpass".link = writeDash "dpass" '' + PASSWORD_STORE_DIR=$HOME/.dpasswordstore \ + exec ${pass}/bin/pass $@ + ''; + "/bin/dpassmenu".link = writeDash "dpassmenu" '' + PASSWORD_STORE_DIR=$HOME/.dpasswordstore \ + exec ${pass}/bin/passmenu $@ + ''; +} diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index db439192a..bf737dc5e 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -99,6 +99,7 @@ myKeyMap = , ("M4-C-p", spawn "${pkgs.scrot}/bin/scrot ~/public_html/scrot.png") , ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type") , ("M4-o", spawn "${pkgs.brain}/bin/brainmenu --type") + , ("M4-i", spawn "${pkgs.dpass}/bin/dpassmenu --type") , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ +4%") , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ -4%") , ("", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -time 0 -dec 1%") -- cgit v1.2.3 From 2d1160c0623461ea94d2f573d114909b64ab2b4d Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 11:51:22 +0200 Subject: l retiolum: open configured tinc port --- lass/1systems/dishfire/config.nix | 1 - lass/2configs/retiolum.nix | 10 ++++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/lass/1systems/dishfire/config.nix b/lass/1systems/dishfire/config.nix index 25e8759b1..416edeb82 100644 --- a/lass/1systems/dishfire/config.nix +++ b/lass/1systems/dishfire/config.nix @@ -88,7 +88,6 @@ }; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport smtp"; target = "ACCEPT"; } - { predicate = "-p tcp --dport 993"; target = "ACCEPT"; } ]; } ]; diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index e7779f53e..fb76c5735 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -1,12 +1,14 @@ -{ pkgs, ... }: +{ config, pkgs, ... }: { krebs.iptables = { tables = { - filter.INPUT.rules = [ - { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; } - { predicate = "-p udp --dport tinc"; target = "ACCEPT"; } + filter.INPUT.rules = let + tincport = toString config.krebs.build.host.nets.retiolum.tinc.port; + in [ + { predicate = "-p tcp --dport ${tincport}"; target = "ACCEPT"; } + { predicate = "-p udp --dport ${tincport}"; target = "ACCEPT"; } ]; }; }; -- cgit v1.2.3 From 5148cc92280181fe60d3694b6409fefa710764b6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 12:19:15 +0200 Subject: l hosts: add helios pgp key --- krebs/3modules/lass/pgp/helios.pgp | 51 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 krebs/3modules/lass/pgp/helios.pgp diff --git a/krebs/3modules/lass/pgp/helios.pgp b/krebs/3modules/lass/pgp/helios.pgp new file mode 100644 index 000000000..dc6d07d6b --- /dev/null +++ b/krebs/3modules/lass/pgp/helios.pgp @@ -0,0 +1,51 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFm/8D0BEAC+kY6ELukGkQh4xJ+haYGYi6FdCCUgM+BqAXQ9s7FnzyrNCbTq +x5O2b3Np96NANCCWSMIcAIXt/AzfvxY7awtsFNlXolMMMEdkHbEXQCgJahK1P5iD +q7DWlwwXNy+oPdl7ZGtfhK+d698aI6eFS0SamElH4B4IFaGzSXC0ec1Cva+3QM1d +FPRmRByMllTxEcxI6P1gIAtZGXwPLPGVPYuoRQFM+3w+VPgBcWTLPYcLyvLj0r8o +Gv/JSyZHNEu5Rtyl+8G6/8W/u7+J4lzO4V6Y6+UPomvfyCkreqsQp/bB8Nw9LYN2 +zNttaxM5zu7FBY2e+OwFsxNC5nnIvSVY2qYUps6Lxuv1cxKY+3lZKhMcc8+p+j2g +QNdfys3Hk4fdZ5YBaQ/v30kS7ZpAkILCYw7g5HJ18pdoULNWYMUaJF/1Qim2mU72 +5wuCzwsWyA6BQFoBSlDPQ24ypGMVKynl6Xh3uGG/K1OcTvhUgzF3J+jcntOY698b +4Lum/zffWQsVuXZlroydMjtn7Pfr3W8nzLynhCTWruW8+irb/Qut8q04KjfR0UyE +hdc+kohQemfhk4y0CA0xuzRBRxagKo2LUFTUL312r2TZV+vLWtdToV3HzDuFJokq +FCxoVm/4M6BQQ3IxDHBVO6BmqIlAGq9cheao3t9XciERPMSHXZzZKV/3CQARAQAB +tA1sYXNzQGhlbGlvcy5yiQJOBBMBCAA4FiEEwAWygS5dtGA5vC/hQM6NxyLSe0oF +Alm/8D0CGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQQM6NxyLSe0rm5hAA +jxqcevdjJt+b4FstIiiNhhjU62/9Tl4qoKgR1/BwAIfDoMWduPrw9ldQky36O923 +VMYKiZBoUzdXRLzL0ay/ewXdSONllUwnFLvil78SQOuJTe5JKM6N0IiEVSEhNjRr +zylFk7SpY2MOIc0p3eHutD4oq0PcWnOer5R1z7u0mVJRYVoJOu7IIxqj7jb8JRAh +FbLBbu2mFBcXMLKyWFCTB4nROeoTBcfKTnBuDYhaIEUCLo2RpMYqBJiVJvvFLglA +XowKFjuE/g5Yne2GB5zx1GVRkjZsE9mGL7L5mlyucMwYqWeJzkNfB7cz58ZFN9EG +9hzUlaEahPxnC6/AeF9ev/9/SF6bPM/nq36xBXj7W5lOewc5p5GigHkh94VN+bdw +/KluD5rUErO+v3ag+5Tr8FzjtbjlARRo/vz5YWRGS4yqGiXlUUchAPEzflLYxfD1 +CSH+i0eWMrm5t+BYiPZHL8DSbGI1BM5EhHZ69dS7bUAO1qL7oQObQv+755fLV6+q ++ir7GHuxtNma58PS+BDiWJnIqmDJ029u188YM4dGL+EWF2AS4cUh2y6CZCOq77Gt +NmMCZyQjg2KB1jsL5XHySB14/uN3vlSSz9V+ZT/sAK09Z4atfYNnMHBAbC00GSbH +VqQf+OIascVZWAzqExk4fjnVYjTaoIZHaNd5aT/61S25Ag0EWb/wPQEQAJwoiiHG +NhuBFBEjZYJsONfJayGE4qWSU//54gJaitSgDLV8G0NYQrxqSNAZMAux6g9BSSrD +s/LbN5U1KgKpLTHjiSXUFoQFZ44AeTSQkUeelbtMVz13ohjpDInkye3sM9Jr4Zw+ +wwgg3zRi49YR6EU78c81ehPjVyxBPg2mmguBShz1zn5r6GjzniU4p3P5Hwf5F+eu +kRekG9hlCbVz+Ibl8U/t1JQZBqSIX45svdIYqeal5LWSgUG4o8gbenggNFPi3Olz +IOoTRMGKe6HCjTzv+xML7Q9bCMkUdyIfrrG0QDj3g+VZmZYAXdKjLLujAAU18Sh0 +SekPenVE0DNvmB7HHw+Bo+4aq6wWC9+BDb31NpJzNY64zEuUZsnustEmAXM2UIKS +HRzfgnZRRyD99H128a95FNpZrG5H+QgpdTE4PxsZn6fFtCRy6/a/W79VfCdHCahz +ptthyMeE81uZ28VTBXOHgK8Wawt3xjJCRksCau3xNUgRuSPoAWUPY2tLrJ9wKbxp +uL4fY8x8M2d9G4U03DfQDGP9JUskqLThnJf7Jo42XTmkJd9hRBL0kMCIfolEcyEh +pSQqbevUnFRiipv1x90Tn9Cax06ZkHkovuyIniRve/MvX8mCzzlUv1bjVNC0d71+ +z3G8fXlhDZGCkLQu6M1MlmUZxu05UfQnk5kBABEBAAGJAjYEGAEIACAWIQTABbKB +Ll20YDm8L+FAzo3HItJ7SgUCWb/wPQIbDAAKCRBAzo3HItJ7SuI3D/0Y3A2+ZbeH +q3SCAXBs4yOv7cffT4KwDHIC2vp9I868xj0Fw9hCdN1X9Y6hfj6nilI4EKW5ozsg +xs1kqGlclqqpag5ZmFbD1y/DzEpgdlysDJPgdD9FlF0mN+tTS543d0SOyydD2N8X +el5h4T2VaEBYfwKoDyN7LnCtGoiUSE3Nw99BNJ7zGma+46NRUWjv1eByMMhxvXJF +ASKn4Ok1olhINH43tQ3TGx9XdG19GS0+OnyOlfdagKwma73A2caUAyjIXBrmR5NU +Pb3aiyMzxm6DpCupqWkQgCC/EG8HgYhPGJ6TAK2QfMWX1TjERcPGtVbTE7BbRNLd +LdaIuo+5ROVseBTYDC8VbACkV7eh1fVhUmpZa81uQotCRJ+jsYGT4Lyon44roSGn +7G+rYgS2yv/2JXSTMBa45MReEPCgkSwZ6u9jvbs7vWzao+4tILsgO9RqNw1kiN9o +LMLMVVCFmgNMCHxegmNIJYRryQkFZA5vQR2gPS3FYY3NfVGhFHMvsOK+jx415o2O +gF76EJcexglPWhyqBc5meyw1x6pjoPTNGLnFzH1rdyyYilUyFexy3TSam60Ov/Aj +cszX0D4M2Fnk9ncSq03ujflVYpVTNtkSVH0K9OY7rwjp78WycxiYzk1OQHogh18L +Du4S2e/am91kQGaz490BV9XNw4I70e4dQQ== +=gkzg +-----END PGP PUBLIC KEY BLOCK----- -- cgit v1.2.3 From e822f88199f11fe75e2a38a0e5f9806a8c9ba5cf Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 12:34:43 +0200 Subject: l: add helios.r config + source --- lass/1systems/helios/config.nix | 86 +++++++++++++++++++++++++++++++++++++++++ lass/1systems/helios/source.nix | 4 ++ 2 files changed, 90 insertions(+) create mode 100644 lass/1systems/helios/config.nix create mode 100644 lass/1systems/helios/source.nix diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix new file mode 100644 index 000000000..89949bcbf --- /dev/null +++ b/lass/1systems/helios/config.nix @@ -0,0 +1,86 @@ +with import ; +{ config, lib, pkgs, ... }: + +{ + imports = [ + + + + + + + + + { # automatic hardware detection + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.kernelModules = [ "kvm-intel" ]; + + fileSystems."/" = + { device = "/dev/pool/root"; + fsType = "btrfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/1F60-17C6"; + fsType = "vfat"; + }; + + fileSystems."/home" = + { device = "/dev/pool/home"; + fsType = "btrfs"; + }; + + nix.maxJobs = lib.mkDefault 8; + powerManagement.cpuFreqGovernor = "powersave"; + } + { # crypto stuff + boot.initrd.luks = { + cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; + devices = [{ + name = "luksroot"; + device = "/dev/nvme0n1p3"; + }]; + }; + } + { + services.xserver.dpi = 200; + fonts.fontconfig.dpi = 200; + lass.myFont = "-schumacher-clean-*-*-*-*-26-*-*-*-*-*-iso10646-1"; + } + ]; + krebs.build.host = config.krebs.hosts.helios; + + krebs.git.rules = [ + { + user = [ config.krebs.users.lass-helios ]; + repo = [ config.krebs.git.repos.stockholm ]; + perm = with git; push "refs/heads/*" [ fast-forward non-fast-forward create delete merge ]; + } + ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.wireless.enable = true; + hardware.enableRedistributableFirmware = true; + + environment.systemPackages = with pkgs; [ + vim + rxvt_unicode + git + rsync + hashPassword + thunderbird + dpass + ]; + + users.users = { + root.openssh.authorizedKeys.keys = [ + config.krebs.users.lass-helios.pubkey + ]; + }; + + programs.ssh.startAgent = lib.mkForce true; + +} diff --git a/lass/1systems/helios/source.nix b/lass/1systems/helios/source.nix new file mode 100644 index 000000000..bfe4dca4c --- /dev/null +++ b/lass/1systems/helios/source.nix @@ -0,0 +1,4 @@ +import { + name = "helios"; + secure = true; +} -- cgit v1.2.3 From 3fdae8f6828c3a07ae03f607672431c1db4b3220 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 13:44:17 +0200 Subject: l helios.r: set fontsize to 25 --- lass/1systems/helios/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix index 89949bcbf..dc6eb8290 100644 --- a/lass/1systems/helios/config.nix +++ b/lass/1systems/helios/config.nix @@ -45,7 +45,7 @@ with import ; { services.xserver.dpi = 200; fonts.fontconfig.dpi = 200; - lass.myFont = "-schumacher-clean-*-*-*-*-26-*-*-*-*-*-iso10646-1"; + lass.myFont = "-schumacher-clean-*-*-*-*-25-*-*-*-*-*-iso10646-1"; } ]; krebs.build.host = config.krebs.hosts.helios; -- cgit v1.2.3 From 2a6bf899567b2038433d46fc5c52f9e75cfb17e3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 15:16:55 +0200 Subject: l helios.r: fetch the wallpaper --- lass/1systems/helios/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix index dc6eb8290..923304fad 100644 --- a/lass/1systems/helios/config.nix +++ b/lass/1systems/helios/config.nix @@ -11,6 +11,7 @@ with import ; + { # automatic hardware detection boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.kernelModules = [ "kvm-intel" ]; -- cgit v1.2.3 From 8b4a4df05669a16e29ab08626f7897fd5c0760d4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 15:17:09 +0200 Subject: l helios.r: enable tlp --- lass/1systems/helios/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix index 923304fad..37bdc0290 100644 --- a/lass/1systems/helios/config.nix +++ b/lass/1systems/helios/config.nix @@ -32,7 +32,6 @@ with import ; }; nix.maxJobs = lib.mkDefault 8; - powerManagement.cpuFreqGovernor = "powersave"; } { # crypto stuff boot.initrd.luks = { @@ -84,4 +83,5 @@ with import ; programs.ssh.startAgent = lib.mkForce true; + services.tlp.enable = true; } -- cgit v1.2.3 From 21c284a2c7b4fcb330f0c90ccd773f65f78721aa Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 19 Sep 2017 16:37:46 +0200 Subject: ma telegraf: init also add europastats --- makefu/2configs/stats/telegraf/default.nix | 20 ++++++++++++ makefu/2configs/stats/telegraf/europastats.nix | 43 ++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) create mode 100644 makefu/2configs/stats/telegraf/default.nix create mode 100644 makefu/2configs/stats/telegraf/europastats.nix diff --git a/makefu/2configs/stats/telegraf/default.nix b/makefu/2configs/stats/telegraf/default.nix new file mode 100644 index 000000000..4da6561d6 --- /dev/null +++ b/makefu/2configs/stats/telegraf/default.nix @@ -0,0 +1,20 @@ +{...}: +let + url = "http://localhost:8086"; +in { + imports = [ + ./europastats.nix + ]; + services.telegraf = { + enable = true; + extraConfig = { + agent.debug = true; + outputs = { + influxdb = [{ + urls = [ url ]; + database = "telegraf"; + }]; + }; + }; + }; +} diff --git a/makefu/2configs/stats/telegraf/europastats.nix b/makefu/2configs/stats/telegraf/europastats.nix new file mode 100644 index 000000000..9249280c5 --- /dev/null +++ b/makefu/2configs/stats/telegraf/europastats.nix @@ -0,0 +1,43 @@ +{ pkgs, ...}: +let + pkg = with pkgs.python3Packages;buildPythonPackage rec { + rev = "be31da7"; + name = "europastats-${rev}"; + propagatedBuildInputs = [ + requests2 + docopt + ]; + src = pkgs.fetchgit { + url = "http://cgit.euer.krebsco.de/europastats"; + inherit rev; + sha256 = "0qj18vgj9nm6aisyqhk3iz3rf8xp7mn5jc6sfylcaw588a9sjfvc"; + }; + }; +in { + services.telegraf.extraConfig.inputs.exec = [ + { + commands = [ "${pkg}/bin/europa-attractions"]; + timeout = "1m"; + data_format = "json"; + name_override = "europawaiting"; + interval = "1m"; + tag_keys = [ + "status" + "type" + "name" + ]; + } + { + commands = [ "${pkg}/bin/europa-weather"]; + timeout = "20s"; + data_format = "json"; + name_override = "europaweather"; + interval = "10m"; + tag_keys = [ + "type" + "name" + "offset" + ]; + } + ]; +} -- cgit v1.2.3 From ad06126dcedfd5f28a3b64f2df2f32428f933a08 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 19 Sep 2017 16:39:58 +0200 Subject: ma omo.r: enable telegraf --- makefu/1systems/omo/config.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 4c93a7a3e..32cd3f900 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -60,6 +60,7 @@ in { # logs to influx + # services @@ -77,6 +78,9 @@ in { ## as long as pyload is not in nixpkgs: # docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P writl/pyload + + # Temporary: + ]; makefu.full-populate = true; makefu.server.primary-itf = primaryInterface; -- cgit v1.2.3 From 4e2e9a63c4a0c8f191940e06092e5aa2f3822993 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 19 Sep 2017 20:16:52 +0200 Subject: tv mfcl2700dnlpr: init at 3.2.0-1 --- tv/5pkgs/simple/mfcl2700dnlpr/default.nix | 44 +++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 tv/5pkgs/simple/mfcl2700dnlpr/default.nix diff --git a/tv/5pkgs/simple/mfcl2700dnlpr/default.nix b/tv/5pkgs/simple/mfcl2700dnlpr/default.nix new file mode 100644 index 000000000..fc11b53e9 --- /dev/null +++ b/tv/5pkgs/simple/mfcl2700dnlpr/default.nix @@ -0,0 +1,44 @@ +{ coreutils, dpkg, fetchurl, ghostscript, gnugrep, gnused, pkgsi686Linux, makeWrapper, perl, stdenv, which }: + +stdenv.mkDerivation rec { + name = "mfcl2700dnlpr-${meta.version}"; + + src = fetchurl { + url = "http://download.brother.com/welcome/dlf102085/${name}.i386.deb"; + sha256 = "170qdzxlqikzvv2wphvfb37m19mn13az4aj88md87ka3rl5knk4m"; + }; + + nativeBuildInputs = [ dpkg makeWrapper ]; + + phases = [ "installPhase" ]; + + installPhase = '' + dpkg-deb -x $src $out + + dir=$out/opt/brother/Printers/MFCL2700DN + + substituteInPlace $dir/lpd/filter_MFCL2700DN \ + --replace /usr/bin/perl ${perl}/bin/perl \ + --replace "BR_PRT_PATH =~" "BR_PRT_PATH = \"$dir\"; #" \ + --replace "PRINTER =~" "PRINTER = \"MFCL2700DN\"; #" + + wrapProgram $dir/lpd/filter_MFCL2700DN \ + --prefix PATH : ${stdenv.lib.makeBinPath [ + coreutils ghostscript gnugrep gnused which + ]} + + interpreter=${pkgsi686Linux.stdenv.cc.libc.out}/lib/ld-linux.so.2 + patchelf --set-interpreter "$interpreter" $dir/inf/braddprinter + patchelf --set-interpreter "$interpreter" $dir/lpd/brprintconflsr3 + patchelf --set-interpreter "$interpreter" $dir/lpd/rawtobr3 + ''; + + meta = { + description = "Brother MFC-L2700DN LPR driver"; + homepage = "http://www.brother.com/"; + license = stdenv.lib.licenses.unfree; + maintainers = [ stdenv.lib.maintainers.tv ]; + platforms = stdenv.lib.platforms.linux; + version = "3.2.0-1"; + }; +} -- cgit v1.2.3 From b2c02a186b0dba18f303c973b238e3b9c2de06b7 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 19 Sep 2017 20:15:26 +0200 Subject: tv mfcl2700dncupswrapper: init at 3.2.0-1 --- tv/5pkgs/simple/mfcl2700dncupswrapper/default.nix | 45 +++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 tv/5pkgs/simple/mfcl2700dncupswrapper/default.nix diff --git a/tv/5pkgs/simple/mfcl2700dncupswrapper/default.nix b/tv/5pkgs/simple/mfcl2700dncupswrapper/default.nix new file mode 100644 index 000000000..1ef018b33 --- /dev/null +++ b/tv/5pkgs/simple/mfcl2700dncupswrapper/default.nix @@ -0,0 +1,45 @@ +{ coreutils, dpkg, fetchurl, gnugrep, gnused, makeWrapper, mfcl2700dnlpr, +perl, stdenv }: + +stdenv.mkDerivation rec { + name = "mfcl2700dncupswrapper-${meta.version}"; + + src = fetchurl { + url = "http://download.brother.com/welcome/dlf102086/${name}.i386.deb"; + sha256 = "07w48mah0xbv4h8vsh1qd5cd4b463bx8y6gc5x9pfgsxsy6h6da1"; + }; + + nativeBuildInputs = [ dpkg makeWrapper ]; + + phases = [ "installPhase" ]; + + installPhase = '' + dpkg-deb -x $src $out + + basedir=${mfcl2700dnlpr}/opt/brother/Printers/MFCL2700DN + dir=$out/opt/brother/Printers/MFCL2700DN + + substituteInPlace $dir/cupswrapper/brother_lpdwrapper_MFCL2700DN \ + --replace /usr/bin/perl ${perl}/bin/perl \ + --replace "basedir =~" "basedir = \"$basedir\"; #" \ + --replace "PRINTER =~" "PRINTER = \"MFCL2700DN\"; #" + + wrapProgram $dir/cupswrapper/brother_lpdwrapper_MFCL2700DN \ + --prefix PATH : ${stdenv.lib.makeBinPath [ coreutils gnugrep gnused ]} + + mkdir -p $out/lib/cups/filter + mkdir -p $out/share/cups/model + + ln $dir/cupswrapper/brother_lpdwrapper_MFCL2700DN $out/lib/cups/filter + ln $dir/cupswrapper/brother-MFCL2700DN-cups-en.ppd $out/share/cups/model + ''; + + meta = { + description = "Brother MFC-L2700DN CUPS wrapper driver"; + homepage = "http://www.brother.com/"; + license = stdenv.lib.licenses.gpl2Plus; + maintainers = [ stdenv.lib.maintainers.tv ]; + platforms = stdenv.lib.platforms.linux; + version = "3.2.0-1"; + }; +} -- cgit v1.2.3 From 755e3a46682b90729be8a82026b08429cd7baea8 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 19 Sep 2017 20:03:12 +0200 Subject: tv br config: init --- tv/2configs/br.nix | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 tv/2configs/br.nix diff --git a/tv/2configs/br.nix b/tv/2configs/br.nix new file mode 100644 index 000000000..c7eb20e90 --- /dev/null +++ b/tv/2configs/br.nix @@ -0,0 +1,49 @@ +with import ; +{ config, pkgs, ... }: { + + imports = [ + + ]; + + krebs.nixpkgs.allowUnfreePredicate = pkg: any (flip hasPrefix pkg.name) [ + "brother-udev-rule-type1-" + "brscan4-" + "mfcl2700dnlpr-" + ]; + + hardware.sane = { + enable = true; + brscan4 = { + enable = true; + netDevices = { + bra = { + model = "MFCL2700DN"; + ip = "10.23.1.214"; + }; + }; + }; + }; + + services.saned.enable = true; + + # usage: scanimage -d "$(find-scanner bra)" --batch --format=tiff --resolution 150 -x 211 -y 298 + environment.systemPackages = [ + (pkgs.writeDashBin "find-scanner" '' + set -efu + name=$1 + ${pkgs.sane-backends}/bin/scanimage -f '%m %d + ' \ + | ${pkgs.gawk}/bin/awk -v dev="*$name" '$1 == dev { print $2; exit }' \ + | ${pkgs.gnugrep}/bin/grep . + '') + ]; + + services.printing = { + enable = true; + drivers = [ + pkgs.mfcl2700dncupswrapper + ]; + }; + + systemd.services.cups.serviceConfig.PrivateTmp = true; +} -- cgit v1.2.3 From ed9a1085946589409caba6e18233c329d99c0b4b Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 19 Sep 2017 20:04:22 +0200 Subject: tv xu: import br config --- tv/1systems/xu/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/