From 4ccb7a1a2ccff15a9338de93924bda8e1640bb7d Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 16:06:05 +0100 Subject: l 2 nixpkgs: c0ecd31 -> c554a0c --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index a6409b7db..20918d294 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "c0ecd31"; + ref = "c554a0c97f5030a66cc81d41e1f39bff5095efba"; }; } -- cgit v1.2.3 From 4ebc0e7adc7605e154916aefad47331761036abb Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 17:12:48 +0100 Subject: l 2 htop: hide process information from other user --- lass/2configs/htop.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/htop.nix b/lass/2configs/htop.nix index 0296101ac..69e04a05b 100644 --- a/lass/2configs/htop.nix +++ b/lass/2configs/htop.nix @@ -3,6 +3,7 @@ with import ; { + security.hideProcessInformation = true; nixpkgs.config.packageOverrides = super: { htop = pkgs.concat "htop" [ super.htop -- cgit v1.2.3 From c8668be63cdb6a28655e5201495d3d2c8d06b455 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 9 Mar 2017 14:20:00 +0100 Subject: l 2 mc: remove redundant pkgs.concat --- lass/2configs/mc.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/mc.nix b/lass/2configs/mc.nix index fc347ba3c..513ee1bd0 100644 --- a/lass/2configs/mc.nix +++ b/lass/2configs/mc.nix @@ -325,12 +325,10 @@ in { (pkgs.concat "mc" [ pkgs.mc (pkgs.writeDashBin "mc" '' - export MC_DATADIR=${pkgs.concat "mc-datadir" [ - (pkgs.writeOut "mc-ext" { + export MC_DATADIR=${pkgs.writeOut "mc-ext" { "/mc.ext".link = mcExt; "/sfs.ini".text = ""; - }) - ]} + }}; export TERM=xterm-256color exec ${pkgs.mc}/bin/mc -S xoria256 "$@" '') -- cgit v1.2.3 From 55c05c18c73873772bb02877114d581c4edbc593 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 10 Mar 2017 15:35:24 +0100 Subject: l 2 hfos: restart iptables after libvirtd restart --- lass/2configs/hfos.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix index a28a6a5d2..f63e5ea53 100644 --- a/lass/2configs/hfos.nix +++ b/lass/2configs/hfos.nix @@ -36,5 +36,12 @@ with import ; { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; } ]; - systemd.services.krebs-iptables.after = [ "libvirtd.service" ]; + # TODO use bridge interfaces instead of this crap + systemd.services.libvirtd.serviceConfig.ExecStartPost = let + restart-iptables = pkgs.writeDash "restart-iptables" '' + #soo hacky + ${pkgs.coreutils}/bin/sleep 1s + ${pkgs.systemd}/bin/systemctl restart krebs-iptables.service + ''; + in restart-iptables; } -- cgit v1.2.3 From 6af17a9ef6d6326614c00a8ea0e53fa8e9e77e01 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2017 11:16:41 +0100 Subject: l 2: don't use user serivces --- lass/2configs/copyq.nix | 8 ++++---- lass/2configs/xresources.nix | 6 ++++-- 2 files changed, 8 insertions(+), 6 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/copyq.nix b/lass/2configs/copyq.nix index 0616c4025..e0546194e 100644 --- a/lass/2configs/copyq.nix +++ b/lass/2configs/copyq.nix @@ -19,10 +19,9 @@ let ${pkgs.copyq}/bin/copyq config text_wrap true ''; in { - systemd.user.services.copyq = { - after = [ "graphical.target" ]; - wants = [ "graphical.target" ]; - wantedBy = [ "default.target" ]; + systemd.services.copyq = { + wantedBy = [ "multi-user.target" ]; + requires = [ "display-manager.service" ]; environment = { DISPLAY = ":0"; }; @@ -33,6 +32,7 @@ in { Restart = "always"; RestartSec = "2s"; StartLimitBurst = 0; + User = "lass"; }; }; } diff --git a/lass/2configs/xresources.nix b/lass/2configs/xresources.nix index 35dbe2044..b5e721483 100644 --- a/lass/2configs/xresources.nix +++ b/lass/2configs/xresources.nix @@ -36,9 +36,10 @@ let ''; in { - systemd.user.services.xresources = { + systemd.services.xresources = { description = "xresources"; - wantedBy = [ "default.target" ]; + wantedBy = [ "multi-user.target" ]; + after = [ "display-manager.service" ]; environment = { DISPLAY = ":0"; @@ -50,6 +51,7 @@ in { Type = "simple"; ExecStart = "${pkgs.xorg.xrdb}/bin/xrdb -merge ${xresources}"; Restart = "on-failure"; + User = "lass"; }; }; } -- cgit v1.2.3 From 1fe183047471f582e2fc4d2becede82809655b55 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2017 11:17:26 +0100 Subject: l 2 copyq: escape & in script --- lass/2configs/copyq.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/copyq.nix b/lass/2configs/copyq.nix index e0546194e..b255254f2 100644 --- a/lass/2configs/copyq.nix +++ b/lass/2configs/copyq.nix @@ -9,7 +9,7 @@ let ${pkgs.copyq}/bin/copyq config activate_closes true ${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0 - ${pkgs.copyq}/bin/copyq config clipboard_tab clipboard + ${pkgs.copyq}/bin/copyq config clipboard_tab \&clipboard ${pkgs.copyq}/bin/copyq config disable_tray true ${pkgs.copyq}/bin/copyq config hide_tabs true ${pkgs.copyq}/bin/copyq config hide_toolbar true -- cgit v1.2.3 From 95233bbf0ae9314d39d2642006d0e8d70f0e4a21 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2017 11:17:42 +0100 Subject: l 2: use alternate dnscrypt resolver --- lass/2configs/default.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 96f70d312..f4e4cd2cc 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -64,7 +64,10 @@ with import ; ]; } { - services.dnscrypt-proxy.enable = true; + services.dnscrypt-proxy = { + enable = true; + resolverName = "d0wn-nl-ns3"; + }; networking.extraResolvconfConf = '' name_servers='127.0.0.1' ''; -- cgit v1.2.3 From a65124b2f120412c61deb60484ad3e6d48f4d35d Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2017 11:17:57 +0100 Subject: l 2 mail: extend default keybindings --- lass/2configs/mail.nix | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index e4b319528..a08dc88da 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -66,7 +66,6 @@ let # notmuch bindings macro index \\\\ "" # looks up a hand made query - macro index A "+archive -unread -inbox\n" # tag as Archived macro index + "+*\n" # tag as starred macro index - "-*\n" # tag as unstarred @@ -75,9 +74,25 @@ let bind index d noop bind pager d noop + bind index S noop + bind index s noop bind pager S noop + bind pager s noop macro index S "-inbox -unread +junk\n" # tag as Junk mail + macro index s "-junk\n" # tag as Junk mail macro pager S "-inbox -unread +junk\n" # tag as Junk mail + macro pager s "-junk\n" # tag as Junk mail + + + bind index A noop + bind index a noop + bind pager A noop + bind pager a noop + macro index A "+archive -unread -inbox\n" # tag as Archived + macro index a "-archive\n" # tag as Archived + macro pager A "+archive -unread -inbox\n" # tag as Archived + macro pager a "-archive\n" # tag as Archived + bind index t noop bind pager t noop -- cgit v1.2.3 From 8e1bf00367ecb385a2591f3ed5c9909b1a17f4e6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2017 11:29:56 +0100 Subject: l 2 nixpkgs: c554a0c -> ade5837 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 20918d294..7f6512552 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "c554a0c97f5030a66cc81d41e1f39bff5095efba"; + ref = "ade5837"; }; } -- cgit v1.2.3 From a4076bbb895318385572fe0c5a8ee354fa755189 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2017 11:30:06 +0100 Subject: l 2 power-action: use new sudo path --- lass/2configs/power-action.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/power-action.nix b/lass/2configs/power-action.nix index f22bf451a..c7bdb525d 100644 --- a/lass/2configs/power-action.nix +++ b/lass/2configs/power-action.nix @@ -26,7 +26,7 @@ in { lowerLimit = 0; charging = false; action = pkgs.writeDash "suspend-wrapper" '' - /var/setuid-wrappers/sudo ${suspend} + /run/wrappers/bin/sudo ${suspend} ''; }; user = "lass"; -- cgit v1.2.3 From 7c6bf8f43739950a6888ebfe78e17ea3b87f9182 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2017 20:53:16 +0100 Subject: l 2 git: don't announce newest --- lass/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 3e1b2c6e3..710eb9461 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -58,7 +58,7 @@ let server = "ni.r"; verbose = config.krebs.build.host.name == "prism"; # TODO define branches in some kind of option per repo - branches = [ "master" "newest" ]; + branches = [ "master" ]; }; }; }; -- cgit v1.2.3 From 58d123406c66368a551af9c50328321103313d66 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Mar 2017 23:10:53 +0100 Subject: l 2 bepasty: add paste.krebsco.de to extDoms --- lass/2configs/bepasty.nix | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/bepasty.nix b/lass/2configs/bepasty.nix index a3c6d0f28..c2bc3f3cd 100644 --- a/lass/2configs/bepasty.nix +++ b/lass/2configs/bepasty.nix @@ -9,7 +9,10 @@ with import ; with import ; let secKey = import ; - ext-dom = "paste.lassul.us" ; + ext-doms = [ + "paste.lassul.us" + "paste.krebsco.de" + ]; in { services.nginx.enable = mkDefault true; @@ -25,16 +28,15 @@ in { defaultPermissions = "admin,list,create,read,delete"; secretKey = secKey; }; - - "${ext-dom}" = { - nginx = { - enableSSL = true; - forceSSL = true; - enableACME = true; - }; - defaultPermissions = "read"; - secretKey = secKey; + } // + genAttrs ext-doms (ext-dom: { + nginx = { + enableSSL = true; + forceSSL = true; + enableACME = true; }; - }; + defaultPermissions = "read"; + secretKey = secKey; + }); }; } -- cgit v1.2.3 From 839ffcd0ae307e514e72729701410f679874ab5b Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Mar 2017 15:09:39 +0100 Subject: l 2: add sections for cgit --- lass/2configs/git.nix | 7 +++++-- lass/2configs/repo-sync.nix | 1 + 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 710eb9461..be08d0ec1 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -32,10 +32,13 @@ let public-repos = mapAttrs make-public-repo { stockholm = { cgit.desc = "take all the computers hostage, they'll love you!"; + cgit.section = "configuration"; }; - kimsufi-check = {}; } // mapAttrs make-public-repo-silent { - the_playlist = {}; + the_playlist = { + cgit.desc = "Good Music collection + tools"; + cgit.section = "art"; + }; }; restricted-repos = mapAttrs make-restricted-repo ( diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index dfea637ed..74e508549 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -10,6 +10,7 @@ let public = true; name = mkDefault "${name}"; cgit.desc = mkDefault "mirror for ${name}"; + cgit.section = mkDefault "mirror"; hooks = mkIf announce (mkDefault { post-receive = pkgs.git-hooks.irc-announce { nick = config.networking.hostName; -- cgit v1.2.3 From 8a04d2a55ce6c4a5d0df37261a0ae7528666b16a Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 16 Mar 2017 15:09:57 +0100 Subject: l 2 websites domsen: allow send from ubikmedia.de --- lass/2configs/websites/domsen.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index daecdcd2f..fde3f7c2b 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -120,6 +120,7 @@ in { sender_domains = [ "jla-trading.com" "ubikmedia.eu" + "ubikmedia.de" ]; ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem"; ssl_key = "/var/lib/acme/lassul.us/key.pem"; -- cgit v1.2.3